Bug#915637: ITP: dh-perl6 -- debhelper add-on to simplify Perl 6 package building

[Robert Lemmen]

Package: wnpp
Severity: wishlist
Owner: Robert Lemmen 

* Package name: dh-perl6
  Version : 0.1
  Upstream Author : Robert Lemmen 
* URL : none
* License : Artistic 2.0
  Programming Lang: Perl
  Description : debhelper add-on to simplify Perl 6 package building

dh-perl6 provides a debhelper add-on called 'perl6'. This simplifies common
steps of Perl 6 package building, like postinst and postrm scripts and
communicating module dependencies to the rakudo install helpers.

This package will be team-maintained by the perl 6 folks

Re: Tainted builds (was Re: usrmerge -- plan B?)

[Ian Jackson]

Guillem Jover writes ("Re: Tainted builds (was Re: usrmerge -- plan B?)"):
> I think I'm still of the opinion that a user should be able to build on
> a normal (clean and up-to-date) system and get a proper result. I guess
> the problem might be how to define "clean". :)

And how to define "proper".  This is being discussed in more detail in
debian-policy (thread on #824495).

I like your /usr/local taints.

Ian.

-- 
Ian JacksonThese opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Re: Tainted builds (was Re: usrmerge -- plan B?)

[Ian Jackson]

Russ Allbery writes ("Re: Tainted builds (was Re: usrmerge -- plan B?)"):
> Tainted is a loaded term that may make this more confusing.

Can we think of a better term before `taint' gets embedded ?

It's going to be annoying if we have to have an argument every time we
want to capture some additional data of this kind, because someone
will pop up and say `my build system is like this and it is fine' or
whatever.

Ian.

-- 
Ian JacksonThese opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Re: Sending using my @debian.org in gmail

[Thomas Goirand]

On 11/30/18 6:57 PM, Michael Stone wrote:
> On Fri, Nov 30, 2018 at 12:49:02PM -0500, Alexandre Viau wrote:
>> It is true that others are vulnerable, but this is a choice that Debian
>> makes and it can be fixed. If we wanted, we could largely limit this
>> with more restrictive debian.org DNS records.
> 
> Yes and no. :) There would need to be a concerted push for some time to
> migrate 20+ years of legacy configurations in order for this to not
> break quite a lot.

Absoultely not. Adding some DMARC records in our DNS doesn't break any
server not checking DMARC records.

Cheers,

Thomas Goirand (zigo)

Re: Sending using my @debian.org in gmail

[Jeremy Stanley]

On 2018-12-05 14:58:08 +0100 (+0100), Thomas Goirand wrote:
> On 11/30/18 6:57 PM, Michael Stone wrote:
> > On Fri, Nov 30, 2018 at 12:49:02PM -0500, Alexandre Viau wrote:
> >> It is true that others are vulnerable, but this is a choice that Debian
> >> makes and it can be fixed. If we wanted, we could largely limit this
> >> with more restrictive debian.org DNS records.
> > 
> > Yes and no. :) There would need to be a concerted push for some time to
> > migrate 20+ years of legacy configurations in order for this to not
> > break quite a lot.
> 
> Absoultely not. Adding some DMARC records in our DNS doesn't break any
> server not checking DMARC records.

Migrating _client_ configurations/workflows to all submit via
Debian-controlled relays on the other hand would be necessary, to
avoid servers who check DMARC records rejecting messages from people
using their debian.org addresses in other ways (for example, yours
seems to have been sent through an MTA in GPLHost for relaying to
the lists.d.o MX).
-- 
Jeremy Stanley


signature.asc
Description: PGP signature

Bug#915647: ITP: node-vinyl-source-stream -- Bridge that makes it simple to use conventional text streams

[Paulo Henrique de Lima Santana (phls)]

Package: wnpp
Severity: wishlist
Owner: "Paulo Henrique de Lima Santana (phls)" 

* Package name: node-vinyl-source-stream
  Version : 2.0.0
  Upstream Author : Hugh Kennedy 
* URL : https://github.com/hughsk/vinyl-source-stream
* License : Expat
  Programming Lang: JavaScript
  Description : Bridge that makes it simple to use conventional text streams

 Use conventional text streams at the start of your gulp or vinyl pipelines,
 making for nicer interoperability with the existing npm stream ecosystem.
 .
 Take, for example, browserify. There are the gulp-browserify and gulpify
 plugins, which you can use in combination with gulp to get browserify working
 in your build. Unfortunately, these plugins come with additional overhead:
 an extra GitHub repository, npm module, maintainer, tests, semantics, etc.
 It's much simpler in this case to use the original module directly where you
 can, which is what vinyl-source-stream handles for you.

This is a Node.js module necessary to package a software name shellshare.

