Re: OpenPGP digital signature
On 7/30/24 09:53, imtoas...@mail.com wrote: [Message resent because the year was wrong] Dear all, We are currently considering the following dates as our freeze dates. If you are aware of major clashes of these dates with anything we depend on please let us know. We also like to stress again that we really would like to have a short Hard and Full Freeze (counting in weeks, rather than months), so please plan accordingly. If serious delays turn up during any of the Freeze steps, we rather (partially or completely) thaw bookworm again than staying frozen for a long time. 2023-01-12 - Milestone 1 - Transition and toolchain freeze 2023-02-12 - Milestone 2 - Soft Freeze 2023-03-12 - Milestone 3 - Hard Freeze - for key packages and packages without autopkgtests To be announced - Milestone 4 - Full Freeze On behalf of the Release Team, Paul 2025 I suppose
Bug#1077639: ITP: libcaptcha-recaptcha-v3-perl -- Perl implementation of reCAPTCHA API version v3
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, y...@debian.org * Package name: libcaptcha-recaptcha-v3-perl Version : 0.05 Upstream Contact: worthmine * URL : https://metacpan.org/release/Captcha-reCAPTCHA-V3 * License : Artistic or GPL-1+ Programming Lang: Perl Description : Perl implementation of reCAPTCHA API version 3 Perl library for Google's reCAPTCHA version 3. API v2 and v3 are so different, so that this new module is totally distinct than libcaptcha-recaptcha-perl. Will be maintained under Perl Team umbrella
Bug#1034275: ITP: node-react-transition-group -- ReactJS component to expose simple components
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-react-transition-group Version : 4.4.5 Upstream Contact: https://github.com/reactjs/react-transition-group/issues * URL : https://github.com/reactjs/react-transition-group * License : BSD-3-Clause Programming Lang: JavaScript Description : ReactJS component to expose simple components node-react-transition-group provides a set of components for managing component states (including mounting and unmounting) over time, specifically designed with animation in mind. React Transition Group is not an animation library like React-Motion, it does not animate styles by itself. Instead it exposes transition stages, manages classes and group elements and manipulates the DOM in useful ways, making the implementation of actual visual transitions much easier. node-react-transition-group is a dependency of Jupyterlab and will be maintained under JS Team umbrella.
Bug#1034557: ITP: node-juggle-resize-observer -- Minimal JavaScript library which polyfills the ResizeObserver API
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-juggle-resize-observer Version : 3.4.0 Upstream Contact: https://juggle.studio/resize-observer/issues * URL : https://juggle.studio/resize-observer/ * License : Apache-2.0 Programming Lang: JavaScript Description : Minimal JavaScript library which polyfills the ResizeObserver API @juggle/resize-observer provides a minimal library which polyfills the ResizeObserver API and is entirely based on the latest Draft Specification. It immediately detects when an element resizes and provides accurate sizing information back to the handler. node-juggle-resize-observer is a dependency of @blueprintjs/* modules, which are dependencies of JupyterLab. This package will be maintained under JS Team umbrella.
Bug#1034570: ITP: node-y-codemirror -- node-yjs binding to a CodeMirror editor
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-y-codemirror Version : 3.0.1 Upstream Contact: Kevin Jahns * URL : https://github.com/yjs/y-codemirror * License : Expat Programming Lang: JavaScript Description : node-yjs binding to a CodeMirror editor node-y-codemirror binds a Y.Text to a CodeMirror editor. Features: * Sync CodeMirror editor * Shared Cursors * Shared Undo / Redo (each client has its own undo-/redo-history) * Successfully recovers when concurrents edit result in an invalid document schema node-y-codemirror is a reverse dependency of JupyterLab. It will be maintained under JS Team umbrella.
Bug#1034593: ITP: node-fortawesome-fontawesome-free -- The iconic font, CSS, and SVG framework
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-fortawesome-fontawesome-free Version : 6.4.0 Upstream Contact: http://github.com/FortAwesome/Font-Awesome/issues * URL : http://github.com/FortAwesome/Font-Awesome * License : Expat, CC-by-4.0, SIL-OFL-1.1 Programming Lang: JavaScript Description : The iconic font, CSS, and SVG framework Font Awesome is the Internet's icon library and toolkit, used by millions of designers, developers, and content creators. This source package provides distincts binary packages to provides FontAwesome icons in various format. It's a dependency of JupyterLab and will be maintained under JS Team umbrella.
Bug#1034625: ITP: node-min-document -- Node.js library to provide minimal DOM implementation
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-min-document Version : 2.19.0 Upstream Contact: https://github.com/Raynos/min-document/issues * URL : https://github.com/Raynos/min-document * License : Expat Programming Lang: JavaScript Description : Node.js library to provide minimal DOM implementation node-min-document provides a minimal DOM implementation that makes it a lite alternative to node-jsdom. node-min-document is a dependency of JupyterLab, it will be maintained under JS Team umbrella.
Bug#1034703: ITP: node-react-hot-loader -- Node.js module to tweak ReactJS components in real time
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-react-hot-loader Version : 4.13.1 Upstream Contact: https://github.com/gaearon/react-hot-loader/issues * URL : https://github.com/gaearon/react-hot-loader * License : Expat Programming Lang: JavaScript Description : Node.js module to tweak ReactJS components in real time React-Hot-Loader provides a hot reloading system for ReactJS. It's a dependency of Jupyterlab and will be maintained under JS Team umbrella.
Bug#1034743: ITP: node-theming -- CSS-in-JS theming solution for ReactJS
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-theming Version : 3.3.0 Upstream Contact: https://github.com/cssinjs/theming/issues * URL : https://github.com/cssinjs/theming * License : Expat Programming Lang: Javascript Description : CSS-in-JS theming solution for ReactJS node-theming is a CSS-in-JS theming solution for ReactJS. * ThemeProvider allows one to pass, update, merge and augment "theme" through context down react tree * withTheme allows one to receive theme and its updates in your components as a "theme" prop * createTheming allows one to integrate "theming" into its CSS-in-JS library with custom "channel" node-theming is a dependency of node-jss which is a dependency of JupyterLab. It will be maintained under JS Team umbrella.
Bug#1034745: ITP: node-shallow-equal -- Node.js light library to shallowly compare JavaScript objects
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-shallow-equal Version : 3.1.0 Upstream Contact: https://github.com/moroshko/shallow-equal/issues * URL : https://github.com/moroshko/shallow-equal * License : Expat Programming Lang: JavaScript Description : Node.js light library to shallowly compare JavaScript objects node-shallow-equal provides super light functions to deeply compare JavaScript Objects. It's a dependency of node-jss which is a dependency of Jupyterlab. It will be maintained under JS Team umbrella.
Bug#1034776: ITP: node-emotion -- Node.js package to include CSS in JavaScript
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-emotion Version : 11.10.7 Upstream Contact: https://github.com/emotion-js/emotion/issues * URL : https://github.com/emotion-js/emotion * License : Expat Programming Lang: JavaScript Description : Node.js package to include CSS in JavaScript node-emotion is a performant and flexible CSS-in-JS library. Building on many other CSS-in-JS libraries, it allows one to style apps quickly with string or object styles. It has predictable composition to avoid specificity issues with CSS. With source maps and labels, Emotion has a great developer experience and great performance with heavy caching in production. It's a dependency of node-jss which is a dependency of JupyterLab. It'll be maintained under JS Team umbrella.
Bug#1034874: ITP: node-markdown-to-jsx -- Lightweight and customizable ReactJS markdown component
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-markdown-to-jsx Version : 7.2.0 Upstream Contact: Evan Jacobs * URL : https://probablyup.github.io/markdown-to-jsx * License : Expat Programming Lang: JavaScript Description : Lightweight and customizable ReactJS markdown component markdown-to-jsx is a powerfull Markdown-to-JSX component: - arbitrary HTML is supported and parsed into the appropriate JSX representation without `dangerouslySetInnerHTML` - any HTML tags rendered by the compiler and/or Markdown component can be overridden to include additional props or even a different HTML representation entirely - GFM task list support - fenced code blocks with highlight.js support All this clocks in at around 5 kB gzipped, which is a fraction of the size of most other React markdown components. node-markdown-to-jsx is a build dependency of node-rjsf-core which is a dependency of JupyterLab. This package will be maintained under JS Team umbrella.
Bug#1034876: ITP: node-json-schema-merge-allof -- Node.js module to merge schemas combined using allOf
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-json-schema-merge-allof Version : 0.8.1 Upstream Contact: https://github.com/mokkabonna/json-schema-merge-allof/issues * URL : https://github.com/mokkabonna/json-schema-merge-allof * License : Expat Programming Lang: JavaScript Description : Node.js module to merge schemas combined using allOf node-json-schema-merge-allof merge schemas combined using allOf into a more readable composed schema free from allOf. This package is a dependency of node-rjsf, a dependency of JupyterLab. It will be maintained under JS Team umbrella.
Bug#1034907: ITP: node-css-vendor -- JavaScript library to detect CSS vendor prefix
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-css-vendor Version : 2.0.8 Upstream Contact: Oleg Slobodskoi * URL : https://github.com/cssinjs/css-vendor * License : Expat Programming Lang: JavaScript Description : JavaScript library to detect CSS vendor prefix node-css-vendor provides CSS vendor prefix detection and property feature testing. It's a dependency of node-jss, a dependency of jupyterLab. This package will be maintained under JS Team umbrella.
Bug#1034910: ITP: node-jss -- Node.js library to generate style sheets
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-jss Version : 10.10.0 Upstream Contact: https://github.com/cssinjs/jss/issues * URL : https://github.com/cssinjs/jss * License : Expat Programming Lang: JavaScript Description : Node.js library to generate style sheets JSS is an authoring tool for CSS which allows you to use JavaScript to describe styles in a declarative, conflict-free and reusable way. It can compile in the browser, server-side or at build time in Node. JSS is framework agnostic. It consists of multiple packages: the core, plugins, framework integrations and others. This package is a dependency of JupyterLab. It'll be maintained under JS Team umbrella.
