ceduardo wrote:
> The powerfull, vi, vim, gcc, g++, gdb and the others that I don't know
> in this moment.
Every C and C++ programmer should use Valgrind, often.
Static analysis tools like cppcheck and flawfinder are also useful.
All of these tools are available in debian main.
Erik
--
--
On Tue, 09 Mar 2010, Brian May wrote:
> A number of packages, such as openldap have been changed to support
> gnutls, instead of openssl, to avoid licensing issues in openssl.
>
> However, it appears that gnutls uses libgcrypt, and libgcrypt has
> several serious design issues.
>
> 1. libgcrypt d
Harald Braumann writes:
> On Thu, Mar 18, 2010 at 04:52:07PM -0700, Russ Allbery wrote:
>> You add an additional ar member that contains the signed checksums of
>> all of the files in data.tar.gz, possibly another additional member
>> that contains the signed checksums for control.tar.gz, or you
On Thu, Mar 18, 2010 at 04:52:07PM -0700, Russ Allbery wrote:
> Frank Lin PIAT writes:
>
> > I have no strong preferences between signed APT and SIGNED DEBs... it is
> > just that the remaining of the thread showed that signed DEBs are quite
> > tough to implement. (and I still wonder how we coul
On Fri, 2010-03-19 at 17:40 +0100, Wouter Verhelst wrote:
> On Thu, Mar 18, 2010 at 04:52:07PM -0700, Russ Allbery wrote:
> > You add an additional ar member that contains the signed checksums of all
> > of the files in data.tar.gz, possibly another additional member that
> > contains the signed ch
Wouter Verhelst wrote:
> On Fri, Mar 19, 2010 at 09:14:13AM +0100, Frank Lin PIAT wrote:
>> On Thu, 2010-03-18 at 12:39 +0100, Harald Braumann wrote:
>> > On Thu, Mar 18, 2010 at 08:31:40AM +0100, Goswin von Brederlow wrote:
>> > > Russ Allbery writes:
>> > > > Simon McVittie writes:
>> > >
>> >
On Fri, Mar 19, 2010 at 09:14:13AM +0100, Frank Lin PIAT wrote:
> On Thu, 2010-03-18 at 12:39 +0100, Harald Braumann wrote:
> > On Thu, Mar 18, 2010 at 08:31:40AM +0100, Goswin von Brederlow wrote:
> > > Russ Allbery writes:
> > > > Simon McVittie writes:
> > >
> > > >> Most packages (in terms of
On Thu, Mar 18, 2010 at 04:52:07PM -0700, Russ Allbery wrote:
> You add an additional ar member that contains the signed checksums of all
> of the files in data.tar.gz, possibly another additional member that
> contains the signed checksums for control.tar.gz, or you document some
> convention so t
Hi Gerrit,
Gerrit Pape wrote:
>
> dash has outstanding RC bugs. Some are a left-over from the /bin/sh
> transition from bash to dash, and still unresolved. IIRC Thorsten
> Glaser had some ideas on how to proceed, but we never discussed anything
> in this regard. Luk Claes and Raphael Geissert
Package: wnpp
Severity: wishlist
Owner: Al Nikolov
* Package name: trac-wikitablemacro
Version : 0.7785
Upstream Author : Martin Aspeli
* URL : http://trac-hacks.org/wiki/WikiTableMacro
* License : BSD
Programming Lang: Python
Description : Table from
Package: wnpp
Severity: wishlist
Owner: Maciej Smolenski
Owner: Maciej Smolenski
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
* Package name: liboropo-dbg
Version : 0.1
Upstream Author : Maciej Smolenski
* URL : http://www.oropo.org/
* License : BSD
Pr
merge 545717 574569
thanks
Le Thu, Mar 18, 2010 at 10:29:04PM -0500, Chris Silva a écrit :
> Package: wnpp
> Severity: wishlist
> Owner: Chris Silva
>
>
> * Package name: clamz
> Version : 0.2
> Upstream Author : Benjamin Moody
> * URL : http://code.google.com/p/cla
On Fri, Mar 19, 2010 at 10:38:24AM +0100, Goswin von Brederlow wrote:
> You can always sign the deb. The tools to sign and verify are all
> present. Only ftp-master stands in the way of using that.
I would love signed debs. But this is orthogonal to signed checksum
files and should probably discu
On Fri, Mar 19, 2010 at 09:14:13AM +0100, Frank Lin PIAT wrote:
> On Thu, 2010-03-18 at 12:39 +0100, Harald Braumann wrote:
> > On Thu, Mar 18, 2010 at 08:31:40AM +0100, Goswin von Brederlow wrote:
> > > Russ Allbery writes:
> > > > Simon McVittie writes:
> > >
> > > >> Most packages (in terms of
Russ Allbery writes:
> Goswin von Brederlow writes:
>
>> The changes files are signed by a human and therefor have a strong trust
>> level. The "was XYZ is now UVW" file would have to be automatically
>> signed and much less trustworthy.
>
> This objection makes no sense to me. The archive key
Russ Allbery writes:
> Goswin von Brederlow writes:
>
>> And what do you do when the archive key expires?
>
> Why would you need to do anything at all when the archive key expires?
> Keys don't become magically compromised or worthless just because they've
> expired. All it means is that you ca
Harald Braumann writes:
> On Thu, Mar 18, 2010 at 08:31:40AM +0100, Goswin von Brederlow wrote:
>> Russ Allbery writes:
>>
>> > Simon McVittie writes:
>> >
>> >> Most packages (in terms of proportion of the archive, in particular for
>> >> architectures other than i386 and amd64) are built by
On Thu, 2010-03-18 at 12:39 +0100, Harald Braumann wrote:
> On Thu, Mar 18, 2010 at 08:31:40AM +0100, Goswin von Brederlow wrote:
> > Russ Allbery writes:
> > > Simon McVittie writes:
> >
> > >> Most packages (in terms of proportion of the archive, in particular for
> > >> architectures other tha
19 matches
Mail list logo
