Re: Question about source tarballs for packaging
Hi Joshua, Quoting Joshua Peisach (2021-10-10 23:40:54) > we will have to build on weekly tags rather than the current '0.2.4' > tag. Here is the issue. uscan and gbp aren't happy with the tag > because by all means, it isn't a number. One option is to track git commits organized by date, using a watch file like this: >>> debian/watch >>> # version=4 # check: uscan --report # update: gbp import-orig --upstream-vcs-tag=vX.Y.Z --uscan opts=\ mode=git,pgpmode=none,pretty=0.2.4+%cd \ https://github.com/sctplab/usrsctp HEAD <<< debian/watch <<< - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: signature
Bug#996100: ITP: tclsoldout -- Tcl wrapper for libsoldout, a markdown parser library
Package: wnpp Severity: wishlist Owner: Massimo Manghi X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: tclsoldout Version : 0.1.1 Upstream Author : Svyatoslav Mishin * URL : https://git.juef.net/archive/tclsoldout/ * License : ISC Programming Lang: C Description : Tcl wrapper for libsoldout, a markdown parser library tclsoldout extends Tcl providing new commands to parse and process markdown text. Tclsoldout current version creates 2 new commands . + ::soldout::mk2html - markdown to HTML processor + ::soldout::mk2xhtml - markdown to XHTML processor . tclsoldout also provides ::soldout::escape_string, its own utility to convert SGML characters into their HTML entities. The package endows the Tcl shell with commands that implement easy to use markdown processors. I'm going to ask the DDs who already are sponsoring several other packages I've been maintaining over the last 11 years to accept to sponsor also this package which has a very simple structure: basically a single C language file, as the libsoldout files shipped in the upstream tar ball are actually not needed to build it since Debian is already providing the libsoldout-dev package Firma il tuo 5x1000 all’Università di Parma, aiutaci a essere sempre più accoglienti e inclusivi verso le nostre studentesse e i nostri studenti - Indica 00308780345 nella tua denuncia dei redditi.
Re: Bug#995722: Not running tests because tests miss source code is not useful
Le 10/10/2021 à 15:36, Kristian Nielsen a écrit : > Julien Puydt writes: > >> There was the case years ago of the smarteiffel compiler. It was supposed >> to be open source, but upstream only released C code. And that was bad, >> because it wasn't what *they* worked with: they had eiffel sources, and the >> C code was preprocessed and didn't allow/permit bootstrapping. It took some > > This is a good example, because it shows how "source code" is defined by > what upstream development uses, not merely by users being able to compile > the released code. > > But the situation here seems to be the opposite: The minified javascript > *is* what *they* (upstream developers) work with. They don't have a secret > unpublished build system to generate the minification from unpublished > sources. Presumably, if they need to update it, they would replace it with a > new minified file obtained from a newer release of that project. Or as has > been mentioned, the test might be testing a problem against that very > specific version of the javascript minification, in which case it will never > be changed at all - as that would instead be the addition of a separate > testcase. > > Thus, the minified file *is* the preferred (by the upstream developers) form > of the work for making modifications to it. Which is how source code is > defined in the GPL, for example. It seems wrong to me to define "source > code" as something that the upstream development does not use and which > doesn't actually exist anywhere. > > As an extreme example, some people prefer Rust to C, but that does not mean > that a C program must be re-written in Rust to satisfy the "preferred form > of work" condition for source code. > > This still leaves the Vendoring problem. Even if we consider the minified > javascript "source" in the context of the upstream development, it obviously > isn't source in the context of the original javascript library project. If > the javascript library is GPL, for example, it will require the availability > of the correct version of the source code along with the minification. > > I think there is a subtle but important distinction here: > > 1. A program not being free because it is missing what upstream developers > consider "source" (as in the smarteiffel example). > > 2. A program being unsuitable for debian because it is developed in a way > that effectively requires Vendoring of sources of dependencies. > > - Kristian. For now: $ cat tags/s/source-contains-prebuilt-javascript-object.tag Tag: source-contains-prebuilt-javascript-object Severity: pedantic Check: cruft Explanation: The source tarball contains a prebuilt (minified) JavaScript object. They are usually left by mistake when generating the tarball by not cleaning the source directory first. You may want to report this as an upstream bug, in case there is no sign that this was intended. Following this discussion, it should be a "Severity: error", shouldn't it?
