Bug#1101362: ITP: golang-github-google-go-tspi -- TPM TSPI bindings for golang

[Simon Josefsson]

Package: wnpp
Severity: wishlist
Owner: Simon Josefsson 

* Package name: golang-github-google-go-tspi
  Version : 0.3.0-1
  Upstream Author : Google
* URL : https://github.com/google/go-tspi
* License : Apache-2.0
  Programming Lang: Go
  Description : TSPI bindings for golang

 go-tspi - Go bindings and support code for libtspi and tpm communication
 .
 Build Status (Travis) (https://travis-ci.org/google/go-tspi)
 .
 This is a library providing a set of bindings for communication between
 code written in Go and libtspi, the library responsible for providing a
 TPM control interface. It consists of the following components:

https://salsa.debian.org/go-team/packages/golang-github-google-go-tspi
https://salsa.debian.org/jas/golang-github-google-go-tspi/-/pipelines/

/Simon


signature.asc
Description: PGP signature

Bug#1101365: RFH: ifupdown -- high level tools to configure network interfaces

[Santiago Ruano Rincón]

Package: wnpp
Severity: normal
X-Debbugs-Cc: ifupd...@packages.debian.org, debian-devel@lists.debian.org
Control: affects -1 + src:ifupdown

I request assistance with maintaining the ifupdown package.

The package description is:
 This package provides the tools ifup and ifdown which may be used to
 configure (or, respectively, deconfigure) network interfaces based on
 interface definitions in the file /etc/network/interfaces.

While my *personal* interest remains to replace ifupdown with
ifupdown-ng (when it gets ready as a drop-in replacement), there are
some open issues in ifupdown that it would be great to solve in the
meantime. Please, don't hesiteate to jump in to help maintaining it!

Cheers,

 -- Santiago


signature.asc
Description: PGP signature

Bug#1101366: RFH: ifupdown -- high level tools to configure network interfaces

[Martin-Éric Racine]

Package: wnpp
Severity: normal
X-Debbugs-Cc: ifupd...@packages.debian.org, debian-devel@lists.debian.org, 
martin-eric.rac...@iki.fi
Control: affects -1 + src:ifupdown

We request assistance with maintaining the ifupdown package.

The package description is:
 This package provides the tools ifup and ifdown which may be used to
 configure (or, respectively, deconfigure) network interfaces based on
 interface definitions in the file /etc/network/interfaces.

The primary maintainer (josue) is essentially MIA, while the secondary 
maintainer (santiago) currently has no time to devote to the package's 
maintenance.

At the very least, outstanding bugs with patches need to be triaged, and the 
command options we pass to the new default DHCP client (dhcpcd-base) have to be 
tweaked on time for the Trixie release.

Martin-Éric

Bug#1101373: ITP: python-pytest-shell-utilities -- fixtures and code to help with running shell commands on tests

[Michael Fladischer]

Package: wnpp
Severity: wishlist
Owner: Michael Fladischer 
X-Debbugs-Cc: debian-devel@lists.debian.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: python-pytest-shell-utilities
  Version : 1.9.7
  Upstream Contact: Pedro Algarvio 
* URL : https://github.com/saltstack/pytest-shell-utilities
* License : Apache-2
  Programming Lang: Python
  Description : fixtures and code to help with running shell commands on 
tests

 This pytest plugin provides a basic fixture shell which uses subprocess.Popen
 to run commands against the running system on a shell while providing a nice
 assert'able return class.

I intend to maintain it as part of the DPT.

-BEGIN PGP SIGNATURE-

iQFPBAEBCgA5FiEEqVSlRXW87UkkCnJc/9PIi5l90WoFAmfkNuUbHGZsYWRpc2No
ZXJtaWNoYWVsQGZsYWRpLmF0AAoJEP/TyIuZfdFqWzMH/0FmQtGnWhZTC/0VkPR+
U/kAouw6j0RIHT/JWXhMKNnpEPB4nSFFRdsHPPp9t0w8IpqgcuYnXKI2sKbU/AJE
F7mf7OMnLsEMucLAjaMzP1+y6TWPfNGpkLBZ+/EbvBkIYrdBoVyUSnhgdC4F/wja
jBzxiZztHqOSRqq9os4A5gZLR1+H/ZUpDhGTQhQTDbZVsa8xiE25gZKbacl2hc8X
3bcmE4kHtjil1/yxnNi1VAmbCBL3qG5kz5wraynD417U4GJmkUfUBbxdr/mldNSr
eX2lpqn4Rj1/mBzBrYpEButLdsX7NE1vIoAcUpQ4JqQQGIqvCNW6zrQ7vNmrG9hW
vmU=
=zAgo
-END PGP SIGNATURE-