Bug#915651: ITP: libnss-unknown -- nss module to handle unknown uids

[Ritesh Raj Sarraf]

Package: wnpp
Severity: wishlist
Owner: Ritesh Raj Sarraf 

* Package name: libnss-unknown
  Version : 0.0.1
  Upstream Author : Sjoerd Simons 
* URL : https://gitlab.collabora.com/sjoerd/libnss-unknown
* License : LGPL
  Programming Lang: C
  Description : nss module to handle unknown uids

 nss-unknown is a small library to gracefully handle unknown uids

This small library is very useful in host <=> guest container
environments. Under certian circumstances, admins can have UIDs/GIDs
colliding inbetween hosts/guests. Certain system services (like dbus
etc) are picky and become very unhappy under such scenarios.

We primarily use this library in our environment in the guest
containers. Thus I intend to maintain it for the forseeable future.

Re: Bug#915647: ITP: node-vinyl-source-stream -- Bridge that makes it simple to use conventional text streams

[Paolo Greppi]

Il 05/12/18 16:13, Paulo Henrique de Lima Santana (phls) ha scritto:
> Package: wnpp
> Severity: wishlist
> Owner: "Paulo Henrique de Lima Santana (phls)" 
> 
> * Package name: node-vinyl-source-stream
>   Version : 2.0.0
>   Upstream Author : Hugh Kennedy 
> * URL : https://github.com/hughsk/vinyl-source-stream
> * License : Expat
>   Programming Lang: JavaScript
>   Description : Bridge that makes it simple to use conventional text 
> streams
> 
>  Use conventional text streams at the start of your gulp or vinyl pipelines,
>  making for nicer interoperability with the existing npm stream ecosystem.
>  .
>  Take, for example, browserify. There are the gulp-browserify and gulpify
>  plugins, which you can use in combination with gulp to get browserify working
>  in your build. Unfortunately, these plugins come with additional overhead:
>  an extra GitHub repository, npm module, maintainer, tests, semantics, etc.
>  It's much simpler in this case to use the original module directly where you
>  can, which is what vinyl-source-stream handles for you.
> 
> This is a Node.js module necessary to package a software name shellshare.

This is a simple module (single ES5 file, 26 LOC according to sloccount, no 
build steps required).
Although on npm register (https://www.npmjs.com/package/vinyl-source-stream) it 
has 767 dependents, until now we managed to avoid packaging it in Debian 
(https://codesearch.debian.net/search?q=vinyl-source-stream).

Possibly you can skip it too, by tweaking the gulpfile.js; but if you really 
need it, it could a good candidate for embedding, see:
https://wiki.debian.org/Javascript/Nodejs/Npm2Deb#Embedding_some_modules
https://wiki.debian.org/Javascript/GroupSourcesTutorial

Please get in touch with the JS team on 
pkg-javascript-de...@alioth-lists.debian.net if you need assistance.

Paolo
 

Bug#915656: ITP: siconos -- modeling and simulation of nonsmooth dynamical systems

[Stephen Sinclair]

Package: wnpp
Severity: wishlist
Owner: Stephen Sinclair 

* Package name: siconos
  Version : 4.2.0+git20181026.0ee5349
  Upstream Author : Siconos development team 

* URL : http://siconos.gforge.inria.fr
* License : Apache
  Programming Lang: C, C++, Python
  Description : modeling and simulation of nonsmooth dynamical systems

Siconos is an open-source scientific software primarily targeted at
modeling and simulating nonsmooth dynamical systems in C++ and in
Python:
  * Mechanical systems (rigid or solid) with unilateral contact and
Coulomb friction and impact (nonsmooth mechanics, contact dynamics,
multibody systems dynamics or granular materials).
  * Switched Electrical Circuit such as electrical circuits with ideal
and piecewise linear components: power converter, rectifier,
Phase-Locked Loop (PLL) or Analog-to-Digital converter.
  * Sliding mode control systems.
  * Biology (Gene regulatory network).
Other applications are found in Systems and Control (hybrid systems,
differential inclusions, optimal control with state constraints),
Optimization (Complementarity systems and Variational inequalities),
Fluid Mechanics, and Computer Graphics.

I propose this package for maintenance under the Debian Science team,
of which I am a guest member, and I plan to continue maintaining this
package for the foreseeable future.