Re: Bug#995722: Not running tests because tests miss source code is not useful
On 2021-10-11 11:20:03 +0200 (+0200), Yadd wrote: [...] > For now: > > $ cat tags/s/source-contains-prebuilt-javascript-object.tag > Tag: source-contains-prebuilt-javascript-object > Severity: pedantic > Check: cruft > Explanation: The source tarball contains a prebuilt (minified) >JavaScript object. >They are usually left by mistake when generating the tarball by not >cleaning the source directory first. You may want to report this as >an upstream bug, in case there is no sign that this was intended. > > Following this discussion, it should be a "Severity: error", > shouldn't it? I expect it would only be an error if the original source code for it is not also included somewhere in main (either in the same source package or another one), though how to be certain of that is a topic for debate. If the upstream project developers assert the object was built from a specific source and that source is available/included, then it's up to the package maintainer to determine whether they can be trusted in that regard or the upstream release needs to be repacked to strip it out for fear that's not actually true. Either way, the object really shouldn't be copied into the binary package though, and should be rebuilt at package build time instead in order to confirm all of the compiled form can be built exclusively with tools available in main. -- Jeremy Stanley signature.asc Description: PGP signature
Bug#996178: ITP: libwikidata-toolkit-java -- Wikidata Toolkit
Package: wnpp Severity: wishlist Owner: Markus Koschany X-Debbugs-Cc: debian-devel@lists.debian.org, a...@debian.org, debian-j...@lists.debian.org * Package name: libwikidata-toolkit-java Version : 0.12.1 Upstream Author : Markus Kroetzsch, Julian Mendez, Fredo Erxleben, Michael Guenther, Markus Damm, Antonin Delpeuch, Thomas Pellissier Tanon and other contributors * URL : https://www.mediawiki.org/wiki/Wikidata_Toolkit * License : Apache License 2.0 Programming Lang: Java Description : Wikidata Toolkit Wikidata Toolkit is a Java library for accessing Wikidata and other Wikibase installations. It can be used to create bots, to perform data extraction tasks (e.g., convert all data in Wikidata to a new format), and to do large-scale analyses that are too complex for using a simple SPARQL query service. libwikidata-toolkit-java is a new build-dependency of openrefine.
Bug#996179: ITP: libokhttp-signpost-java -- Signpost extension for signing OkHttp requests
Package: wnpp Severity: wishlist Owner: Markus Koschany X-Debbugs-Cc: debian-devel@lists.debian.org, a...@debian.org, debian-j...@lists.debian.org * Package name: libokhttp-signpost-java Version : 1.1.0-1 Upstream Author : Patrik Åkerfeldt * URL : http://github.com/pakerfeldt/okhttp-signpost/ * License : Apache-2.0 Programming Lang: Java Description : Signpost extension for signing OkHttp requests Signpost is the easy and intuitive solution for signing HTTP messages on the Java platform in conformance with the OAuth Core 1.0a standard. This library is a Signpost extension for the OkHttp HTTP client.
Bug#996180: ITP: google-api-services-drive-java -- Google Drive API Client Library for Java
Package: wnpp Severity: wishlist Owner: Markus Koschany X-Debbugs-Cc: debian-devel@lists.debian.org, a...@debian.org, debian-j...@lists.debian.org * Package name: google-api-services-drive-java Version : 1.32.1-1 Upstream Author : Google Inc. * URL : https://github.com/googleapis/google-api-java-client-services * License : Apache-2.0 Programming Lang: Java Description : Google Drive API Client Library for Java Manages files in Google Drive, a file storage and synchronization service, including uploading, downloading, searching, detecting changes, and updating sharing permissions. This is a new dependency of openrefine.
Bug#996182: ITP: google-api-services-sheets-java -- Google Sheets API Client Library for Java
Package: wnpp Severity: wishlist Owner: Markus Koschany X-Debbugs-Cc: debian-devel@lists.debian.org, a...@debian.org, debian-j...@lists.debian.org * Package name: google-api-services-sheets-java Version : 1.32.1-1 Upstream Author : Google * URL : https://github.com/googleapis/google-api-java-client-services * License : Apache-2.0 Programming Lang: Java Description : Google Sheets API Client Library for Java Google Sheets is a spreadsheet program included as part of the web-based Google Docs Editors suite offered by Google. This library allows developers to read and write Google Sheets.
