GnuPG 2.4 was released in 2022, long before the LibrePGP schism. It is
generally not clear to me how the divergence from upstream is a reason
to favor 2.2 over 2.4, except that patches have to be ported (once?).
I also do not understand what is wrong/lacking with the already patched
versions in Ex
> > two things: first, what is a "core component of Debian" is very much up to
> > debate, but I'd be quite surprised if anybody made the case that adequate
> > is.
>
> adequate is run on all 7 binary packages on piuparts.debian.org. I'm
> really
> curious whether this will blow up when piupa
Hi Andreas
Good point on anonscm as well... that really does blow out the numbers.
However... some of them still work via the aliasing mechanism that was
introduced at the time of migration to salsa. Duck used to check them
all but I don't think it is running any more, unfortunately. vcswatch
On 20/12/2024 12:30, Ansgar 🙀 wrote:
> On Fri, 2024-12-20 at 13:00 +0100, Samuel Thibault wrote:
>> Ansgar 🙀, le ven. 20 déc. 2024 12:01:24 +0100, a ecrit:
>> > It also avoids the problem of removed-but-not-purged packages.
>>
>> With files copied into /etc, you will still have configuration files
Thanks for this discussion, all--
On Tue 2025-01-07 15:16:27 +0100, Simon Josefsson wrote:
> I believe this would be good, I frequently run into GnuPG bugs in the
> 2.2.x branch that was fixed years ago in 2.4
Can you identify some of those bugs? It would be good to be clear about
what 2.2 is la
On Jan 8, 2025 18:07, Peter Pentchev wrote:.
> I am mostly concerned with content that may be viewed as illegal,
> in the context of "this was pulled in automatically, there was no
> human being who initiated that action, so there is nobody but
> the site admins to be held responsible".
Package: wnpp
Severity: wishlist
Owner: Arthur Diniz
* Package name: golang-k8s-component-base
Version : 0.31.4
Upstream Author : Kubernetes
* URL : https://github.com/kubernetes/component-base
* License : Apache-2.0
Programming Lang: Go
Description : T
> Well, "some places" includes basically all home users, at least in
> Sweden where I live. This is not about ISPs blocking "some traffic",
> they only block outgoing smtp traffic on default ports. The reasons are
> obvious.
>
> That is, it's often a pain to set up outgoing SMTP. As a user you do
hi Holger,
On Wed Jan 8, 2025 at 11:57 AM CET, Holger Levsen wrote:
> On Tue, Jan 07, 2025 at 11:55:30PM +0100, Serafeim (Serafi) Zanikolas wrote:
> > two things: first, what is a "core component of Debian" is very much up to
> > debate, but I'd be quite surprised if anybody made the case that ade
Hello,
On 2025/01/07 20:37, nick black wrote:
nick black left as an exercise for the reader:
this wasm file is, again, distributed with the zig-bootstrap and zig sources.
it is a binary and knocks us out of main. this file can be recreated, using
sources from within the zig repository, with a w
Le 2025-01-07 21:27, Russ Allbery a écrit :
I think I'm missing something. Why does the use of this file knock the
package out of main? We are distributing the source code for this file,
and it is presumably under a free software license.
The bootstrap is circular and has to be kicked off with
Le 2025-01-08 18:07, Peter Pentchev a écrit :
in the context of "this was pulled in automatically, there was no
human being who initiated that action, so there is nobody but
the site admins to be held responsible".
Actually the chain of responsibility can be traced back to another human
even i
On Tue, 07 Jan 2025 11:29:59 +0100, Marco d'Itri wrote:
> On Jan 07, Raphael Hertzog wrote:
> > This change basically adds the recommendation to use "upstreamvcs" as the
> > name of the "git remote" to access the upstream repository and it also
> Like many others, this looks like a gratuitous cha
On 2025-01-08 Jonathan McDowell wrote:
> On Tue, Jan 07, 2025 at 07:01:51PM +0100, Andreas Metzler wrote:
[...]
>> Should we move to 2.4? 2.4 is not a LTS release and will also EOL in
>> trixie' soon (2026-06-30).
