------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Debian Project News                    debian-public...@lists.debian.org
December 11th, 2018          https://www.debian.org/News/weekly/2018/04/
------------------------------------------------------------------------

Welcome to this year's fourth issue of DPN, the newsletter for the
Debian community. Topics covered in this issue include:

  * Welcome to the Debian Project News!
  * Internal News/Happenings
  * Events: Upcoming and Reports
  * Reports
  * Help needed
  * More than just code
  * Code, coders, and contributors
  * Outside News
  * Quick Links from Debian Social Media
  * Want to continue reading DPN?


Welcome to the Debian Project News!
-----------------------------------

We hope that you enjoy this edition of the DPN.

For other news, please read the official Debian blog Bits from
Debian [1], and follow https://micronews.debian.org which feeds <(via
RSS) the @debian> profile on several social networks too.

    1: https://bits.debian.org

At the end of this Project News we've added a Quick Links section which
links to a selection of the posts made through our other media streams.

Debian's Security Team releases current advisories on a daily basis
(Security Advisories 2018 [2]). Please read them carefully and subscribe
to the security mailing list [3].

    2: https://www.debian.org/security/2018/
    3: https://lists.debian.org/debian-security-announce/


Internal News/Happenings
------------------------

Updated Debian 9: 9.6 released

The Debian project announced [4] the sixth update of its stable
distribution Debian 9 (codename "Stretch") on 10 November 2018 to point
release 9.6.

    4: https://www.debian.org/News/2018/20181110

This point release added corrections for security issues along with a
few adjustments for serious problems. Security advisories have already
been published separately and are referenced where available. Upgrading
an existing installation to either revision can be achieved by pointing
the package management system at one of Debian's many HTTP mirrors. A
comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list


Package Salvaging

Tobias Frost announced [5] a new addition to the Debian Developer's
Reference on Package Salvaging. Package Salvaging [6] allows packages
not officially orphaned or abandoned to be maintained by other
developers or new contributors after some eligibility factors are
addressed.

    5: https://lists.debian.org/debian-devel-announce/2018/09/msg00003.html
    6:
https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#package-salvaging

The process differs from MIA handling of packages in that it does allow
for negelected or forgotten packages to be brought back into the fold.
There is a set of guidelines [7] available which outline the phases of
the process, along with additional information and FAQs on the Debian
Wiki.

    7: https://wiki.debian.org/PackageSalvaging

Reproducible Builds joins the Software Conservancy!

Reproducible Builds [8] has joined the Software Freedom Conservancy [9],
a 501(c)(3) not-for-profit organisation that helps promote, develop and
defend Free, Libre, and Open Source Software (FLOSS) projects. Through
the SFC, member projects may receive donations earmarked for the benefit
of a specific FLOSS project.

    8: https://reproducible-builds.org/
    9: https://sfconservancy.org/about/

The Reproducible Builds project, which began as a project [10] within
the Debian community, is also critical to the Conservancy’s own
compliance work: A build that cannot be verified may contain code that
triggers different license compliance responsibilities than the
recipient is expecting.

   10: https://wiki.debian.org/ReproducibleBuilds/History

As Reproducible Builds joins Conservancy, it is also receiving a
donation of US$300,000 from the Handshake Foundation [11] which will
propel the project’s efforts to ensure the future health and usability
of free software.

   11: https://handshake.org/

Rust available on 14 Debian Architectures

John Paul Adrian Glaubitz announced and thanked the many contributors
who helped to get Rust available on 14 Debian architectures [12]. The
newest [13] supported architectures are: mips, mips64el, mipsel, and
powerpcspe.

   12: https://lists.debian.org/debian-devel-announce/2018/11/msg00000.html
   13: https://buildd.debian.org/status/package.php?p=rustc&suite=unstable

This work is the result of the combined effort of many talented people,
and work on LLVM upstream which fixed many many bugs in the MIPSand
PowerPC backends as well as adding support for the PowerPCSPE sub-
target.