Bug#996185: ITP: libhttp-link-perl -- RFC 5988 web linking
Package: wnpp Severity: wishlist Owner: Jonas Smedegaard X-Debbugs-Cc: debian-devel@lists.debian.org, Debian Perl Group -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libhttp-link-perl Version : 0.001 Upstream Author : David Zurborg * URL : * License : ISC Programming Lang: Perl Description : RFC 5988 web linking HTTP::Link is a perl library implementing resolving and parsing HTTP link relations as defined in RFC 5988. . A link relation is a descriptive attribute attached to a hyperlink in order to define the type of the link, or the relationship between the source and destination resources. This package will be team-maintained in the Debian Perl team. It is needed for libweb-solid-auth-perl. - Jonas -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmFkrmwACgkQLHwxRsGg ASH/DBAArrMdq227ppfIz+Pwt2gLoxy3p0NA2JLKqCjez+GwhkXSqUWe468W75Tm SgGRtHCvE5PxKlhigNMGGJNl2whrBIE9nv9Bg/ijZZZVVTD9IULXBNXdI/zMHygh a5G0B0yURJLsGTEDzHpn+utEXiYCA2EMaZ1bmfn55vgT3PdBTjbElKheypHwQ4FB qs3dxFPWxA7TJZtoL+tlqoOAWspb/jNXhCR5pT69iyVFDLhbDWiEyCSrss8yLLod 2tLHAKZ2haDNlO89QHU1ry5XoJRfThTS6odeUrlYapzF3/deARp0+aR8Z1Zy5NcE KcdfeDI8tNO7e6wP3CE8cHQh2j0um/42ulCsOfK+b1M77yKjBxyX1vaDIkS4P27W ajYZ4PD4mpWsZ6LlYig66RfYZeOFYgneQ3xtfcrnSPRi5f1WlCd4hcy0zFkzlk/t C2/a77KMDCU44w06n7dM6lfnWt4XKKb9RY1j5RRkLxMe3lb2TKqJsgsv+qesAvjN PioecoLsB7E+ng/oCBxBWJtleJLFS+iF+PjmNYqlZaurFymN1ndW/bZSOz3TZZbI aoR1STjZA+ajkr1SOHuyV6vVieWkhtpFplMdnrZihugWTakzov424eHVzEy545Zc fx1KSL/+jhFwwBcozfj2/nO3IZh8MUswjq7tbTvv+k0jJlV7bRU= =sNqr -END PGP SIGNATURE-
Bug#996186: ITP: libweb-solid-auth-perl -- Solid authentication perl library
Package: wnpp Severity: wishlist Owner: Jonas Smedegaard X-Debbugs-Cc: debian-devel@lists.debian.org, Debian Perl Group -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libweb-solid-auth-perl Version : 0.5 Upstream Author : Patrick Hochstenbach * URL : https://metacpan.org/release/Web-Solid-Auth * License : Artistic or GPL-1+ Programming Lang: Perl Description : Solid authentication perl library Web::Solid::Auth is a Solid-OIDC implementation of a connection class for the Solid server. . Solid is a specification that lets people store their data securely in decentralized data stores called Pods. Pods are like secure personal web servers for data. When data is stored in someone's Pod, they control which people and applications can access it. This package will be team-maintained in the Debian Perl team. - Jonas -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmFkpWoACgkQLHwxRsGg ASFyVw/9G8VYNjiP5EQgXCY/JWp7uQVUbjtszjOSZO9un9UGnQI9dZEwnK+VGM1G U/C1FSShhTR6Zqa194SnJ7UEOkwp1PzlmJtiue9Nj0zGtj6MvfPrZMXchkiERYIZ HrstTwEqURihqWy4eCypUXslqJzXt9g3s1GEfiYPXivvr048tqHj5RVC/Sz5HptW hQ1AQo3UKDWdpiLbYmdvZmr1tQD2pQvJBFU2yhL6e+LoeYmEOVwbGQr3s+2sr9zD Pn+QrPnVO2AxgxZFaOwq7+7aDdvzt5VWTaSpuK4XGW5Pabj8/sOP5WRgmE+fa12H 8IKroBg5GfZHSrie59Q1k/N/I25d66vimJ2i2yrTcir4REThoysL35CxiO5p7Pkl pVODnHYvXbVWdayMSHWSy8vqIFQ84caY3HQZ1VCO0RlED90wmzV0xIoS5ctYwBCS HCzPmFOZA+lrqtzp9BJKyEuIuEIBxaoLc6ODGFmE3vUHYOhQoGryVR65K8Pfm+KW 2OG7TSJQmt2ApMQhOGg34aN0kkT1RCG2ccz63QUsI+JnbuwMWizQJIGJdy1L1Kv8 +jC8bFkI+TB5/mtzNebVISynrSRLebSBUuw//DzxT3F4/d8RbvnEf1Tda7LZrxK9 GdfjqXSFdYzKJtp3EeVz756sng8vmNYy4RdPrOvvND9/+YgBoXU= =U5bB -END PGP SIGNATURE-