Re: General Questions about Translations and what a package maintainer has to do

[Marc Haber]

On Tue, 25 Mar 2025 21:26:05 +, Bill Allombert
 wrote:
>Le Tue, Mar 11, 2025 at 12:03:51PM +0100, Marc Haber a écrit :
>> tl;dr: We need more docs about best practices to handle translations as 
>> a package maintainer
>
>I would suggest you find someone on debian-i18n willing to handle translations 
>for
>adduser for you and give them commit access.

That's how I tried, that just ended up in more chaos, leading up to my
fuse blowing and trying to understand what happens.

>That is how popularity-translation translation have been handled for a long 
>time
>(thanks, Christian Perrier, I learned everything about translations
>handling this way!)

It should stil be documented for mortals to understand.

Greetings
Marc
-- 

Marc Haber |   " Questions are the | Mailadresse im Header
Rhein-Neckar, DE   | Beginning of Wisdom " | 
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 6224 1600402

Re: Towards DEP-14 acceptance and recently proposed changes

[Guido Günther]

Hi,
On Thu, Mar 20, 2025 at 06:10:35PM +0100, Raphael Hertzog wrote:
> [ Adding Guido in copy, replying to an old mail ]
> 
> Hello Gregor,
> 
> On Sun, 12 Jan 2025, gregor herrmann wrote:
> > On Sat, 11 Jan 2025 12:00:27 +0100, Raphael Hertzog wrote:
> > 
> > > Given that the "upstream" branch name cames from the git-buildpackage and
> > > that it's git-buildpackage which introduced "upstreamvcs", it seems fair
> > > to me to standardize on this name.
> > 
> > In theory, yes. In pratice, quoting myself:
> > 
> > | As a data point, the Debian Perl Group is using "upstream-repo" for
> > | this additional remote in its tools since December 2013.
> > 
> > Not that one is better than the other, and although I like to follow
> > git-buildpackage in general, having to change the names on 4000+
> > remotes on dozens of developers' machine is annoying.
> 
> I can certainly sympathize with that. I don't have any strong personal
> preference in the name but since the goal is to standardize across tools,
> we need to pick one.
> 
> Can you point out which tools in the Perl group use that remote name?
> How easy is it to tweak those tools to perform the rename of the remote
> in some dynamic fashion?
> 
> I mean "git remote rename upstream-repo upstreamvcs" could be called
> automatically by a newer version of your tools. Or a more complex set
> of commands that would duplicate the remote instead of renaming it.
> 
> On the other side, we could check whether Guido would be willing to update
> git-buildpackage to use "upstream-repo" as default? I don't know since
> when "uptsreamvcs" is a thing and whether changing the default again would
> have serious drawbacks.

The work within gbp is almost zero. I'm aware of some scripts that rely
on the naming though and we don't know what else exists outside of gbp
(and there's also users outside Debian) so if we don't *have* to change
the name that would be better.

Cheers,
 -- Guido

> 
> But if I have to pick one or the other name, I'm more inclined to follow
> the lead of git-buildpackage since it's more widely used than the above
> helper tools of the Perl team.
> 
> Have a nice day!
> -- 
>   ⢀⣴⠾⠻⢶⣦⠀   Raphaël Hertzog 
>   ⣾⠁⢠⠒⠀⣿⡁
>   ⢿⡄⠘⠷⠚⠋The Debian Handbook: https://debian-handbook.info/get/
>   ⠈⠳⣄   Debian Long Term Support: https://deb.li/LTS

Bug#1101376: ITP: package-assembler -- CLI tool to create necessary files for a Debian package

[Luka Kubat]

Package: wnpp
Severity: wishlist
Owner: Luka Kubat 
X-Debbugs-Cc: debian-devel@lists.debian.org, crypticvers...@gmail.com

* Package name: package-assembler
  Version : 1.0.0
  Upstream Contact: Luka Kubat 
* URL : https://github.com/Crypticverse/package-assembler
* License : GPL-3
  Programming Lang: Python
  Description : CLI tool to create necessary files for a Debian package

The CLI tool simplifies the creation and modification of necessary metadata 
files
for building and creating Debian packages. Based on user input, it can generate 
the control,
changelog, and other needed files. There are a few options when running this 
tool: Create
a new package, or add a new changelog entry using dch.