Documenting copyright holders in debian/copyright

The FTP team has issued clarifications [14] in regard to copyright
attribution in debian/copyright; some of the main points:

  * Unless a license explicitly states that copyright attributions only
apply to source distributions, they apply as well for the source and
binary. The copyright must be documented in debian/copyright for license
compliance reasons.
  * Be mindful of 2.3 Copyright considerations [15]: Every package must
be accompanied by a verbatim copy of its copyright information and
distribution license in the file /usr/share/doc/package/copyright.
  * On rare occasion the FTP masters have determined that full copyright
attribution is both not feasible and, given the nature of the package,
that an appropriate copyright notice does not need to list all copyright
holders; in such cases this tolerance should not be assumed to apply to
other packages.

   14: https://lists.debian.org/debian-devel-announce/2018/10/msg00004.html
   15:
https://www.debian.org/doc/debian-policy/ch-archive.html#copyright-considerations

The FTP team affirms that documenting copyright holders in debian/
copyright is a good idea.

CTTE decision on vendor-specific patch series

The technical committee passed a resolution [16] on whether to allow the
use of vendor-specific patch series in the Debian archive, in summary:

   16: https://lists.debian.org/debian-devel-announce/2018/11/msg00004.html

The Committee recognises a need for packages to behave differently when
built on different distributions, but this should be done by using
differing source packages, or as part of the build process using current
and future practices such as patches with conditional behaviour or
patching of files during the build rather than at source unpacking time.

As this feature is used by several packages today, there is the need for
a reasonable transition period. However, they will be considered buggy
from when this resolution is accepted, but will not be considered severe
enough to warrant immediate removal from Debian.

After Buster is released, the presence of a vendor-specific patch series
will be a violation of a MUST directive in Debian policy.

The Committee therefore resolves: Any use of dpkg's vendor-specific
patch series feature is a bug for packages in the Debian archive
(including contrib and non-free).

After Buster is released, use of the vendor-specific patch series
feature is forbidden in the Debian archive.

For additional information and the original discussion please see Bug
#904302 [17].

   17: https://bugs.debian.org/904302

Release Team: Upcoming freeze timeline, ways to help

The Release Team is preparing [18] for the initial phase of the buster
freeze.

   18: https://lists.debian.org/debian-devel-announce/2018/09/msg00004.html

Developers are reminded to follow up on their plans and evaluate
realistic timelines to accomplish for changes and inclusion into buster.

Changes can be staged in experimental, to avoid disruption. Keep in mind
that other volunteers may not have the same capacity to work on your
goals. Any unfixed bugs are suggested to be fixed via NMU [19] now
rather than later.

   19: https://wiki.debian.org/NonMaintainerUpload

The official freeze time table for buster is: 2019-01-12 - Transition
freeze 2019-02-12 - Soft-freeze 2019-03-12 - Full-freeze

Please consult the buster freeze policy [20] and timeline for detailed
information about the different types of freezes and what they mean for
you.

   20: https://release.debian.org/buster/freeze_policy.html

If you would like to help us to get buster out on time and are able to
help fix RC bugs in testing prior to the transition freeze, you can do
that now by looking at the list of RC bugs [21] or joining the #debian-
bugs irc channel on irc.oftc.net.

   21: https://udd.debian.org/bugs/

Bits from the Debian Anti-Harassment Team

The Debian Anti-Harassment Team [22] is the point of contact for any
community member who would like to help create a more welcoming and
respectful environment in Debian, and is also the point of contact for
reports or concerns about inappropriate behaviour or abuse. The team
will send out small but regular reports to the community.

   22: https://wiki.debian.org/AntiHarassment

Should you see interactions that you consider deserve attention, please
let us know. Please do not wait until a problem becomes too big; we can
assist as friendly de-escalators or as mediators. Members may also
forward information for which no action is to be taken, but kept on file
should a problem escalate some time in the future.

The team may be contacted at <antiharassm...@debian.org> [23].

   23: antiharassm...@debian.org

Some highlights of our recent activity:

One request for intervention on a dispute about a package deemed
offensive, we issued our recommendation: Bug #907199 [24]

   24: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907199

We had a request about removing messages from mailing list and
responded.

Several attendees at DebConf 18 served as a local anti-harassment team
that handled disputes between attendees and a possible Code of Conduct
violation, mediating in minor issues, and offering advice during the
conference.

A general reminder about the CoC was sent via micronews several times
during DebConf18.

We have been involved in the discussions about the photo policy for
DebConf, and we plan to make a proposal soon.