Bug#1035050: ITP: node-rjsf -- ReactJS component capable of using JSON Schema to declaratively build forms
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-rjsf Version : 5.6.2 Upstream Contact: https://github.com/rjsf-team/react-jsonschema-form/issues * URL : https://github.com/rjsf-team/react-jsonschema-form * License : Apache-2.0 Programming Lang: JavaScript Description : ReactJS component capable of using JSON Schema to declaratively build forms node-rjsf provides ReactJS components capable of using JSON Schema to declaratively build and customize web forms. It's a dependency of JupyterLab and will be maintained under JS Team umbrella
Bug#1035054: ITP: node-react-redux -- Official ReactJS bindings for node-redux
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-react-redux Version : 8.0.5 Upstream Contact: https://github.com/reduxjs/react-redux/issues * URL : https://github.com/reduxjs/react-redux * License : Expat Programming Lang: JavaScript Description : Official ReactJS bindings for node-redux node-react is a library for building JavaScript user interfaces. node-redux is a predictable state container for JavaScript apps. This package provides the official bindings between these modules. It's a dependency of JupyterLab, it'll be maintained under JS Team umbrella.
Bug#1035413: ITP: node-codemirror-state -- Node.js module that implements the editor state for libjs-codemirror
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-codemirror-state Version : 6.2.0 Upstream Contact: Marijn Haverbeke * URL : https://github.com/codemirror/state * License : Expat Programming Lang: JavaScript Description : Node.js module that implements the editor state for libjs-codemirror node-codemirror-state (@codemirror/state) implements the editor state data structures for the CodeMirror code editor (libjs-codemirror). This package is a dependency of JupyterLab. It'll be maintained under JS Team umbrella
Bug#1035427: ITP: node-react-toastify -- ReactJS module to add notifications
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-react-toastify Version : 9.1.2 Upstream Contact: https://github.com/fkhadra/react-toastify/issues * URL : https://github.com/fkhadra/react-toastify * License : Expat Programming Lang: JavaScript Description : ReactJS module to add notifications node-eact-Toastify allows one to add notifications to any ReactJS app with ease. Features: - easy to customize - RTL support - swipe to close, can choose swipe direction - animation of your choice - can display a react component inside the toast - onOpen/onClose hooks - can remove a toast programmatically - define behavior per toast - pause toast when the window loses focus - fancy progress bar to display the remaining time - possibility to update a toast - progress bar control - dark mode - ... This module is a dependency of JupyterLab and will be maintained under JS Team umbrella.
Bug#1035633: ITP: node-license-webpack-plugin -- node-webpack plugin to manage third-party license
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-license-webpack-plugin Version : 4.0.2 Upstream Contact: https://github.com/xz64/license-webpack-plugin/issues * URL : https://github.com/xz64/license-webpack-plugin * License : ISC Programming Lang: JavaScript Description : node-webpack plugin to manage third-party license node-license-webpack-plugin provides a node-webpack plugin to manage third-party license compliance in webpack builds. This package is a build dependency of JupyterLab. It'll be maintained under JS Team umbrella
Bug#1035651: ITP: node-jupyterlab-nbformat -- Node.js modules for JupyterLab
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-jupyterlab-nbformat Version : 4.0.0~rc1 Upstream Contact: https://github.com/jupyterlab/jupyterlab/issues * URL : https://github.com/jupyterlab/jupyterlab * License : BSD-3-Clause Programming Lang: JavaScript, Python Description : Node.js modules for JupyterLab JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook (notebook, terminal, text editor, file browser, rich outputs, etc.) in a flexible and powerful user interface. This packages will provides Node.js modules for JupyterLab.
Bug#1035668: ITP: node-lezer -- Node.js modules that provide Lezer grammar for various languages
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-lezer Version : 1.4.3 Upstream Contact: Marijn Haverbeke * URL : https://lezer.codemirror.net/ * License : Expat Programming Lang: JavaScript Description : Node.js modules that provide Lezer grammar for various languages The problem of parsing structured text has resisted one-size-fits all solutions for over 60 years. Lezer isn't such a solution either, but it is a very decent parser generator, especially well suited for use in code editors. This source package groups @lezer/* packages to provide grammar for C++, CSS, HTML, Java, JavaScript, JSON, Markdown, PHP, Python, Rust and XML. It's a dependency of JupyterLab and will be maintained under JS Team umbrella.
Bug#1035714: ITP: node-codemirror -- Code editor components for JavaScript
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-codemirror Version : 6.11.0 Upstream Contact: Marijn Haverbeke * URL : https://github.com/codemirror * License : Expat Programming Lang: JavaScript Description : Code editor components for JavaScript node-codemirror is a grouped source package of all @codemirror/* JavaScript components. CodeMirror is a code editor component for the web. It can be used in websites to implement a text input field with support for many editing features, and has a rich programming interface to allow further extension. node-codemirror is a dependency of JupyterLab and will be maintained under JS Team umbrella
Bug#1035735: ITP: node-vscode-lsp -- Node.js modules to implement a VSCode client-server
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-vscode-lsp Version : 1.0.0 Upstream Contact: https://github.com/Microsoft/vscode-languageserver-node/issues * URL : https://github.com/Microsoft/vscode-languageserver-node * License : Expat Programming Lang: JavaScript Description : Node.js modules to implement a VSCode client-server node-vscode-lsp is a monorepo that provides various JS modules to implement a VSCode client-server. This is a dependency of JupyterLab. It'll be maintained under JS Team umbrella.
Bug#1035743: ITP: node-vscode-ws-jsonrpc -- Node.js module to implement jsonrpc client-server communication over WebSocket
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-vscode-ws-jsonrpc Version : 3.0.0 Upstream Contact: https://github.com/TypeFox/monaco-languageclient/issues * URL : https://github.com/TypeFox/monaco-languageclient * License : Expat Programming Lang: JavaScript Description : Node.js module to implement jsonrpc client-server communication over WebSocket node-vscode-ws-jsonrpc is a module designed to implement communication between a jsonrpc client and server over WebSocket. It's a dependency fo JupyterLab. It'll be maintained under JS Team umbrella.
Bug#1035756: ITP: node-regexp-match-indices -- Node.js polyfill/shim for the RegExp Match Indices proposal
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-regexp-match-indices Version : 1.0.2 Upstream Contact: Ron Buckton * URL : https://npmjs.com/package/regexp-match-indices * License : Apache-2.0 Programming Lang: JavaScript Description : Node.js polyfill/shim for the RegExp Match Indices proposal node-regexp-tree implementation is a replacement for RegExp.prototype.exec that approximates the behavior of the proposal. See proposal at https://github.com/tc39/proposal-regexp-match-indices This package is a dependency of JupyterLab. It'll be maintained under JS Team umbrella.
Bug#1035799: ITP: node-react-highlight-words -- ReactJS component to highlight words within a larger body of text
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-react-highlight-words Version : 0.2.0 Upstream Contact: https://github.com/bvaughn/react-highlight-words/issues * URL : https://github.com/bvaughn/react-highlight-words * License : Expat Programming Lang: JavaScript Description : ReactJS component to highlight words within a larger body of text node-react-highlight-words is a node-react component used to highlight words within a larger body of text. To use it, just provide it with an array of search terms and a body of text to highlight. It's a dependency of JupyterLab and will be maintained under JS Team umbrella.
Bug#1035958: ITP: node-types-chrome -- Typescript definitions for Chrome extension development
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-types-chrome Version : 0.0.235 Upstream Contact: https://github.com/DefinitelyTyped/DefinitelyTyped/issues * URL : https://github.com/DefinitelyTyped/DefinitelyTyped * License : Expat Programming Lang: JavaScript Description : Typescript definitions for Chrome extension development Modern JavaScript libraries provides their Typescript definitions to permits to use them in JavaScript softwares written in Typescript. When those definitions are missing, instead of writing custom definitions in each program, some people provides external Typescript definitions to be reused (definitions for module "foo" are exposed in @types/foo). In Debian, we chose to embed them inside the node package. For example, @types/braces is embedded in node-braces. But @types/* are also used to define anything that can be used in JavaScript (like @types/filesystem). This package provides @types/chrome and its generic dependencies: @types/filesystem and @types/filewriter. node-types-chrome a dependency of some advanced Node.js modules and will be a dependency of some Node.js modules needed to build JupyterLab. It'll be maintained under JS Team umbrella.
Bug#1036903: ITP: node-pure-rand -- Fast pseudorandom number generator for Node.js
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-pure-rand Version : 6.0.2 Upstream Contact: Nicolas DUBIEN * URL : https://github.com/dubzzz/pure-rand * License : Expat Programming Lang: JavaScript Description : Fast pseudorandom number generator for Node.js node-pure-rand is a fast pseudo random number generator with purity in mind. Pure means that the instance "rng" will never be altered in-place. It can be called again and again and will always return the same value, but it will also return the next "rng". node-pure-rand is a new dependency of jest 29.5. It will be maintained under JS Team umbrella.
Bug#1040463: ITP: libanyevent-xspromises-perl -- Another Promises library, implemented in XS for performance
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: libanyevent-xspromises-perl Version : 0.005 Upstream Contact: Tom van der Woerdt * URL : https://metacpan.org/release/AnyEvent-XSPromises * License : GPL-1+ or Artistic Programming Lang: Perl Description : Another Promises library, implemented in XS for performance AnyEvent::XSPromises provides a Promises interface, written in XS for performance, conforming to the Promises/A+ specification. This library is a dependency of libcassandra-client-perl (#924121) and will be maintained under Perl Team umbrella.
Bug#1040465: ITP: libdbd-cassandra-perl -- Perl DBI database backend for Cassandra
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: libdbd-cassandra-perl Version : 0.57 Upstream Contact: Tom van der Woerdt * URL : https://metacpan.org/release/DBD-Cassandra * License : GPL-1+ or Artistic Programming Lang: Perl Description : Perl DBI database backend for Cassandra DBD::Cassandra is a Perl5 Database Interface driver for Cassandra, using the CQL3 query language.
Re: Verify upstream PGP signed sha256sums file
On 9/1/23 08:10, Ben Westover wrote: Hello, I add PGP verification to my debian/watch files wherever possible so that if upstream has a signature on their tarball, it can be verified. I've seen a few projects now that choose to include a clearsigned file that contains the sha256sums of all their tarballs and binaries instead of providing signatures for each file separately. Does Debian have any way to verify the tarball using this signed checksum file without some sort of custom script needed? Attached is an example of one such file. -- Ben Westover Hi, there is an issue opened for that (#1014333), contributions welcome !
