On Sat, 11 Mar 2017 21:50:51 +0100
Kristian Fiskerstrand wrote:
> A draft of a Pre-GLEP for the Security project is available for
> reading at https://wiki.gentoo.org/wiki/User:K_f/GLEP:Security
>
> The GLEP follows a line of GLEPs for special projects that have
> tree-wide access in order to en
On Sun, 12 Mar 2017 09:14:09 +0100
Alexis Ballier wrote:
> My point here is to avoid having all the responsibility falling under
> the lead
In other words: If you want to avoid having bugs inactive for too long,
don't introduce a bus factor of 1 through the project lead :)
Hi,
in EAPI 6 get_libdir function is not more available but I currently use
it on my eclass for initialize some metadata.
How can I retrieve environment $libdir path ? With LIBDIR_${cpu}
variable?
On mgorny post I read that get_libdir function is part of EAPI, but I
don't understand how this mea
W dniu 12.03.2017, nie o godzinie 10∶36 +0100, użytkownik Geaaru
napisał:
> Hi,
>
> in EAPI 6 get_libdir function is not more available but I currently use
> it on my eclass for initialize some metadata.
> How can I retrieve environment $libdir path ? With LIBDIR_${cpu}
> variable?
>
> On mgorny
Hi,
TL;DR: if you don't maintain a package, drop it to maintainer-needed, so
others can step up.
Lately I have had to deal with a fair number of packages which haven't
seen any maintainer activity for a few years already. This includes
packages with multiple bug reports which haven't seen any re
Thanks for replay. But if I try to use it inside my eclass inside my
overlay isn't resolved correctly. I receive an empty string. Could be
related that in my eclass function is not already available? Or related to
a wrong version of some packages?
On Mar 12, 2017 10:55 AM, "Michał Górny" wrote:
W dniu 12.03.2017, nie o godzinie 11∶02 +0100, użytkownik Geaaru
napisał:
> Thanks for replay. But if I try to use it inside my eclass inside my
> overlay isn't resolved correctly. I receive an empty string. Could be
> related that in my eclass function is not already available? Or related to
> a w
Split the estack_* and related functions from eutils into a dedicated
estack.eclass. Those functions have significant complexity and are not
used frequently, therefore they benefit from having a separate file
and an explicit dedicated maintainer.
The new eclass is implicitly inherited by eutils to
On Sun, 12 Mar 2017 10:36:33 +0100 Geaaru wrote:
> Hi,
>
> in EAPI 6 get_libdir function is not more available
???
It _is_ available.
In EAPI 6 get_libdir was removed from multilib.eclass and put to
EAPI 6:
https://projects.gentoo.org/pms/6/pms.html#x1-143034r25
P.S. Questions about ebuild writ
Move the prune_libtool_files into a dedicated ltprune.eclass.
The function is quite complex and depends on toolchain-funcs. It has
a separate maintainer, is not useful to non-autotools ebuilds, and even
there it is frequently replaced by the simpler 'find ... -delete' call.
Kill the unnecessary Pr
Changes in v2:
- now in split commits to ease review,
- removed eqawarn to avoid circ dep on eutils.
Remove the unnecessary Prefix logic from prune_libtool_files(). There is
no functional difference between starting a find in ${D} and ${ED}
(since ${D} is not supposed to contain other directories on a Prefix
system), and using the latter implies unnecessary hackery for older
EAPIs.
---
eclass/eut
Make the substitution errors in prune_libtool_files logic fatal to avoid
the dependency of eqawarn. They're extremely unlikely to happen anyway.
---
eclass/eutils.eclass | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/eclass/eutils.eclass b/eclass/eutils.eclass
index ab2
Move the prune_libtool_files into a dedicated ltprune.eclass.
The function is quite complex and depends on toolchain-funcs. It has
a separate maintainer, is not useful to non-autotools ebuilds, and even
there it is frequently replaced by the simpler 'find ... -delete' call.
The new eclass is impli
On Sun, 12 Mar 2017 12:00:08 +0100
Michał Górny wrote:
> Make the substitution errors in prune_libtool_files logic fatal to
> avoid the dependency of eqawarn. They're extremely unlikely to happen
> anyway. ---
> eclass/eutils.eclass | 7 ---
> 1 file changed, 4 insertions(+), 3 deletions(-)
Ok. Thank you very much for clarification.
And sorry, for next questions I will use gentoo-devhelp ml.
G.
