Re: New supply-chain security tool: backseat-signed

On Thu, Apr 11, 2024 at 01:27:54PM -0500, G. Branden Robinson wrote: > At 2024-04-11T15:37:46+0100, Colin Watson wrote: > > On Thu, Apr 11, 2024 at 10:26:55AM -0400, Theodore Ts'o wrote: > > > Or, because some upstream maintainers have learned through, long, > > > bitter experience that newer versi

Re: finally end single-person maintainership

Le Tue, Apr 09, 2024 at 12:18:02AM +0200, Johannes Schauer Marin Rodrigues a écrit : > we need both. Domain specific knowledge is clearly very important and I'm not > trying to argue against it. But doing packaging in a way such that it becomes > easy for others to contribute is *also* every impor

Re: New supply-chain security tool: backseat-signed

At 2024-04-11T15:37:46+0100, Colin Watson wrote: > On Thu, Apr 11, 2024 at 10:26:55AM -0400, Theodore Ts'o wrote: > > Or, because some upstream maintainers have learned through, long, > > bitter experience that newer versions of autoconf tools may result > > in the generated configure script to be

Bug#1068823: Stepwise Debian upgrade to enable systems with little free storage space to upgrade without breaks due to "No space left on device"

Package: general A distro upgrade of Debian needs a lot of disk space on the root partition. That partition often doesn't have a large size. That could for example be because it's on a mobile device, on a SSD drive, has lots of installed software, or because the user simply followed the advice o

Re: New supply-chain security tool: backseat-signed

On Thu, Apr 11, 2024 at 03:37:46PM +0100, Colin Watson wrote: > > When was the last time this actually happened to you? I certainly > remember it being a problem in the early 2.5x days, but it's been well > over a decade since this actually bit me. I'd have to go through git archives, but I beli

Re: New supply-chain security tool: backseat-signed

On Thu, Apr 11, 2024 at 10:26:55AM -0400, Theodore Ts'o wrote: > On Sat, Apr 06, 2024 at 04:30:44PM +0100, Simon McVittie wrote: > > But, it is conventional for Autotools projects to ship the generated > > ./configure script *as well* (for example this is what `make dist` > > outputs), to allow the

Re: New supply-chain security tool: backseat-signed

On Sat, Apr 06, 2024 at 04:30:44PM +0100, Simon McVittie wrote: > > But, it is conventional for Autotools projects to ship the generated > ./configure script *as well* (for example this is what `make dist` > outputs), to allow the project to be compiled on systems that do not > have the complete A

Bug#1068803: ITP: python-sphinxcontrib.django -- improves the documentation of Django apps

Package: wnpp Severity: wishlist Owner: Michael Fladischer X-Debbugs-Cc: debian-devel@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: python-sphinxcontrib.django Version : 2.5 Upstream Contact: Timo Brembeck * URL : https://github.com