Bug#1051549: ITP: node-jsan -- JavaScript "All The Things" Notation
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-jsan Version : 3.1.14 Upstream Contact: Moshe Kolodny <https://github.com/kolodny/jsan/issues> * URL : https://github.com/kolodny/jsan * License : Expat Programming Lang: JavasCRIPT Description : JavaScript "All The Things" Notation node-jsan Easily stringify and parse any object including objects with circular references, self references, dates, regexes, `undefined`, errors, and even functions. node-jsan is a dependency of node-redux-devtools which is needed by node-jupyterlab. This package will be maintained under JS Team umbrella.
Bug#1051583: ITP: node-fast-json-patch -- Node.js implementation of JSON-Patch
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-fast-json-patch Version : 3.1.1 Upstream Contact: Joachim Wester * URL : https://github.com/Starcounter-Jack/JSON-Patch * License : Expat Programming Lang: JavaScript Description : Node.js implementation of JSON-Patch node-fast-json-patch is a leaner and meaner implementation of JSON-Patch. Small footprint. High performance. It can: * apply patches (arrays) and single operations on JS object * validate a sequence of patches * observe for changes and generate patches when a change is detected * compare two objects to obtain the difference node-fast-json-patch is a dependency of node-vega-embed, needed for node-jupyterlab.
Bug#1051591: ITP: node-vega-tooltip -- Tooltip for node-vega and node-vega-lite
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-vega-tooltip Version : 0.33.0 Upstream Contact: https://github.com/vega/vega-tooltip/issues * URL : https://github.com/vega/vega-tooltip * License : BSD-3-Clause Programming Lang: JavaScript Description : Tooltip for node-vega and node-vega-lite node-vega-tooltip is a tooltip plugin for Vega and Vega-Lite visualizations. This plugin implements a custom tooltip handler for Vega that uses custom HTML tooltips instead of the HTML title attribute. This is a dependency of node-jupyterlab. It will be maintained under JS Team umbrella.
Bug#1051601: ITP: node-geojson -- Node.js library to convert geo data into GeoJSON
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-geojson Version : 0.5.0 Upstream Contact: Casey Cesari <https://github.com/caseycesari/geojson.js/issues> * URL : https://github.com/caseycesari/geojson.js * License : Expat Programming Lang: JavaScript Description : Node.js library to convert geo data into GeoJSON node-geojson is a dependency of node-vega-lite and a TS dependency of node-d3. It will be maintained under JS Team umbrella.
Bug#1051608: ITP: node-d3-geo-projection -- Extended geographic projections for node-d3-geo
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-d3-geo-projection Version : 4.0.0 Upstream Contact: Mike Bostock <https://bost.ocks.org/mike> * URL : https://d3js.org/d3-geo-projection/ * License : ISC Programming Lang: JavaScript Description : Extended geographic projections for node-d3-geo node-d3-geo-projection provides extended geographic projections for node-d3-geo. It's a dependency of node-vega-lite, needed to build node-jupyterlab. It will be maintained under JS Team umbrella.
Bug#1051628: ITP: node-d3-delaunay -- Node.js fast library for computing the Voronoi diagram
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-d3-delaunay Version : 6.0.4 Upstream Contact: Observable, Inc. <https://github.com/d3/d3-delaunay/issues> * URL : https://github.com/d3/d3-delaunay * License : ISC Programming Lang: JavaScript Description : Node.js fast library for computing the Voronoi diagram node-d3-delaunay is a fast library for computing the Voronoi diagram of a set of two-dimensional points. It is based on included node-delaunator, a fast library for computing the Delaunay triangulation using sweep algorithms. The Voronoi diagram is constructed by connecting the circumcenters of adjacent triangles in the Delaunay triangulation. It's a missing dependency of node-vega, needed to build node-jupyterlab
Bug#1051660: ITP: node-vega-lite -- Node.js library that provides a higher-level grammar for visual analysis for node-vega
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-vega-lite Version : 5.14.1 Upstream Contact: University of Washington Interactive Data Lab <https://github.com/vega/vega-lite/issues> * URL : https://github.com/vega/vega-lite/issues * License : BSD-3-Clause Programming Lang: JavaScript Description : Node.js library that provides a higher-level grammar for visual analysis for node-vega node-vega-lite provides a higher-level grammar for visual analysis that generates complete Vega specifications. More details available on https://vega.github.io/vega-lite/docs/. Try available also on line: https://vega.github.io/editor/#/custom/vega-lite This library is a dependency of node-vega-embed, needed to build node-jupyterlab. Will be maintained under JS Team umbrella
Bug#1051694: ITP: node-vega-themes -- Themes for stylized Vega and Vega-Lite visualizations
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-vega-themes Version : 2.14.0 Upstream Contact: University of Washington Interactive Data Lab <https://github.com/vega/vega-themes/issues> * URL : https://github.com/vega/vega-themes/issues * License : BSD-3-Clause Programming Lang: JavaScript Description : Themes for stylized Vega and Vega-Lite visualizations A Vega *theme* is a configuration object with default settings for a variety of visual properties such as colors, typefaces, line widths and spacing. This module exports a set of named themes, which can be passed as input to the node-vega or node-vega-lite with node-vega-embed or directly as a configuration object to the Vega parser. This package is a dependency of node-vega-embed which is needed to build node-jupyterlab. Will be maintained under JS Team umbrella.
Bug#1051705: ITP: node-vega-embed -- Node.js library to easily embed vega views
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-vega-embed Version : 6.22.2 Upstream Contact: University of Washington Interactive Data Lab <https://github.com/vega/vega-embed/issues> * URL : https://github.com/vega/vega-embed/issues * License : BSD-3-Clause Programming Lang: $jAVAsCRIPT Description : Node.js library to easily embed vega views node-vega-embed makes it easy to embed interactive node-vega and node-vega-lite views into web pages. It's another dependency needed to build node-jupyterlab. Will be maintained under JS Team umbrella
Bug#1051823: ITP: libjs-simulate-event -- JavaScript library to trigger DOM events on any element
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: libjs-simulate-event Version : 1.4.0 Upstream Contact: Blake Embrey * URL : https://github.com/blakeembrey/simulate-event * License : Expat Programming Lang: JavaScript Description : JavaScript library to trigger DOM events on any element libjs-simulate-event provide a simple way to trigger DOM events on any element: * simulateEvent.simulate(document.body, 'click') It's a build dependency of node-jupyterlab and will be maintaied under JS Team umbrella
Bug#1051930: ITP: node-node-pty -- Node.js library to allow one to fork processes with pseudoterminal file descriptors
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-node-pty Version : 1.0.0 Upstream Contact: node-pty authors <https://github.com/microsoft/node-pty/issues> * URL : https://github.com/microsoft/node-pty/issues * License : Expat Programming Lang: JavaScript Description : Node.js library to allow one to fork processes with pseudoterminal file descriptors node-node-pty provides forkpty bindings for node.js. This allows one to fork processes with pseudoterminal file descriptors. It returns a terminal object which allows reads and writes. This is useful for: * Writing a terminal emulator * Getting certain programs to think they are in a terminal node-node-pty is a dependency of node-xterm 5 which is needed to build node-jupyterlab. Will be maintained under JS Team umbrella.
Bug#1051974: ITP: inwasm -- Inline WebAssembly for Typescript
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: inwasm Version : 0.0.13 Upstream Contact: Joerg Breitbart * URL : https://github.com/jerch/inwasm * License : Expat Programming Lang: JavaScript Description : Inline WebAssembly for Typescript InWasm is a small bundler for inline standalone wasm libraries (Web Assembly). It compiles and bundles the wasm source code inplace, using either clang, wabt and/or emscripten. inwasm is a build dependency needed to build node-xterm-wasm-parts, which is required by node-xterm 5 which update is needed to build node-jupyterlab. Will be maintained under JS Team umbrella.
Bug#1051991: ITP: node-sixel -- Node.js library to manage Sixel images
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-sixel Version : 0.16.0 Upstream Contact: Joerg Breitbart * URL : https://github.com/jerch/node-sixel/ * License : Expat Programming Lang: JavaScript Description : Node.js library to manage Sixel images node-sixel is a image decoding / encoding library for node and the browser. It is a build dependency of node-xterm 5 which is required for node-jupyterlab. Will be maintained under JS Team umbrella.
Bug#1052054: ITP: node-sort-package-json -- Node.js library to sort package.json
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-sort-package-json Version : 2.5.1 Upstream Contact: Keith Cirkel * URL : https://github.com/fisker/git-hooks-list * License : Expat Programming Lang: JavaScript Description : Node.js library to sort package.json node-sort-package-json is a small library useful to sort package.json files of Node.js modules, not in alphabetic order but in logical order (starting by name and version). It's a dependency of node-jupyterlab and will be maintained under JS Team umbrella.
Bug#1052075: ITP: node-speech-rule-engine -- NodeJS version of the ChromeVox speech rule engine
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-speech-rule-engine Version : 3.2.2 Upstream Contact: Volker Sorge * URL : https://github.com/zorkow/speech-rule-engine * License : Apache-2.0 Programming Lang: JavaScript Description : NodeJS version of the ChromeVox speech rule engine node-speech-rule-engine (SRE) can translate XML expressions into speech strings according to rules that can be specified in a syntax using Xpath expressions. It's a dependnecy of node-mathjax-full, needed to build node-jupyterlab. Will be maintained under JS Team upbrella.
Bug#1052076: ITP: node-mathjax-full -- JavaScript library to display math in browsers
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-mathjax-full Version : 3.2.2 Upstream Contact: The MathJax Consortium <https://github.com/mathjax/Mathjax-src/issues> * URL : https://github.com/mathjax/Mathjax-src * License : Apache-2.0 Programming Lang: JavaScript Description : JavaScript library to display math in browsers MathJax is an open-source JavaScript display engine for LaTeX, MathML, and AsciiMath notation that works in all modern browsers. It was designed with the goal of consolidating the recent advances in web technologies into a single, definitive, math-on-the-web platform supporting the major browsers and operating systems. It requires no setup on the part of the user (no plugins to download or software to install), so the page author can write web documents that include mathematics and be confident that users will be able to view it naturally and easily. Simply include MathJax and some mathematics in a web page, and MathJax does the rest. node-mathjax-full is a dependency of node-jupyterlab. It will be maintained under JS Team umbrella.