Re: Bug#915647: ITP: node-vinyl-source-stream -- Bridge that makes it simple to use conventional text streams

[Paulo Henrique Santana]

HI,

  On Wed, 05 Dec 2018 13:44:49 -0200 Paolo Greppi  
wrote  
 >  
 > This is a simple module (single ES5 file, 26 LOC according to sloccount, no 
 > build steps required). 
 > Although on npm register (https://www.npmjs.com/package/vinyl-source-stream) 
 > it has 767 dependents, until now we managed to avoid packaging it in Debian 
 > (https://codesearch.debian.net/search?q=vinyl-source-stream). 
 >  
 > Possibly you can skip it too, by tweaking the gulpfile.js; but if you really 
 > need it, it could a good candidate for embedding, see: 
 > https://wiki.debian.org/Javascript/Nodejs/Npm2Deb#Embedding_some_modules 
 > https://wiki.debian.org/Javascript/GroupSourcesTutorial 
 >  
 > Please get in touch with the JS team on 
 > pkg-javascript-de...@alioth-lists.debian.net if you need assistance. 

Thanks Paolo, I talked with yadd on irc channel and it is clear to me now.

Best regards.

-
Paulo Henrique de Lima Santana (phls) 
Curitiba - Brasil 
Debian Maintainer
Diretor do Instituto para Conservação de Tecnologias Livres
Membro da Comunidade Curitiba Livre
Site: http://www.phls.com.br 
GNU/Linux user: 228719  GPG ID: 0443C450

Organizador da DebConf19 - Conferência Mundial de Desenvolvedores(as) Debian
Curitiba - 21 a 28 de julho de 2019
http://debconf19.debconf.org

Bug#915660: ITP: keyman-keyboardprocessor -- Keyman keyboard processing library

[Daniel Glassey]

Package: wnpp
Severity: wishlist
Owner: Daniel Glassey 

* Package name: keyman-keyboardprocessor
  Version : 0.0.0
  Upstream Author : SIL International 
* URL : http://www.keyman.com
* License : MIT/X
  Programming Lang: C, C++
  Description : Keyman keyboard processing library

 Originally created in 1993 to type Lao on Windows, Keyman is now a free and
 open source keyboarding platform which allows anyone to write a keyboard layout
 for their language. Keyman is available for many platforms, including Windows,
 macOS, iOS, Android, Linux and the web.
 .
 Keyboard layouts are defined with a clear and easy to understand keyboard
 grammar. Keyman's contextual input model means keyboard layouts can be
 intelligent and make it simple to type even the most complex languages.
 Keyboard layouts are distributed through an open catalog to all major desktop
 and mobile platforms.
 .
 The Keyman keyboardprocessor library processes input from input method engines
 and applies rules from compiled Keyman 11 or earlier kmx keyboard files.

---

This is the core cross-platform keyboard processing library of Keyman.
It is used by ibus-keyman, the IBus engine for Keyman, and can be used
by other input method systems.

I will maintain it in the Debian Input Method Team.

It is nearing the end of the alpha phase so I will initially upload it to
experimental until the final changes are made to the API. I'm still hoping
for it to be finished before the freeze.

Regards,
Daniel

Re: Sending using my @debian.org in gmail

[Russ Allbery]

Jeremy Stanley  writes:
> On 2018-12-05 14:58:08 +0100 (+0100), Thomas Goirand wrote:

>> Absoultely not. Adding some DMARC records in our DNS doesn't break any
>> server not checking DMARC records.

> Migrating _client_ configurations/workflows to all submit via
> Debian-controlled relays on the other hand would be necessary, to
> avoid servers who check DMARC records rejecting messages from people
> using their debian.org addresses in other ways (for example, yours
> seems to have been sent through an MTA in GPLHost for relaying to
> the lists.d.o MX).

Right, the whole point of DMARC is to say that messages from a given
domain only originate from a small and well-defined set of servers, or
from servers with access to specific private key material.

Right now, people can use their debian.org address and send mail from
anywhere.  For example, this message is being sent from my personal
servers and, were it not addressed to a Debian mailing list, would not go
anywhere near Debian infrastructure.

If we're not going to require that anyone sending mail from a debian.org
address do so through project infrastructure (which is a large change),
there's basically no point in doing anything with DMARC.  It would only
increase the chances that mail not sent through Debian infrastructure
would be rejected by over-aggressive implementations that treat unknown as
failure.

Whether we want to continue to support that use case is certainly
something we can ask, and balance against the benefits of setting up
proper DMARC, SPF, DKIM, and so forth.  The advantage would be that
project mail might be more reliably deliverable, and we would allow
receiving systems to discard more forged spam.  The disadvantage is that
setting up infrastructure, documentation, and client configuration to send
all mail from debian.org addresses through project infrastructure would be
a lot of work, particularly since I'm sure that, in the grand Debian
tradition, there are at least as many ways we all send mail as there are
Debian developers.

-- 
Russ Allbery (r...@debian.org)   

Server for system update of Debian in Sweden ?

[FlemmingChristensen]

Hi
My installed Debian version 9.5, is set up to use a Debian mirror in Denmark, 
which it also uses automatically when I install packages.