> I haven't been fully following the GnuPG situation, but did the
> situation whe
On Wed, Jan 08, 2025 at 02:59:16PM +, Luca Boccassi wrote:
> On Wed, 8 Jan 2025 at 14:35, Peter Pentchev wrote:
> >
> > On Wed, Jan 08, 2025 at 10:19:34AM +0100, Julien Plissonneau Duquène wrote:
> > > Le 2025-01-07 21:52, Peter Pentchev a écrit :
> > > >
> > > > Hm. That sounds interesting, b
Le 2025-01-08 15:35, Peter Pentchev a écrit :
Hm, I would be really, really surprised if there was even one "large
platform" that did not shift the responsibility to the user by having
them sign a terms of service document upon account registration.
They don't make you sign anything, and most
Hi Stuart,
Am Wed, Jan 08, 2025 at 12:46:58PM +1100 schrieb Stuart Prescott:
> > Lets think about some better fine tuning. "NOT LIKE '%salsa%'" might
> > catch also Vcs URLs that are intentionally somewhere else. While I'd
> > love to see all packages on Salsa, it might be sensible to start with
On Wed, 8 Jan 2025 at 14:35, Peter Pentchev wrote:
>
> On Wed, Jan 08, 2025 at 10:19:34AM +0100, Julien Plissonneau Duquène wrote:
> > Le 2025-01-07 21:52, Peter Pentchev a écrit :
> > >
> > > Hm. That sounds interesting, but I think the Debian project cannot
> > > protect such a mirror from autom
On Wed, Jan 08, 2025 at 03:21:43PM +0100, Helmut Grohne wrote:
> write some tests. As a result, I'm attaching a shell script. It
A kind soul reminded me of actually attaching something.
Helmut
m18_diversions.sh
Description: Bourne shell script
Hello fellow developers,
I have bad news about /usr-move. The primary mitigation (M18) for
aliased diversions (P3) as implemented by me in quite a few packages is
broken. This was brought to my attention by independent reports of Emil
Södergren and Colin Watson on live-build and debian-installer-u
On Wed, Jan 08, 2025 at 10:19:34AM +0100, Julien Plissonneau Duquène wrote:
> Le 2025-01-07 21:52, Peter Pentchev a écrit :
> >
> > Hm. That sounds interesting, but I think the Debian project cannot
> > protect such a mirror from automatically bringing in non-DFSG content
> > that appears in the r
Package: wnpp
Severity: wishlist
Owner: Weng Qizhi
X-Debbugs-Cc: debian-devel@lists.debian.org, zhi...@foxmail.com
* Package name: fonts-maple-mono
Version : 7.0-beta34
Upstream Contact: subframe7536
* URL : https://github.com/subframe7536/maple-font
* License
Package: wnpp
Severity: wishlist
Owner: Alexandre Detiste
X-Debbugs-Cc: debian-devel@lists.debian.org, cjwat...@debian.org
* Package name: python-dataset
Version : 1.6.2
Upstream Contact: Friedrich Lindenberg
* URL : https://github.com/pudo/dataset
* License :
On 08/01/25 06:31, Otto Kekäläinen wrote:
This change basically adds the recommendation to use "upstreamvcs" as the
name of the "git remote" to access the upstream repository and it also
documents the possibility to merge the upstream commits in the
"upstream/latest" branch (as proposed by gbp im
On Tue, Jan 07, 2025 at 11:55:30PM +0100, Serafeim (Serafi) Zanikolas wrote:
> two things: first, what is a "core component of Debian" is very much up to
> debate, but I'd be quite surprised if anybody made the case that adequate is.
adequate is run on all 7 binary packages on piuparts.debian.
On Tue, Jan 07, 2025 at 07:01:51PM +0100, Andreas Metzler wrote:
> On 2025-01-07 Simon Josefsson wrote:
> [...]
>
> > I believe this would be good, I frequently run into GnuPG bugs in the
> > 2.2.x branch that was fixed years ago in 2.4 and today I mostly these on
> > Debian because others moved
Le 2025-01-07 21:52, Peter Pentchev a écrit :
Hm. That sounds interesting, but I think the Debian project cannot
protect such a mirror from automatically bringing in non-DFSG content
that appears in the remote repository. One might even take this one
step
further and go to content forbidden by
27 matches
Mail list logo