Bug#1052140: ITP: node-html-webpack-plugin -- node-webpack plugin to create HTML files
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-html-webpack-plugin Version : 5.5.3 Upstream Contact: JS Foundation <https://github.com/jantimon/html-webpack-plugin/issues> * URL : https://github.com/jantimon/html-webpack-plugin * License : JavaScript Programming Lang: Expat Description : node-webpack plugin to create HTML files node-html-webpack-plugin is a node-webpack plugin that simplifies creation of HTML files to serve a node-webpack bundle.This is especially useful for bundles that include a hash in the filename which changes every compilations It's a build dependency of node-jupyterlab. Will be maintained under JS Team umbrella.
Bug#1052143: ITP: node-html-loader -- Node module that exports HTML as string
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-html-loader Version : 4.2.0 Upstream Contact: JS Foundation <https://github.com/webpack-contrib/html-loader/issues> * URL : https://github.com/webpack-contrib/html-loader * License : Expat Programming Lang: JavaScript Description : Node module that exports HTML as string node-html-loader exports HTML as string. HTML is minimized when the compiler demands. It is typically used as node-webpack plugin. node-html-loader is a dependency of node-jupyterlab and will be maintained under JS Team umbrella
Bug#1052147: ITP: node-source-map-loader -- Node.js library to extract source maps
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-source-map-loader Version : 4.0.1 Upstream Contact: JS Founadation <https://github.com/webpack-contrib/source-map-loader/issues> * URL : https://github.com/webpack-contrib/source-map-loader * License : Expat Programming Lang: JavaScript Description : Node.js library to extract source maps node-source-map-loader is a JS library to extracts source maps from existing source files. Can be used in a node-webpack rule. It's a build dependency of node-jupyterlab, will be maintained under JS Team umbrella.
Bug#1052170: ITP: node-playwright -- JavaScript framework for Web Testing and Automation
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-playwright Version : 1.38.0 Upstream Contact: Microsoft Corporation <https://github.com/Microsoft/playwright/issues> * URL : https://github.com/Microsoft/playwright * License : Apache-2.0 Programming Lang: JavaScript Description : JavaScript framework for Web Testing and Automation node-playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API. Playwright is built to enable cross-browser web automation that is ever-green, capable, reliable and fast. Another node-jupyterlab dependency, will be maintained under JS Team umbrella.
Bug#1052246: ITP: node-vdom-to-html -- Node.js library to turn virtual-dom nodes into HTML
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-vdom-to-html Version : 2.3.1 Upstream Contact: Nathan Tran * URL : https://github.com/nthtran/vdom-to-html * License : Expat Programming Lang: JavaScript Description : Node.js library to turn virtual-dom nodes into HTML node-vdom-to-html turn virtual-dom nodes into HTML. virtual-dom is a collection of modules designed to provide a declarative way of representing the DOM. This is a dependency of node-stdlib which is needed to build node-jupyterlab. Will be maintained under JS Team umbrella.
Bug#1052301: ITP: node-stdlib -- Standard library for JavaScript and Node.js
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-stdlib Version : 0.0.96 Upstream Contact: The Stdlib Authors <https://github.com/stdlib-js/stdlib/graphs/contributors> * URL : https://github.com/stdlib-js/stdlib * License : Apache-2.0 Programming Lang: JavaScript Description : Standard library for JavaScript and Node.js node-stdlib is a standard library for JavaScript and Node.js, with an emphasis on numerical and scientific computing applications. The library provides a collection of robust, high performance libraries for mathematics, statistics, data processing, streams, and more and includes many utilities expected from a standard library. node-stdlib is a build dependency of node-jupyterlab. Will be maintained under JS Team umbrella.
Bug#1055480: ITP: libwebservice-s3-tiny-perl -- Perl module for using S3 or compatible APIs
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, y...@debian.org * Package name: libwebservice-s3-tiny-perl Version : 0.003 Upstream Contact: James Raspass * URL : https://metacpan.org/release/WebService-S3-Tiny * License : Artistic or GPL-1+ (and part under Apache-2.0) Programming Lang: Perl Description : Perl module for using S3 or compatible APIs WebService::S3::Tiny is a little Perl module for using any S3 or compatible APIs. It will be maintained under Perl Team umbrella.
Migration blocked
Hi all, I uploaded src:node-proxy-agents into unstable, which is the new source of node-proxy and node-https-proxy-agent. This package didn't migrate but I don't understand the reason of this block. The tracker[1] reports regressions on node-proxy and node-https-proxy-agent (which are replaced), and related logs contains "ERROR: erroneous package: rules extract failed with exit code 1". How can I fix this problem ? Best regards, Yadd [1]: https://tracker.debian.org/pkg/node-proxy-agents
Re: Migration blocked
On 12/5/23 06:52, Yadd wrote: Hi all, I uploaded src:node-proxy-agents into unstable, which is the new source of node-proxy and node-https-proxy-agent. This package didn't migrate but I don't understand the reason of this block. The tracker[1] reports regressions on node-proxy and node-https-proxy-agent (which are replaced), and related logs contains "ERROR: erroneous package: rules extract failed with exit code 1". How can I fix this problem ? Best regards, Yadd [1]: https://tracker.debian.org/pkg/node-proxy-agents Hi, can someone help me here ?
Re: Migration blocked
On 12/6/23 23:02, Paul Gevers wrote: Hi, On 05-12-2023 03:52, Yadd wrote: I uploaded src:node-proxy-agents into unstable, which is the new source of node-proxy and node-https-proxy-agent. This package didn't migrate but I don't understand the reason of this block. The tracker[1] reports regressions on node-proxy and node-https-proxy-agent (which are replaced), and related logs contains "ERROR: erroneous package: rules extract failed with exit code 1". How can I fix this problem ? To be fair, I don't think you can unless you like to work on britney2 [2] and/or autopkgtest [3]. This is a corner case that our software doesn't handle correctly. So, the right course of action in a case like this is to contact the Release Team (I'm a member, so consider it done). *Maybe* a removal from unstable of src:node-https-proxy-agent and src:node-proxy would help, but I'm not convinced. Those sources should eventually go away automatically [4] (from your point of view). Paul Thank a lot Paul !
Bug#1058864: ITP: ovito -- scientific data visualization and analysis software for particle-based simulations
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, y...@debian.org * Package name: ovito Version : 3.9.4 Upstream Contact: https://gitlab.com/stuko/ovito/-/issues * URL : https://www.ovito.org * License : GPL-3 or Expat Programming Lang: C++ Description : scientific data visualization and analysis software for particle-based simulations OVITO is a scientific data visualization and analysis software for atomistic, molecular and other particle-based simulations. This package is part of Jupyterlab ecosystem.
Bug#1059469: ITP: node-ipydatagrid -- Fast Datagrid widget for the Jupyter Notebook and JupyterLab
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-ipydatagrid Version : 1.2.0 Upstream Contact: https://github.com/Bloomberg/ipydatagrid/issues * URL : https://github.com/Bloomberg/ipydatagrid * License : BSD-3-Clause Programming Lang: JavaScript Description : Fast Datagrid widget for the Jupyter Notebook and JupyterLab node-ipydatagrid provides a fast Datagrid widget for the Jupyter Notebook and JupyterLab. This package will be maintained under Debian PAN Maintainers Team
Re: Any way to install packages+run autopkgtests on porterbox machines?
On 3/1/24 18:08, Andrey Rahmatullin wrote: On Fri, Mar 01, 2024 at 07:15:16PM +0530, Nilesh Patra wrote: You can use local sbuild chroots for foreign architectures, both for building and, I assume, running autopkgtests. I know but that is not something I want. This invaidates the whole point of using porter machines. I though the whole point of using porter machines is being able to run at least something on architectures you don't have otherwise. Local chroots are superior to that, not inferior, when they are also available.. local schroots don't permit to run autopkgtest in the same env (Debian uses lsc), and I don't think we can reproduce distinct architectures inside lsc. (And when I follow the lsc doc given with autopkgtest, nothing work: no network inside containers). So Like Nilesh, I try to reproduce autopkgtest failures using modified build tests (and waste a lot of time to do that).
Re: Mot de passe
On 4/2/24 15:03, Ghislain Pierrat wrote: Bonjour , En tant qu’utilisateur de produit APPLE , j’utilise le gestionnaire de mot de passe TROUSSEAU Je me connecte épisodiquement sur un site de données biologiques de santé pour lequel un mot de passe m’a été fourni . Ce mot de passe est déclaré faible par le gestionnaire ; en tentant de le changer à l’aide du gestionnaire je suis aiguillé sur une page de votre site sans pouvoir changer ce mot de passe Est il possible de le faire et comment ? Merci de votre réponse G P Sorry for fellow Debian Developers, I'll answer in French. Bonjour, ceci est une liste de diffusion en anglais et très éloignée de votre sujet. Le système Trousseau est un gestionnaire de mots-de-passe d'Apple et ici vous écrivez à une liste rassemblant les développeurs du système d'exploitation Debian. Je ne comprends pas du tout comment vous avez été ré-aiguillé ici mais il est fort probable que personne ici ne puisse vous aider. Adressez-vous plutôt à votre support Apple. Cordialement,
Bug#1068862: ITP: node-microsoft-fast -- FAST monorepo, containing web component packages, tools, examples, and documentation
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-microsoft-fast Version : 0~20240320-1 Upstream Contact: https://github.com/Microsoft/fast/issues * URL : https://github.com/Microsoft/fast * License : Expat Programming Lang: JavaScript Description : FAST monorepo, containing web component packages, tools, examples, and documentation FAST is a collection of technologies built on Web Components and modern Web Standards, designed to help you efficiently tackle some of the most common challenges in website and application design and development. * Create reusable UI components with `@microsoft/fast-element`, all based on W3C Web Component standards. * Use `@microsoft/fast-foundation` library to rapidly build W3C OpenUI-based (https://open-ui.org/) design systems without re-implementing component logic. * Leverage modern, W3C standards-based SSR for Web Components by plugging in `@microsoft/fast-ssr`. * Bring all the pieces together to build SPAs and rich experiences with our Web Components router by installing `@microsoft/fast-router`. * React users can drop in `@microsoft/fast-react-wrapper` to turn any Web Component into a native React component. * Integrate FAST Web Components with any library, framework, or build system. This monorepositopry will provide the following packages: * node-microsoft-fast-colors * node-microsoft-fast-element * node-microsoft-fast-foundation * node-microsoft-fast-react-wrapper * node-microsoft-fast-router * node-microsoft-fast-ssr * node-microsoft-fast-web-utilities This is required to update node-jupyterlab.