Bug#996187: ITP: libmime-ecoencode-perl -- MIME encoding (economical)
Package: wnpp Severity: wishlist Owner: Jonas Smedegaard X-Debbugs-Cc: debian-devel@lists.debian.org, Debian Perl Group -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libmime-ecoencode-perl Version : 0.95 Upstream Author : MURATA Yasuhisa * URL : https://metacpan.org/release/MIME-EcoEncode * License : Artistic or GPL-1+ Programming Lang: Perl Description : MIME encoding (economical) MIME::EcoEncode implements MIME encoded-word syntax as defined in RFC 2047. . MIME encoded-word syntax uses a string of ASCII characters indicating both the original character encoding (the "charset") and the content-transfer-encoding used to map the bytes of the charset into ASCII characters. This package will be team-maintained by the Debian Perl team. It is needed by libhttp-link-perl. - Jonas -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmFktHIACgkQLHwxRsGg ASFZ7Q//WwdSvr5EbjRC6OPRCO8SbyZY17+jLfGsDwbOFBSwGdH5fW2Pz0RzKgv2 6a1g/IJ0vWc6jUgB4NP7fcaY+nahtooLn9jv4UR2UY1R2b/MmSX+0FUNijlOcIZC YM/Ob3Cimrl63U579Yhjji5IkvActpdOPytJUCk6GC2co9TrC8sNhtIWCymSD4GS 5nnHWJYk3iu4iXxgd/RF8OELwwNOv4AO/005e416TiSFmNYVXynfz2h3LYfSSR0n uZ4JTEtvGeTU0yJGJ4fG/RAMFsdRJoRQSFt/gE3iJ3WB8TpJUYAbV0W/vxo3BjuK nq6aS/7kf1c4TccIAcECKzdiJ8vfbzivRacqOyn91zm+nrH7JFbCBYippeLxfP0w JrnDl+IDYJgDApLgwH5BSLckXLisowui/GdI0gPU5oClS06KjUWWYDkFisvVBrO3 uH+IoX4j8KF2VsPiAO5/ge8GRMUp65CzTVr4Y9B86a/gqo25QcvJ6uMTcjZTeK29 mS5DAPPNRujt9XYCrkAx9pwH/rUBUanNIamMswlRh16yGFavebBifPGJFse47+zu u7humZGXcZjgaQFsji0I4pV8bKaIWppJzkWRxDAb+7mNavepKC4H8+Nx3fPakWLR c1dd5W0pRpFK+wOKJKZ0jQhfgXs4VHa7EOF290DqpAajnky+dJM= =E25G -END PGP SIGNATURE-
Bug#996190: ITP: python-log-symbols -- Colored symbols for various log levels in Python3
Package: wnpp Severity: wishlist Owner: Nobuhiro Iwamatsu X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: python-log-symbols Version : 0.0.14 Upstream Author : Manraj Singh * URL : https://github.com/manrajgrover/py-log-symbols * License : Expat Programming Lang: Python Description : Colored symbols for various log levels in Python3 Library that displays colored symbols for various log levels on terminal in Python3.
Bug#996191: ITP: python-halo -- Beautiful terminal spinners library for Python3
Package: wnpp Severity: wishlist Owner: Nobuhiro Iwamatsu X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: python-halo Version : 0.0.31 Upstream Author : Manraj Singh * URL : https://github.com/manrajgrover/halo * License : Expat Programming Lang: Python Description : Beautiful terminal spinners library for Python3 Library that displays spinner (loading, processing during processing, etc.) on terminal in Python3.