Re: OpenPGP certificates with SHA-1 issues in Debian keyrings

[Christoph Biedl]

Guillem Jover wrote...

> A recent dupload improvement to switch from its GnuPG based OpenPGP
> verification hook to use the dpkg OpenPGP multi-backend
> implementation, which as a side effect got rid of a very old code path
> that was ignoring some GnuPG verification failures, resurfaced an old
> known problem with OpenPGP certificates with SHA-1 issues in the
> Debian keyrings.

Being one of those on the list, I'm even more confused than I'd be about
this anyway.

So those people you listed:

* Did they something wrong (although certainly with best intentions)?
* Are they just victim of the circumstances (versions of the software,
  unhandy configuration, ...)?
* Is this a problem if apparently everything went fine in the many past
  years?
* Is there a problem to come?
* Is there something they should do about it?
* Is there something they can do about it? Unless perhaps creating
  a new key?
* Are measures in place newly generated keys will not suffer from
  these problems?

# appears as big_question_marks

Christoph


signature.asc
Description: PGP signature

Re: Bug#1101376: ITP: package-assembler -- CLI tool to create necessary files for a Debian package

[Alexandre Detiste]

Please stop this series of troll packages.

---

package_name = subprocess.run("cat debian/control | grep Source | awk
'{{print $2}}'", shell=True, check=True, stdout=subprocess.PIPE, text=True)

Le mer. 26 mars 2025, 20:03, Luka Kubat  a écrit :

> Package: wnpp
> Severity: wishlist
> Owner: Luka Kubat 
> X-Debbugs-Cc: debian-devel@lists.debian.org, crypticvers...@gmail.com
>
> * Package name: package-assembler
>   Version : 1.0.0
>   Upstream Contact: Luka Kubat 
> * URL : https://github.com/Crypticverse/package-assembler
> * License : GPL-3
>   Programming Lang: Python
>   Description : CLI tool to create necessary files for a Debian package
>
> The CLI tool simplifies the creation and modification of necessary
> metadata files
> for building and creating Debian packages. Based on user input, it can
> generate the control,
> changelog, and other needed files. There are a few options when running
> this tool: Create
> a new package, or add a new changelog entry using dch.
>
>

Bug#1101392: ITP: libcrypt-urandom-token-perl -- module to generate secure strings for passwords, secrets and similar

[gregor herrmann]

Package: wnpp
Owner: gregor herrmann 
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org, debian-p...@lists.debian.org

* Package name: libcrypt-urandom-token-perl
  Version : 0.003
  Upstream Author : Stig Palmquist 
* URL : https://metacpan.org/release/Crypt-URandom-Token
* License : Artistic or GPL-1+
  Programming Lang: Perl
  Description : module to generate secure strings for passwords, secrets 
and similar

Crypt::URandom::Token provides a secure way to generate a random token for
passwords and similar using Crypt::URandom as the source of random bits.

By default, it generates a 44 character alphanumeric token with more than 256
bits of entropy. A custom alphabet with between 2 and 256 elements can be
provided.

Modulo reduction and rejection sampling is used to prevent modulus bias. Keep
in mind that bias will be introduced if duplicate elements are provided in
the alphabet.

The package will be maintained under the umbrella of the Debian Perl Group.