Bug#1070408: ITP: python3-tabnet -- Attentive Interpretable Tabular Learning
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, y...@debian.org * Package name: python3-tabnet Version : 4.1.0 Upstream Contact: DreamQuark <https://github.com/dreamquark-ai/tabnet/issues> * URL : https://github.com/dreamquark-ai/tabnet * License : Expat Programming Lang: Python Description : Attentive Interpretable Tabular Learning python3-tabnet is a pyTorch implementation of Tabnet (TabNet: Attentive Interpretable Tabular Learning, https://arxiv.org/pdf/1908.07442.pdf). Please note that some different choices have been made overtime to improve the library which can differ from the orginal paper. This package is needed for jupyterlab. Will be maintained under Debian Pan Maintainers Team umbrella.
Bug#1070831: ITP: python3-nxtomo -- Python API to edit NXtomo application
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, y...@debian.org * Package name: python3-nxtomo Version : 1.2.3 Upstream Contact: , Pierre Paleo , Alessandro Mirone , Jérôme Lesaint * URL : https://gitlab.esrf.fr/tomotools/nxtomo * License : Expat Programming Lang: Python Description : Python API to edit NXtomo application NXtomo is a application definition for x-ray or neutron tomography raw data. See https://manual.nexusformat.org/classes/applications/NXtomo.html python3-nxtomo provide a friendly API to create and edit NXtomo application. This package will be maintained under Debian PAN Team.
Re: Changed Github download URLs are affecting lots of existing watch files
Le 26/03/2021 à 22:38, Andreas Tille a écrit : > Hi, > > I just learned that what was formerly something like > >https://github.com/#GITHUBUSER#/#PACKAGE#/releases/latest > .*/archive/#PREFIX#@ANY_VERSION@\.tar\.gz > > has to be > >https://github.com/#GITHUBUSER#/#PACKAGE#/releases/latest > .*/archive.*/#PREFIX#@ANY_VERSION@\.tar\.gz > > now (at least) since what was formerly > > .*/archive/ > > became now > > .*/archive/refs/tags/ > > This breaks at least all Debian Med packages refereing to Github and > probably way more. This means our toolset will fail to detect new > upstream versions. > > Any idea what to do (besides uploading all packages obtained from > Github right after the release)? This breaks also more than thousand package from JS Team. We could perhaps handle that with uscan then each time GitHub changes its website, only uscan should be updated. IDEA 1: create a uscan macro version=4 opts=\ filenamemangle=s/.*\/@ANY_VERSION@\.tar\.gz/@PACKAGE@-$1.tar.gz/ \ https://github.com/user/module/tags @GITHUBREGEX@ IDEA 2: create a uscan option: version=4 opts="githubTags" https://github.com/user/module Then uscan will replace this by opts=\ filenamemangle=s/.*\/@ANY_VERSION@\.tar\.gz/@PACKAGE@-$1.tar.gz/ \ https://github.com/user/module/tags \ .*/archive/.*/v?@ANY_VERSION@\.tar\.gz Same idea for "githubReleases" (use ".../releases" instead of ".../tags") Cheers, Xavier
Re: using uscan with Fossil SCM
Le 30/04/2021 à 23:31, Romain Porte a écrit : > Hi fellow Debianites, > > I am currently in the process of packaging grammalecte [1] that relies > on the Fossil SCM [2]. However on the taglist page [3] the links are > directing to Fossil HTML pages, but not .tar.xz files. When browsing out > the 2.1.2 tag HTML page [4], one has to follow the "check-in" link [5] > before being able to download an archive from the resulting page [6]. > > As Fossil seems to be an SCM that could be used by other packages, does > anyone already managed to use uscan with Fossil? I was not able to find > any examples in the manpage nor on codesearch.d.o. I see that uscan > supports custom scripts, so one may be able to follow the links using > the script but I am not sure what software I am allowed to call into the > script and if tools for parsing HTML are available (thinking about > BeautifulSoup Python library). This may be very hacky and manual, and > maybe we should find a way to deal with Fossil SCM together for possible > future packages and document this in the uscan man page. > > Thanks in advance for your highlights, Hi, no uscan isn't able to do this. The simplest way is to write a "fossil.pm" file in /ussr/share/perl5/Devscripts/Uscan/ (see git.pm or svn.pm). Then it will be possible to use "mode=fossil" in debian/watch and use tags directly. Cheers, Yadd
Re: using uscan with Fossil SCM
Le 01/05/2021 à 08:31, Sergei Golovan a écrit : > Hi Romain, > > On Sat, May 1, 2021 at 1:26 AM Romain Porte wrote: >> >> Hi fellow Debianites, >> >> I am currently in the process of packaging grammalecte [1] that relies >> on the Fossil SCM [2]. However on the taglist page [3] the links are >> directing to Fossil HTML pages, but not .tar.xz files. When browsing out >> the 2.1.2 tag HTML page [4], one has to follow the "check-in" link [5] >> before being able to download an archive from the resulting page [6]. > > With Fossil you don't have to know the exact artifact hash in order to > download > tagged revisions. Knowing the tag name is sufficient. You can construct the > download URL yourself given the tag name. The following debian/watch seems > to work, it uses filenamemangle and downloadurlmangle to manualy specify > the filename and URL to download: > > = > version=4 > > opts="searchmode=plain, \ > > filenamemangle=s//grammalecte-$1.tar.gz/, > \ > > downloadurlmangle=s//http:\/\/code.grammalecte.net:8080\/tarball\/Grammalecte.tar.gz?r=v$1/" > \ > http://code.grammalecte.net:8080/taglist \ > > = > Cheers! Hi Sergei, could you help me to update uscan manpage[1] to document fossil use ? Cheers, Yadd [1]: https://salsa.debian.org/debian/devscripts/-/blob/master/scripts/uscan.pl#L1302
Re: using uscan with Fossil SCM
Le 03/05/2021 à 11:26, Barak A. Pearlmutter a écrit : > As the Fossil Debian package maintainer, I'd certainly be grateful for > notes on how to use Fossil for Debian packages. I have my own > idiosyncratic workflow for Fossil itself, but it's not general because > it relies on upstream's distribution of tarballs, and otherwise uses > the local fossil repo, and is not very automated. Would be happy to > put notes, scripts, snippets, etc, in > /usr/share/doc/fossil/README-Debian or some such. > > A pipeline with "v=$(fossil tag list | egrep | max) ; > fossil tarball $v foo.tar" where defaults to version_.* > or some such but can come from debian/gbp.conf might be useful, for > use with a local fossil repo. If there's nothing local only remote, > hmmm > > One thing I should mention is that Fossil upstream is very > cooperative. If the web pages a Fossil repo makes available by default > don't have the right hooks for uscan, if we could ask for something > very simple (maybe a page with a list of all tags each consisting of a > link to a tarball FOO-tag.tar.xz) that would I think be something they > would seriously consider. Yes it would be fine. This page can also be a JSON page (opts="searchmode=plain") Cheers, Yadd
Bug#990750: ITP: libtest-exports-perl -- Perl module to test that modules export the right symbols
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: libtest-exports-perl Version : 1 Upstream Author : Ben Morrow * URL : https://metacpan.org/release/Test-Exports * License : BSD-2-Clause Programming Lang: Perl Description : Perl module to test that modules export the right symbols Test::Exports provides simple test functions for testing other modules "import" methods. Testing is currently limited to checking which subs have been imported. In order to keep different calls to ->import separate, Test::Exports performs these calls from a private package. The symbol-testing functions then test whether or not symbols are present in this private package, ensuring none of this interferes with your test script itself. Test::Exports is a build dependency of Readonly::Tiny which will be used by lintian (https://lists.debian.org/debian-perl/2021/07/msg0.html)
Bug#990751: ITP: libreadonly-tiny-perl -- Perl module to provide simple, correct readonly values
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: libreadonly-tiny-perl Version : 4 Upstream Author : Ben Morrow * URL : https://metacpan.org/release/Readonly-Tiny * License : BSD-2-Clause Programming Lang: Perl Description : Perl module to provide simple, correct readonly values Readonly::Tiny provides a simple and correct way of making values readonly. Unlike Readonly it does not cause arrays and hashes to be tied, it just uses the core SvREADONLY flag. Readonly::Tiny will be used by lintian (https://lists.debian.org/debian-perl/2021/07/msg0.html)
Bug#992322: ITP: node-minipass -- Nodejs minimal implementation of a PassThrough stream
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, pkg-javascript-de...@lists.alioth.debian.org * Package name: node-minipass Version : 3.1.3 Upstream Author : npm, Inc. and Contributors * URL : https://github.com/isaacs/minipass * License : ISC Programming Lang: JavaScript Description : Nodejs minimal implementation of a PassThrough stream minipass is a very minimal implementation of a PassThrough stream It's very fast for objects, strings, and buffers. Supports pipe()ing (including multi-pipe() and backpressure transmission), buffering data until either a data event handler or pipe() is added (so you don't lose the first chunk), and most other cases where PassThrough is a good idea. Currently, minipass is embedded in npm, node-cacache, node-ssri and node-tar. It is also a dependency of next node-tap. The goal of this ITP is to package it separately and then remove embedded minipass. The package will embed also some little reverse dependencies of minipass needed by node-cacache, npm and node-tap: * minipass-flush * minipass-collect * minipass-pipeline * minipass-json-stream * minipass-sized This package will be maintained under Pkg-JS umbrella. Cheers, Yadd
Bug#992429: ITP: libapache-session-mongodb-perl -- Apache::Session implementation for MongoDB databases
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: libapache-session-mongodb-perl Version : 0.21 Upstream Author : Xavier Guimard * URL : https://metacpan.org/release/Apache-Session-MongoDB * License : Artistic-1.0 or GPL-1+ Programming Lang: Perl Description : Apache::Session implementation for MongoDB databases Apache::Session::MongoDB module is an implementation of Apache::Session. It uses the MongoDB backing store and no locking. This module is one of the backends proposed by lemonldap-ng Web-SSO system. Cheers, Yadd
Bug#994406: ITP: node-mdn-browser-compat-data -- Compatibility data for Web technologies
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-mdn-browser-compat-data Version : 4.0.3 Upstream Author : MDN Web Docs * URL : https://github.com/mdn/browser-compat-data * License : CC0-1.0 Programming Lang: JavaScript Description : Compatibility data for Web technologies @mdn/browser-compat-data contains browser compatibility data that describes which platforms (where "platforms" are usually, but not always, web browsers) support particular Web APIs. . This data can be used in documentation, to build compatibility tables listing browser support for APIs. This package is needed to upgrade node-y18n. It will be maintained under JS Team umbrella
Re: [Pkg-javascript-devel] Bug#995722: Not running tests because tests miss source code is not useful
Le 06/10/2021 à 23:32, Thomas Goirand a écrit : > On 10/6/21 6:53 PM, Pirate Praveen wrote: >> [adding -devel] >> >> On ബു, ഒക്ടോ 6 2021 at 12:16:07 വൈകു +0200 +0200, Jonas Smedegaard >> wrote: >>> Quoting Yadd (2021-10-06 11:43:40) >>>> On Lu, 04 oct 21, 16:40:48, Bastien Roucari�s wrote: >>>> > Source: src:node-lodash >>>> > Version: 4.17.21+dfsg+~cs8.31.173-1 >>>> > Severity: serious >>>> > Justification: do not compile from source >>>> > >>>> > Dear Maintainer, >>>> > >>>> > The vendor directory should be emptied >>>> > >>>> > The debug version is compiled without source (lintian warn) and >>>> moreover the >>>> > rest of file are already packaged >>>> > >>>> > grep -R vendor * gives only a few hit that could be cured by >>>> symlinking >>>> > >>>> > Bastien >>>> Hi, >>>> >>>> this files are used for test only, maybe severity could be decreased. >>> >>> I find the severity accurate: Relying on non-source code is a severe >>> violation of Debian Policy, not matter the purpose of relying on it. >> >> I think we should change the policy here. Running tests helps improve >> the quality of the software we ship. Many times the vendored code is >> used to ensure the code does not break in a specific situation. I don't >> think reducing test coverage in such situations is really helpful. > > Right, running tests helps improve the quality of software we ship. > Which is why you probably need to test using what's shipped in Debian > rather than using a vendored source-less code. > > If we rely on non-free code for tests, that's really bad too, and that > must be avoided just like we're avoiding source-less code everywhere > else in Debian. The policy shall not change, please. We are not talking about really-non-free code, but minified JavaScript code released under a free license. If we want to be strict here, there will be some excluded package: for example most of the softwares listed here will be excluded: https://lintian.debian.org/tags/embedded-javascript-library Is it what you want ?