When I make a system update, it will automatically connects to a Swedish server 
with the address 151.101.84.133 SKYCA-3 Sweden. Is that OK?

Flemming Christensen
Denmark
--
lcf 

Re: Server for system update of Debian in Sweden ?

[Adam Borowski]

On Wed, Dec 05, 2018 at 05:42:32PM +, FlemmingChristensen wrote:
> Hi
> My installed Debian version 9.5, is set up to use a Debian mirror in
> Denmark, which it also uses automatically when I install packages.
> 
> When I make a system update, it will automatically connects to a Swedish
> server with the address 151.101.84.133 SKYCA-3 Sweden.  Is that OK?

The mirror to use is configured in /etc/apt/sources.list -- or, on some
derivatives in files under /etc/apt/sources.list.d/

You can edit it to choose any mirror you want.  It's also possible it's set
to deb.debian.org which is a CDN that tries to detect something appropriate
for you -- but often picks something closeness-challenged.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀ 
⣾⠁⢠⠒⠀⣿⡁ Ivan was a worldly man: born in St. Petersburg, raised in
⢿⡄⠘⠷⠚⠋⠀ Petrograd, lived most of his life in Leningrad, then returned
⠈⠳⣄ to the city of his birth to die.

Re: call for epoch (was Re: Bug#915553: ITP: pd-csound -- Csound external for Pure Data)

[Paul Gevers]

Hi,

On 04-12-2018 20:03, IOhannes m zmölnig (Debian/GNU) wrote:
> as mandated by the policy, i'd like to discuss, whether an epoch bump
> for the new source package "pd-csound" (to be "2:1.01.0-1") is
> warranted, or indeed a good idea.

Can at least the source package not carry the any special epoch, or is
that too confusing?

Paul




signature.asc
Description: OpenPGP digital signature

Server for system update of Debian in Sweden ?

[lcf]

Hi

My installed Debian version 9.5, is set up to use a Debian mirror in Denmark, 
which it also uses automatically when I install packages.

When I make a system update, it automatically connects to a Swedish server with 
the address 151.101.84.133 SKYCA-3 Sweden. Is that OK?


Flemming Christensen
Denmark
-- 
lcf 

Re: call for epoch (was Re: Bug#915553: ITP: pd-csound -- Csound external for Pure Data)

[Sean Whitton]

Hello,

On Tue 04 Dec 2018 at 10:35PM GMT, Simon McVittie wrote:

>> There already is an epoch, you can't remove it.  On the other hand, with the
>> damage already done, there's little reason not to bump it.
>
> That's also a reasonable factor to take into account, and in this case
> it leads to the same conclusion.

Indeed, although it should be noted that Policy does require -devel
consultation even for a bump (as IOhannes is clearly aware).

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#915677: ITP: python-dicteval -- Library to evaluate expressions in dict/json objects

[Paulo Henrique de Lima Santana (phls)]

Package: wnpp
Severity: wishlist
Owner: "Paulo Henrique de Lima Santana (phls)" 

* Package name: python-dicteval
  Version : 0.0.6
  Upstream Author : Osvaldo Santana Neto 
* URL : https://github.com/osantana/dicteval
* License : Expat
  Programming Lang: Python
  Description : Library to evaluate expressions in dict/json objects

 Module dicteval will evaluate basic types with no modifications but it will
 evaluate dicts (or json objects) containing keys started with = (equal)
 symbol. You can provide a dictionary with context to be used during
 evaluation process. You can also wrap your string content with @{} to force
 a Python eval() with the context provided.

Re: Server for system update of Debian in Sweden ?

[Paul Wise]

On Thu, Dec 6, 2018 at 2:00 AM Flemming Christensen wrote:

> Server for system update of Debian in Sweden ?


In future, please ask these sort of questions on the user support channels:

https://www.debian.org/support

> My installed Debian version 9.5, is set up to use a Debian mirror in Denmark, 
> which it also uses automatically when I install packages.
>
> When I make a system update, it will automatically connects to a Swedish 
> server with the address 151.101.84.133 SKYCA-3 Sweden. Is that OK?

This IP address is a Fastly CDN node. So I assume you are not using a
specific Debian mirror in Denmark but are instead using
deb.debian.org, which is backed by the Fastly CDN. If your system is
likely to move to different places, using the CDN is the best option
since it should be available close to anywhere you might travel. If
your system is a server or is unlikely to change location, you might
like to use the Debian mirror provided by your ISP or one of the
closer mirrors such as ftp.dk.debian.org. Please note that in case of
downtime, ftp.dk.d.o could be repointed to other mirrors.

https://www.debian.org/mirror/list
https://mirror-master.debian.org/status/mirror-hierarchy.html

-- 
bye,
pabs

https://wiki.debian.org/PaulWise