On Mar 12, 2017 11:08 AM, "Michał Górny" wrote:
W dniu 12.03.2017, nie o godzinie 11∶02 +0100, użytkownik Geaaru
napisał:
> Thanks for replay. But if I try to use it inside my eclass insi
W dniu 12.03.2017, nie o godzinie 12∶35 +0100, użytkownik Alexis Ballier
napisał:
> On Sun, 12 Mar 2017 12:00:08 +0100
> Michał Górny wrote:
>
> > Make the substitution errors in prune_libtool_files logic fatal to
> > avoid the dependency of eqawarn. They're extremely unlikely to happen
> > anywa
On Sun, 12 Mar 2017 13:20:18 +0100
Michał Górny wrote:
> > If you go that way then it would be best if this function had a
> > 'has "virtual/pkgconfig" ${DEPEND} || die ...' kind of logic
>
> You can't reliably query DEPEND in an ebuild.
yeah i though so
> > the message is more intended tow
# David Seifert (12 Mar 2017)
# Awful codebase, lots of widechars stored in chars,
# invokes undefined behaviour, last release in 2004.
# Masked for removal in 30 days. Bug #593976.
app-i18n/x-unikey
# David Seifert (12 Mar 2017)
# Bundles half of glibc, unmaintained upstream,
# not really necessary anymore with 64-bit flash
# Masked for removal in 30 days. Bug #609258.
www-plugins/nspluginwrapper
On 2017.03.11 20:50, Kristian Fiskerstrand wrote:
> A draft of a Pre-GLEP for the Security project is available for
> reading
> at https://wiki.gentoo.org/wiki/User:K_f/GLEP:Security
>
> The GLEP follows a line of GLEPs for special projects that have
> tree-wide access in order to ensure proper ac
# David Seifert (12 Mar 2017)
# Awful codebase, lots of widechars stored in chars,
# invokes undefined behaviour, last release in 2004.
# Masked for removal in 30 days. Bug #593942, #593976.
app-text/uvconv
On 03/12/2017 07:11 PM, Roy Bamford wrote:
>
> Why do Security Project members need to be ebuild devs?
> Non ebuild developers can contribute by producing GLSAs,
> for example.
Where is that requirement stated?
>
> Who manages the Security Project (from outside). It appears from
> the draf
On 03/12/2017 03:55 AM, Rich Freeman wrote:
> On Sat, Mar 11, 2017 at 6:54 PM, Kristian Fiskerstrand
> wrote:
>> On 03/11/2017 11:23 PM, Andrew Savchenko wrote:
>>>
>>> My point is that users must be informed about security problem, but
>>> they still should have a choice. So it should be either
On 03/12/2017 07:19 AM, Walter Dnes wrote:
> - Typo...
> Additional Security Project bugzilla notes
> * The Security Project is except (should that read "exempt"?)
Thanks, fixed
>
>
>
> - An intermediate level before masking might be issuing a warning if
> some simple, specific remediation m
On Sun, Mar 12, 2017 at 2:45 PM, Kristian Fiskerstrand wrote:
>
> In most cases lack of maintainer participation is likely the issue to
> begin with. The primary issue with a package mask of this nature is that
> it is more permanent than temporary in nature. To what extent would
> other package m
On 03/12/2017 09:14 AM, Alexis Ballier wrote:
> Most of it seems more appropriate for a project page to me and up to
> the sec. team, so I'll comment on the global parts only.
>
> The only global part I see is the "Security package version/revision
> bumps and package masks". This one would benefi
On Sun, 12 Mar 2017 19:59:11 +0100
Kristian Fiskerstrand wrote:
> On 03/12/2017 09:14 AM, Alexis Ballier wrote:
> > Most of it seems more appropriate for a project page to me and up to
> > the sec. team, so I'll comment on the global parts only.
> >
> > The only global part I see is the "Securit
On 03/12/2017 11:05 PM, Alexis Ballier wrote:
>> The severity levels and timelines are already defined in the
>> referenced vulnerability treatment policy. We might be able to
>> incorporate this suggestion by stronger reference to that for
>> timeline, but in the end that should be the internal po
On 03/11/2017 11:23 PM, Andrew Savchenko wrote:
> While the Deputy may be assigned, this still gives all power to
> single hands. Maybe it will be better to establish something like
> the Security Project Council (SPC)? E.g. three project members may
> be elected to this SPC, so that all serious de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
The following package is up for grabs:
app-editors/ghostwriter
- --
gokturk
-BEGIN PGP SIGNATURE-
iQEcBAEBCgAGBQJYxdHOAAoJEIT4AuXAiM4zX7wIAKRpd6uqLQDqCX8vWoSWuto/
8AyGdLfYDZGxNts+nPZZtuG89ykNAx7W8+c+WwoaIuHvQgD1ZOyoIIq+ghp19xng
tQme
The attached list notes all of the packages that were added or removed
from the tree, for the week ending 2017-03-12 23:59 UTC.
Removals:
app-crypt/cryptkeeper 20170312-21:22 mgorny0625e74f644
dev-libs/safestr 20170312-21:22 mgorny28119e8e8a3
On Sun, Mar 12, 2017 at 02:54:22PM -0400, Rich Freeman wrote:
> On Sun, Mar 12, 2017 at 2:45 PM, Kristian Fiskerstrand
> wrote:
> >
> > In most cases lack of maintainer participation is likely the issue to
> > begin with. The primary issue with a package mask of this nature is that
> > it is more
33 matches
Mail list logo