Re: [Pkg-javascript-devel] Bug#995722: Not running tests because tests miss source code is not useful
Le 08/10/2021 à 10:18, Thomas Goirand a écrit : > On 10/7/21 7:06 AM, Yadd wrote: >> Le 06/10/2021 à 23:32, Thomas Goirand a écrit : >>> On 10/6/21 6:53 PM, Pirate Praveen wrote: >>>> [adding -devel] >>>> >>>> On ബു, ഒക്ടോ 6 2021 at 12:16:07 വൈകു +0200 +0200, Jonas Smedegaard >>>> wrote: >>>>> Quoting Yadd (2021-10-06 11:43:40) >>>>>> On Lu, 04 oct 21, 16:40:48, Bastien Roucari�s wrote: >>>>>> > Source: src:node-lodash >>>>>> > Version: 4.17.21+dfsg+~cs8.31.173-1 >>>>>> > Severity: serious >>>>>> > Justification: do not compile from source >>>>>> > >>>>>> > Dear Maintainer, >>>>>> > >>>>>> > The vendor directory should be emptied >>>>>> > >>>>>> > The debug version is compiled without source (lintian warn) and >>>>>> moreover the >>>>>> > rest of file are already packaged >>>>>> > >>>>>> > grep -R vendor * gives only a few hit that could be cured by >>>>>> symlinking >>>>>> > >>>>>> > Bastien >>>>>> Hi, >>>>>> >>>>>> this files are used for test only, maybe severity could be decreased. >>>>> >>>>> I find the severity accurate: Relying on non-source code is a severe >>>>> violation of Debian Policy, not matter the purpose of relying on it. >>>> >>>> I think we should change the policy here. Running tests helps improve >>>> the quality of the software we ship. Many times the vendored code is >>>> used to ensure the code does not break in a specific situation. I don't >>>> think reducing test coverage in such situations is really helpful. >>> >>> Right, running tests helps improve the quality of software we ship. >>> Which is why you probably need to test using what's shipped in Debian >>> rather than using a vendored source-less code. >>> >>> If we rely on non-free code for tests, that's really bad too, and that >>> must be avoided just like we're avoiding source-less code everywhere >>> else in Debian. The policy shall not change, please. >> >> We are not talking about really-non-free code, but minified JavaScript >> code released under a free license. >> >> If we want to be strict here, there will be some excluded package: for >> example most of the softwares listed here will be excluded: >> https://lintian.debian.org/tags/embedded-javascript-library >> >> Is it what you want ? > > I would like these binaries (yes, minified JS is the same as binaries) > to be replaced by source code. Yes, that's what I want... which is not > what you're pointing at. You're pointing at packages not using Debian > version of the libraries, which is different. > > Somehow, I believe it's kind of ok if *docs* are using their own version > of these files, provided it's not a minified version. > > Cheers, > > Thomas Goirand (zigo) Take a look, most of them embed a minified version (jquery* for example)
Re: Bug#995722: Not running tests because tests miss source code is not useful
Le 08/10/2021 à 22:54, Thomas Goirand a écrit : > On 10/8/21 10:20 AM, Yadd wrote: >> Take a look, most of them embed a minified version (jquery* for example) > Yeah ... Everyone upstream thinks it's ok to have 15907152438 copies of > jquery floating around... There's room for improvement for sure! :) > > Thomas Goirand (zigo) If you really consider minified files as binary, there's a room for creating a lot of RC bugs
Re: Bug#995722: Not running tests because tests miss source code is not useful
Le 10/10/2021 à 15:36, Kristian Nielsen a écrit : > Julien Puydt writes: > >> There was the case years ago of the smarteiffel compiler. It was supposed >> to be open source, but upstream only released C code. And that was bad, >> because it wasn't what *they* worked with: they had eiffel sources, and the >> C code was preprocessed and didn't allow/permit bootstrapping. It took some > > This is a good example, because it shows how "source code" is defined by > what upstream development uses, not merely by users being able to compile > the released code. > > But the situation here seems to be the opposite: The minified javascript > *is* what *they* (upstream developers) work with. They don't have a secret > unpublished build system to generate the minification from unpublished > sources. Presumably, if they need to update it, they would replace it with a > new minified file obtained from a newer release of that project. Or as has > been mentioned, the test might be testing a problem against that very > specific version of the javascript minification, in which case it will never > be changed at all - as that would instead be the addition of a separate > testcase. > > Thus, the minified file *is* the preferred (by the upstream developers) form > of the work for making modifications to it. Which is how source code is > defined in the GPL, for example. It seems wrong to me to define "source > code" as something that the upstream development does not use and which > doesn't actually exist anywhere. > > As an extreme example, some people prefer Rust to C, but that does not mean > that a C program must be re-written in Rust to satisfy the "preferred form > of work" condition for source code. > > This still leaves the Vendoring problem. Even if we consider the minified > javascript "source" in the context of the upstream development, it obviously > isn't source in the context of the original javascript library project. If > the javascript library is GPL, for example, it will require the availability > of the correct version of the source code along with the minification. > > I think there is a subtle but important distinction here: > > 1. A program not being free because it is missing what upstream developers > consider "source" (as in the smarteiffel example). > > 2. A program being unsuitable for debian because it is developed in a way > that effectively requires Vendoring of sources of dependencies. > > - Kristian. For now: $ cat tags/s/source-contains-prebuilt-javascript-object.tag Tag: source-contains-prebuilt-javascript-object Severity: pedantic Check: cruft Explanation: The source tarball contains a prebuilt (minified) JavaScript object. They are usually left by mistake when generating the tarball by not cleaning the source directory first. You may want to report this as an upstream bug, in case there is no sign that this was intended. Following this discussion, it should be a "Severity: error", shouldn't it?
Re: d/watch for Gitea's new dynamic pages
On Thu, Nov 4, 2021 at 12:48 PM Johannes Schauer Marin Rodrigues
wrote:
>
>> filenamemangle=s/.+\/tag\/(\d\S+)$/foot-$1\.tar\.gz/ \
> filenamemangle=s{.*/(.*)}{@PACKAGE@-$1.tar.gz} \
I think this is more generic:
filenamemangle=s/.*?(@ANY_VERSION@@ARCHIVE_EXT@)/@PACKAGE@-$1/
(not dependent to compression format)
Re: d/watch for Gitea's new dynamic pages
Le 07/11/2021 à 21:37, Felix Lechner a écrit :
> Hi
>
> On Thu, Nov 4, 2021 at 12:48 PM Johannes Schauer Marin Rodrigues
> wrote:
>>
>>> filenamemangle=s/.+\/tag\/(\d\S+)$/foot-$1\.tar\.gz/ \
>> filenamemangle=s{.*/(.*)}{@PACKAGE@-$1.tar.gz} \
>
> mapreri pointed out that 'USCAN_SYMLINK=rename' is superior to
> 'filenamemangle' in both of our cases.
>
> Lintian will also suggest it very soon (more generally).