--
Generated with the help of dpt-gen-itp(1) from pkg-perl-tools.


signature.asc
Description: Digital Signature

Re: Proposal for a Yearly Stable Release Cycle for Educational Institutions

[Sarbjit Singh Sandhu]

Thanks for your suggestion I liked that but can you please help me that how
to use and install debian on approx 20 computers of my schools with the kde
plasma desktop and how to update them every 2 years and also making it user
friendly for the people who are going to use them

On Wed, 5 Mar, 2025, 1:45 pm Gard Spreemann,  wrote:

>
> Sarbjit Singh Sandhu  writes:
>
> > I am writing to propose the creation of a new Debian branch that
> > offers a stable release every year, as opposed to the current 5-year
> > cycle.
>
> It's really great to see young people interested in Debian. I do need to
> point out that the current cycle has been approximately 2 years long for
> quite a while, not 5.
>
>
>  Best,
>  Gard
>

Re: Proposal for a Yearly Stable Release Cycle for Educational Institutions

[Hakan Bayındır]

On 3/26/25 9:56 AM, Sarbjit Singh Sandhu wrote:
Thanks for your suggestion I liked that but can you please help me that 
how to use and install debian on approx 20 computers of my schools with 
the kde plasma desktop and how to update them every 2 years and also 
making it user friendly for the people who are going to use them




Dear Sarbjit,

Debian installation can be automated in various ways. Some of them are 
Debian native, some are not. With these methods, you can create a custom 
Debian system which installs the way you want, out of the box, with all 
the customizations you need.


The first way is Debian Preseed [0]. You can create a "Preseed" file and 
give options and add scripts to your installation to customize it.


Second way is FAI [1]. FAI is a "mass-deployment" tool which is aimed at 
what you want to do. While FAI supports many distributions, Debian is 
one of them. We used FAI to deploy a Debian derivative distribution that 
we made country-wide. So it can certainly do 20 computers.


There are also other ways to mass-deploy Debian (like xCAT), but it'll 
be an overkill for your case. So FAI and Preseed are your best choices.


Best Regards,

Hakan

[0]: https://wiki.debian.org/DebianInstaller/Preseed
[1]: https://fai-project.org/


On Wed, 5 Mar, 2025, 1:45 pm Gard Spreemann, > wrote:



Sarbjit Singh Sandhu mailto:sarbjitsinghsandhu...@gmail.com>> writes:

 > I am writing to propose the creation of a new Debian branch that
 > offers a stable release every year, as opposed to the current 5-year
 > cycle.

It's really great to see young people interested in Debian. I do need to
point out that the current cycle has been approximately 2 years long for
quite a while, not 5.


  Best,
  Gard





OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: Proposal for a Yearly Stable Release Cycle for Educational Institutions

[Sarbjit Singh Sandhu]

Thanks for your advice.

On Wed, 26 Mar, 2025, 1:24 pm Hakan Bayındır,  wrote:

> On 3/26/25 9:56 AM, Sarbjit Singh Sandhu wrote:
> > Thanks for your suggestion I liked that but can you please help me that
> > how to use and install debian on approx 20 computers of my schools with
> > the kde plasma desktop and how to update them every 2 years and also
> > making it user friendly for the people who are going to use them
> >
>
> Dear Sarbjit,
>
> Debian installation can be automated in various ways. Some of them are
> Debian native, some are not. With these methods, you can create a custom
> Debian system which installs the way you want, out of the box, with all
> the customizations you need.
>
> The first way is Debian Preseed [0]. You can create a "Preseed" file and
> give options and add scripts to your installation to customize it.
>
> Second way is FAI [1]. FAI is a "mass-deployment" tool which is aimed at
> what you want to do. While FAI supports many distributions, Debian is
> one of them. We used FAI to deploy a Debian derivative distribution that
> we made country-wide. So it can certainly do 20 computers.
>
> There are also other ways to mass-deploy Debian (like xCAT), but it'll
> be an overkill for your case. So FAI and Preseed are your best choices.
>
> Best Regards,
>
> Hakan
>
> [0]: https://wiki.debian.org/DebianInstaller/Preseed
> [1]: https://fai-project.org/
> >
> > On Wed, 5 Mar, 2025, 1:45 pm Gard Spreemann,  > > wrote:
> >
> >
> > Sarbjit Singh Sandhu  > > writes:
> >
> >  > I am writing to propose the creation of a new Debian branch that
> >  > offers a stable release every year, as opposed to the current
> 5-year
> >  > cycle.
> >
> > It's really great to see young people interested in Debian. I do
> need to
> > point out that the current cycle has been approximately 2 years long
> for
> > quite a while, not 5.
> >
> >
> >   Best,
> >   Gard
> >
>
>