>
> Kind regards
> Felix Lechner
Yes, but USCAN_SYMLINK is a local parameter, filenamemangle is better in
a team
Cheers,
Yadd
Re: How to receive a mail on new upstream version
Hi, udd provides RSS Cheers, Yadd Le 21 novembre 2021 22:58:48 GMT+01:00, Alexis Murzeau a écrit : >Hi, > >Is there a way to receive a mail when a new upstream version is released ? > >I've subscribed to my package on https://tracker.debian.org but I don't >receive mails for new upstream releases. > >Maybe there is other ways ? > >-- >Alexis Murzeau >PGP: B7E6 0EBB 9293 7B06 BDBC 2787 E7BD 1904 F480 937F| > -- Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.
uscan roadmap
Hi, after few discussions with some devscripts maintainers, we decided to build a new "version=5" format for debian/watch. Principles: * keep compatibility with versions 3 and 4, no need to change all debian/watch files * new version 5 format using the same syntax than other debian/* files (rfc822 + "# comments") * no option renaming (becomes case-insensitive to be compliant with all formats) * Version 5: * Main (first) paragraph contains "Version: 5" and optional options that change default values for source-paragraph * URL and regex are separated * Some default values change. For example, `dversionmangle` default value will be "auto" (drop +dfsg, ~ds,...), uversionmangle=s/-/~/g, filenamemangle=s/.*?(\d[\d\.]*@ARCHIVE_EXT@)/@PACKAGE@-$1/... Example: Version: 5 Source: https://... Some new features to simplify debian/watch: * a scheme option with the following values: * "stable": digit-only versions (maybe default value) * "semver": semver versions only (see semver.org) * "any": version matching current @ANY_VERSION@ macro Example: Version: 5 Scheme: stable Source: https://... Component: foo Source: https://... Component: bar Source: https://... Scheme: semver Then a current GitHub changes from: version=4 opts=\ dversionmangle=auto,\ filenamemangle=s/.*?(\d[\d\.]*@ARCHIVE_EXT@/@PACKAGE@-$1/ \ https://github.com/foo/bar/tags .*/archive/.*/v?([\d\.]+).tar.gz to: Version: 5 Scheme: stable Source: https://github.com/foo/bar/tags Then to include rc/beta releases: Version: 5 Scheme: semver Source: https://github.com/foo/bar/tags Version 5 adds also new macros (used by Scheme of course): * @STABLE_VERSION@ * @SEMVER@ Uscan API will also provide a "write" function usable by a provided script to convert old formats to new. Of course, comments are welcome! Cheers, Yadd
Re: uscan roadmap
On 01/12/2021 12:39, Geert Stappers wrote: Summary: unhide redirectors On Wed, Dec 01, 2021 at 09:11:17AM +0100, Yadd wrote: Hi, after few discussions with some devscripts maintainers, we decided to build a new "version=5" format for debian/watch. Principles: * keep compatibility with versions 3 and 4, no need to change all debian/watch files * new version 5 format using the same syntax than other debian/* files (rfc822 + "# comments") * no option renaming (becomes case-insensitive to be compliant with all formats) * Version 5: * Main (first) paragraph contains "Version: 5" and optional options that change default values for source-paragraph * URL and regex are separated * Some default values change. For example, `dversionmangle` default value will be "auto" (drop +dfsg, ~ds,...), uversionmangle=s/-/~/g, filenamemangle=s/.*?(\d[\d\.]*@ARCHIVE_EXT@)/@PACKAGE@-$1/... Example: Version: 5 Of course, comments are welcome! I think the move from v4 to v5 is an excellent opportunity to express in the watch file that there is a dependency on a redirector. Example version=4 https://sf.net// -(.+)\.tar\.gz debian uupdate becomes something like Version: 5 Source: https://qa.debian.org/watch/sourceforge/ -(.+)\.tar\.gz debian uupdate Fix: will be Version: 5 Source: https://qa.debian.org/watch/sourceforge/ Regex: -(.+)\.tar\.gz And I don't think "uupdate" is still useful. Personally I dislike redirectors. For npmjs, I wrote a "serachMode=plain" to be able to parse npm JSON result, also because there are a lot of npmjs packages and redirector was often unable to respond. This is different of course for sf.net because it needs JS interpretation And I think such change will allow removal of bare Disable all site specific special case code such as URL redirector uses and page content alterations. from the uscan code and uscan manual page (they are in /usr/bin/uscan ) Yes, doc will be updated The goal is to have documented that there are extra components being used. Avoiding nasty surprises. Groeten Geert Stappers Thanks! P.S. Awareness of redirectors will get us more redirectors. Those redirectors will help us to prevent that `uscan` must get a javascript interpreter
Re: uscan roadmap
On 01/12/2021 12:50, Mattia Rizzolo wrote: On Wed, Dec 01, 2021 at 12:39:41PM +0100, Geert Stappers wrote: Summary: unhide redirectors And not only. On Wed, Dec 01, 2021 at 09:11:17AM +0100, Yadd wrote: after few discussions with some devscripts maintainers, we decided to build a new "version=5" format for debian/watch. To be clear, this is a *very* non-ready proposal that we are getting through the wider community. Nothing of this is implemented anywhere. * URL and regex are separated * Some default values change. For example, `dversionmangle` default value will be "auto" (drop +dfsg, ~ds,...), uversionmangle=s/-/~/g, filenamemangle=s/.*?(\d[\d\.]*@ARCHIVE_EXT@)/@PACKAGE@-$1/... I honestly would like to add website-aware functionalities to uscan, such as exactly this. I think the move from v4 to v5 is an excellent opportunity to express in the watch file that there is a dependency on a redirector. [..] Version: 5 Source: https://qa.debian.org/watch/sourceforge/ -(.+)\.tar\.gz debian uupdate I would like something like: Source: qa-redirector Source-Options: name: sourceforge project: Likewise, I would love if uscan could just learn how github, gitlab, launchpad, etc are made so prople won't have to bother with sticking urls into watchfiles, such as: Source: GitHub Source-Options: namespace: trendmicro project: tlsh match-on: tags|releases OK, "Source" will be: * a keyword known by uscan DB * a URL for other websites And what about default version value, "stable" (only digits), "semver" or "any" (== @ANY_VERSION@) To go either matching on https://github.com/trendmicro/tlsh/tags or https://github.com/trendmicro/tlsh/releases. using then Scheme (a name that, tbh, I don't particularly like right now) for the tags or releases regex. And I think such change will allow removal of bare Disable all site specific special case code such as URL redirector uses and page content alterations. from the uscan code and uscan manual page (they are in /usr/bin/uscan ) The goal is to have documented that there are extra components being used. Avoiding nasty surprises. this feels like the opposite direction I'm proposing above :D Seconded Awareness of redirectors will get us more redirectors. Those redirectors will help us to prevent that `uscan` must get a javascript interpreter. Possibly, I'm indeed kind of unimpressed that we grew a parse for nodejs' package.json and perl's META.json. Though I accepted it because I saw some value, I'm totally in awe of universes where that is actually needed.. This is very useful for package with components. This is the only way to be able to `uscan --download-current-version`.
Re: uscan roadmap
On 01/12/2021 13:14, Jonas Smedegaard wrote: Quoting Yadd (2021-12-01 13:04:09) On 01/12/2021 12:50, Mattia Rizzolo wrote: Possibly, I'm indeed kind of unimpressed that we grew a parse for nodejs' package.json and perl's META.json. Though I accepted it because I saw some value, I'm totally in awe of universes where that is actually needed.. This is very useful for package with components. This is the only way to be able to `uscan --download-current-version`. Speakin of components, it would be quite helpful if possible to handle versions of components - e.g. upgrade all components except SomeComponent like this: `uscan --download-current-version-SomeComponent` Yes, maybe with a --download-compat-version-SomeComponent which will accept upgrades only if it is semver-compatible (no major updates) Note that this will be in a separated MR (not related to version change)
Re: uscan roadmap
On 01/12/2021 18:39, Thomas Goirand wrote: Hi Yadd, Thanks a lot for working on this. What you are proposing (ie: using a mime thing, which is easy to parse instead of the dirty command-line oriented thingy of version 3 and 4) feels much nicer than what we currently have. On 12/1/21 12:53 PM, Yadd wrote: Fix: will be Version: 5 Source: https://qa.debian.org/watch/sourceforge/ Regex: -(.+)\.tar\.gz That's much nicer than previous proposal! And I don't think "uupdate" is still useful. IMO, it is needed. That's what is nice with calling scripts: it can take care with programming of things you didn't even think of. If you remove it, the risk is that maintainers will continue to use version 3 or 4, because they still need an update script. How about: Update-Script: uupdate ? Looks good to me
Re: uscan roadmap
On 01/12/2021 21:07, Patrice wrote: Really great! And could the new uscan read a watch file from version 3/4/5 and output a version 5 of it by its own (in-place or stdout)? uscan --standardize :-) Yes but without optimization neither scheme (except some few fields). Example: version=4 opts=uversionmangle=s/-/~/g,pgpmode=none \ https://... .*(\d[\d\.]*)@ARCHIVE_EXT@ will be translated into: Version: 5 Source: https://... Regex: .*(\d[\d\.]*)@ARCHIVE_EXT@ Uversionmangle: s/-/~/g You'll have to manually modify it into Version: 5 Scheme: stable Source: https://...
Re: uscan roadmap
Le 2 décembre 2021 00:34:27 GMT+01:00, Paul Wise a écrit : >On Wed, 2021-12-01 at 12:53 +0100, Yadd wrote: > >> Personally I dislike redirectors. > >A redirector service is superior to including the redirector code >within uscan itself or within a debian/watch file, since when the >upstream website breaks the existing code, a service can be updated in >one place immediately, while uscan in Debian stable will be broken >until the next point release if it gets fixed at all and one in >debian/watch requires every package using the site to get updated. > Yes but the redirector often responded with 500 codes -- Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.
Re: uscan roadmap
On 02/12/2021 10:16, Yadd wrote:
On 02/12/2021 00:34, Paul Wise wrote:
On Wed, 2021-12-01 at 12:53 +0100, Yadd wrote:
Personally I dislike redirectors.
A redirector service is superior to including the redirector code
within uscan itself or within a debian/watch file, since when the
upstream website breaks the existing code, a service can be updated in
one place immediately, while uscan in Debian stable will be broken
until the next point release if it gets fixed at all and one in
debian/watch requires every package using the site to get updated.
Yes but the redirector often responded with 500 codes
Another idea to have a compromise:
* uscan is released with versioned schemes (GitHub.json, sf.json,...)
* when launched, it tries to download new version from a new Debian API
(static json files)
* if no response or no new version, uscan uses its own scheme or a
previously downloaded update (verifying signature)
* if a new version is available from new redirector:
* it verifies GPG signature of new scheme
* if not OK, it warns and uses cached scheme
* if OK, it stores it with signature in ~/.cache/uscan/schemes
Then:
* no more redirector with an heavy load, but just some JSON schemes
statically stored
* uscan still works if Debian website doesn't respond
* GPG permits to be sure that scheme isn't corrupted (released files
are as protected as uscan itself because owned by root)
* easy update if upstream store changes its behavior: just to update
one JSON file
What do you think about this idea? Which GPG keys will be accepted?
More than one scheme could be used. Example:
Schemes: GitHub, stable
Schemes: GitHub, semver
GitHub scheme:
{
"Version": "1.0",
"filenamemangle": "auto",
"regex": "archive/.*/v?(@DEFAULT_VERSION_REGEX@)@ARCHIVE_EXT@$",
...
}
"stable" scheme:
{
"Version": "1.0",
"Default-Version-Regex": "(?:0|[1-9]\d*)(?:0|[1-9]\d*)*"
}
Re: uscan roadmap
On 01/12/2021 22:16, Yadd wrote: On 01/12/2021 21:07, Patrice wrote: Really great! And could the new uscan read a watch file from version 3/4/5 and output a version 5 of it by its own (in-place or stdout)? uscan --standardize :-) Yes but without optimization neither scheme (except some few fields). Example: version=4 opts=uversionmangle=s/-/~/g,pgpmode=none \ https://... .*(\d[\d\.]*)@ARCHIVE_EXT@ will be translated into: Version: 5 Source: https://... Regex: .*(\d[\d\.]*)@ARCHIVE_EXT@ Uversionmangle: s/-/~/g You'll have to manually modify it into Version: 5 Scheme: stable Source: https://... Done, uscan from https://salsa.debian.org/debian/devscripts/-/merge_requests/251 is already: * natively working with watchFiles version 5 * able to read old versions transparently (using a wrapper) * able to convert files from version 3/4 to 5 (using the same wrapper), and probably versions 1/2 (not fully tested): uscan --update-watchfile Don't us it for now except for tests, key names will probably change Looking at test results: no regression, all passed
Re: uscan roadmap
On 05/12/2021 10:26, Timo Röhling wrote: Hi Yadd, thank you very much for your work on uscan. That new version 5 format looks really promising. * Yadd [2021-12-01 09:11]: * Version 5: * Main (first) paragraph contains "Version: 5" and optional options that change default values for source-paragraph * URL and regex are separated * Some default values change. For example, `dversionmangle` default value will be "auto" (drop +dfsg, ~ds,...), uversionmangle=s/-/~/g, filenamemangle=s/.*?(\d[\d\.]*@ARCHIVE_EXT@)/@PACKAGE@-$1/... [...] Of course, comments are welcome! I have a feature request regarding signature verification. As luck would have it, I maintain three packages with upstream signatures; one of them is me being my own upstream, and the other two do not use the "standard" approach with one GnuPG signature per source tarball: - cmake releases its sources in multiple archive formats and signs them indirectly (a text file with SHA256 hashes) [1]. - liblzf uses the BSD signify tool [2] and only GnuPG-signs the signify key. I don't know if any of these schemes are used elsewhere (more likely for the CMake approach, less likely for liblzf, I'd guess), but it would be nice if uscan offered some support for this; maybe a hook to run the signature verification by an external script with autopkgtest semantics (fail if output occurs on stderr the script returns with a non-zero exit code). Hi, this was ~impossible using previous format. With new format, things like pgpmode=previous/next will still be accepted (to avoid regressions) but new things will be possible. Example (not yet implemented): Version: 5 Source: https://url... Version-Regex: @PACKAGE@@ANY_VERSION@@ARCHIVE_EXT@ Pgp-Version-Regex: @PACKAGE@@SAME_VERSION@@ARCHIVE_EXT@.asc Then it will be possible to implement new signature workflows, maybe something like: Version: 5 Source: https://url... Version-Regex: @PACKAGE@@ANY_VERSION@@ARCHIVE_EXT@ Pgp-Mode: sha256-hashes Sha256-Version-Regex: .*@SAME_VERSION@.sig Cheers, Yadd
Pb with version comparison
Hi all, during an update I encountered a problem: * package node-is-plain-object breaks gulp < 4.0.2-9 (both already migrated to testing) * I created new gulp: 4.0.2+~cs54.26.36-1 * gulp-4.0.2+~cs54.26.36-1 is considered as newer than 4.0.2-9 during install which is logical * When launching another build (schroot) with this new package, build failed because dpkg considers 4.0.2+~cs54.26.36-1 < 4.0.2-9 and refuse to install gulp-4.0.2+~cs54.26.36-1 with node-is-plain-object Did I something wrong or is there a bug somewhere else? To workaround, I modified node-is-plain-object "Breaks" field for now Cheers, Yadd
Bug#1002492: ITP: node-d3-flame-graph -- D3.js plugin that produces flame graphs from hierarchical data
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, 996...@bugs.debian.org * Package name: node-d3-flame-graph Version : 4.1.3 Upstream Author : Martin Spier <http://martinspier.io> * URL : https://github.com/spiermar/d3-flame-graph * License : Apache-2.0 Programming Lang: JavaScript Description : D3.js plugin that produces flame graphs from hierarchical data Flame graphs are a visualization of profiled software, allowing the most frequent code-paths to be identified quickly and accurately. node-d3-flame-graph is a D3.js plugin that produces flame graphs from hierarchical data. This package is required to fix #996839 (linux-perf-5.14)
Bug#1003726: ITP: node-uvu -- Extremely fast and lightweight test runner for Node.js and the browser
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org, pkg-javascript-de...@alioth-lists.debian.net * Package name: node-uvu Version : 0.5.3 Upstream Author : Luke Edwards * URL : https://github.com/lukeed/uvu * License : Expat Programming Lang: JavaScript Description : Extremely fast and lightweight test runner for Node.js and the browser There are many JavaScript test frameworks, most popular are tap, tape, mocha and jest (packaged). Only jest is able to test browser libraries in this list. Some upstream authors prefer to switch to uvu because this one is faster and able to testbrowser libraries. To avoid having to many untested packages, I'm going to package uvu. It will be used quickly (to test new node-postcss for example). I packaged also node-jasmine which is able to test browser libraries (only). Note also that test written for one of these frameworks are not compatible with another except jest that understand partially mocha tests. Package will be maintained under Pkg-JS Team umbrella.
Bug#1004551: ITP: node-ink -- command-line utility to test react.js component
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-ink Version : 3.2.0 Upstream Author : Vadim Demedes * URL : https://github.com/vadimdemedes/ink * License : Expat Programming Lang: JavaScript Description : command-line utility to test react.js component Ink provides the same component-based UI building experience that React offers in the browser, but for command-line apps. It uses Yoga to build Flexbox layouts in the terminal, so most CSS-like props are available in Ink as well. If you are already familiar with React, you already know Ink. Since Ink is a React renderer, it means that all features of React are supported. Head over to React website for documentation on how to use it. Only Ink's methods will be documented in this readme. This package is a dependency of node-tap 15. It will be maintained under JS team umbrella
Bug#1004846: ITP: libauthen-webauthn-perl -- Perl module to add Web Authentication support to server applications
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: libauthen-webauthn-perl Version : 0.0.1 Upstream Author : Lemonldap::NG Team * URL : https://metacpan.org/release/Authen-WebAuthn * License : GPL-2+ Programming Lang: Perl Description : Perl module to add Web Authentication support to server applications The goal of WebAuthn is to standardize an interface for authenticating users to web-based applications and services using public-key cryptography. Authen::WebAuthn is a port of it for Perl based applications. It is a dependency of next version of lemonldap-ng (2.0.14). package will be maintained under Perl team Umbrella.
Bug#1005026: ITP: node-ampproject-remapping -- nodejs module to remap sequential sourcemaps through transformations
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-ampproject-remapping Version : 2.0.4 Upstream Author : Justin Ridgewell * URL : https://github.com/ampproject/remapping * License : Apache-2.0 Programming Lang: JavaScript Description : nodejs module to remap sequential sourcemaps through transformations Remapping allows one to take the sourcemaps generated through transforming code and "remap" them to the original source locations. Think "my minified code, transformed with babel and bundled with webpack", all pointing to the correct location in your original source code. With remapping, none of the source code transformations need to be aware of the input's sourcemap, they only need to generate an output sourcemap. This greatly simplifies building custom transformations (think a find-and-replace). node-ampproject-remapping is a dependency of next node-babel. Will be maintained under JS Team umbrella.
Bug#1005090: ITP: node-zx -- Tool to launch modern Javascript scripts
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-zx Version : 4.3.0 Upstream Author : Anton Medvedev * URL : https://github.com/google/zx * License : Apache-2.0 Programming Lang: JavaScript Description : Tool to launch modern Javascript scripts Bash is great, but when it comes to writing scripts, people usually choose a more convenient programming language. JavaScript is a perfect choice, but standard Node.js library requires additional hassle before using. The `zx` package provides useful wrappers around `child_process`, escapes arguments and gives sensible defaults. This library is required to update node-core-js. Will be maintained under JS Team umbrella.
Bug#1006466: ITP: qunit -- powerful, easy-to-use JavaScript testing framework
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: qunit Version : 2.18.0 Upstream Author : OpenJS Foundation and other contributors <https://github.com/qunitjs/qunit/blob/2.18.0/AUTHORS.txt> * URL : https://qunitjs.com * License : Expat Programming Lang: JavaScript Description : powerful, easy-to-use JavaScript testing framework QUnit was originally developed for the jQuery project and has since evolved to test any client-side or server-side JavaScript code. QUnit suports Node.js, SpiderMonkey, and all major web browsers. This package is another JS test framework, needed to test some packages (node-dompurify for example). It will be maintained under JS Team umbrella
Bug#1006972: ITP: node-tad -- Javascript test suite with minimal hassle
Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: node-tad Version : 3.1.0 Upstream Author : Mariusz Nowak * URL : https://github.com/medikoo/tad * License : ISC Programming Lang: JavaScript Description : Javascript test suite with minimal hassle TAD is a Javascript test suite that allow writing tests with minimal hassle. It locates test file and provide tested module for test functions. There are already many JS test suites in Debian, however test files are not compatible. This test suite is required to enable test, at least, for: node-es5-ext, node-es6-iterator, node-es6-map, node-es6-set, node-es6-symbol, node-es6-weak-map and node-event-emitter. Package will be maintained under JS Team umbrella.