New Outreachy intern

Debian welcomes Anastasia Tsikoza as our newest Outreachy intern [25].
The Outreachy program provides internships for people from groups
traditionally underrepresented in technology. Anastasia mentored by Paul
Wise and Raju Devidas, will work on Improving the integration of Debian
derivatives with the Debian infrastructure and the community.

   25:
https://bits.debian.org/2018/11/welcome-outreachy-intern-2018-2019.html

Misc Developer News

Paul Wise posted [26] the most recent issue of Misc Developer News #46,
highlights include: debhelper compat level 12 is open for beta testing
and is expected to become stable in Debian buster.

   26: https://lists.debian.org/debian-devel-announce/2018/10/msg00002.html

A new port for RISC-V flavour "riscv64" (64-bits little-endian) is now
available in Debian Ports.

With the recent release of debcargo 2.0.0 to crates.io, Debian packages
can be created from your favorite Rust crate and uploaded to the Debian
archive.

devscripts 2.18.5 has been released and brings some new uscan features
such as verifying signed tags in git and auto value for dversionmangle.

Chris Lamb called for more volunteers for the FTP Team.


Events: Upcoming and Reports
----------------------------

Upcoming events

MiniDebConf Marseille 2019

A miniDebConf will take place in Marseille (France) from 25 to 26 May,
with two days of talks, lightning talks, keysigning party, lunch, and...
beer event Read the announcement [27] and visit the wiki page of the
event [28] where you can get all the details, register for the event,
and help in the organisation.

   27:
https://france.debian.net/pipermail/minidebconf/2018-November/000159.html
   28: https://wiki.debian.org/DebianEvents/fr/2019/Marseille

Buster (bug) Squashing Parties!

There are many Bug Squashing Parties coming up on our calendars that are
focusing efforts on addressing and fixing release critical bugs that
will delay the release of Debian 10 (buster). BSPs are open to everyone
who wants and is able to get involved. Come on by and help us to make
this release a success!

Netherlands, Venlo, 12 January to 13 January 2019

Hosted at Transceptor Technology and insign.it.

Feel welcome if you want to contribute to Debian, whatever your
experience level. You don't need to be an existing Debian contributor.
Just trying to reproduce a bug and documenting your experience is
already useful.

Announcement for Venlo BSP [29]

   29: https://lists.debian.org/debian-devel-announce/2018/11/msg00005.html

BSP Wiki for Venlo [30]

   30: https://wiki.debian.org/BSP/2019/01/nl/Venlo

Canada, Montreal, 19 January to 20 January 2019

Hosted at Eastern Bloc, Montreal, Canada.

Unlike the one we organised for the Stretch release, this BSP will be
over a whole weekend, so hopefully folks from other provinces in Canada
and from the USA can come.

You can register on the wiki page where you will find information
regarding transport, accommodation, food and other useful things.
Expenses to attend this BSP should be sponsored by the Debian Project

Announcement for Montreal BSP [31]

   31: https://lists.debian.org/debian-devel-announce/2018/12/msg00000.html

BSP Wiki for Montreal [32]

   32: https://wiki.debian.org/BSP/2019/01/ca/Montreal

Germany, Bonn, 22 to 24 February 2019

Tarent solutions GmbH, Rochussstr. 2, 53123 Bonn, Germany

The BSP is scheduled right between the soft freeze and the full freeze,
thus giving a perfect opportunity for a really efficient and
concentrated RC bug squashing sprint.

The venue offers enough room for up to 20 people, separate rooms for
those who want to hack in a smaller team, and also room for socialising.

Announcement for Bonn BSP [33]

   33: https://lists.debian.org/debian-devel-announce/2018/11/msg00001.html

BSP Wiki for Bonn [34]

   34: https://wiki.debian.org/BSP/2019/02/de/Bonn

Austria, Salzburg 05 April to 07 April 2019

The offices of Conova Communications GmbH [CONOVA], located close to
Salzburg Airport W.A. Mozart.

We are happy to invite you to the 6th Debian Bug Squashing Party in
Salzburg, Austria.

A short registration on the wiki page [BSPSBG] is required to ease the
organisation of the event. On the same page you will find information
regarding transport, (sponsored) accommodation and other useful things.

Announcement for Salzburg BSP [35]

   35: https://lists.debian.org/debian-devel-announce/2018/11/msg00006.html

BSP Wiki for Salzburg [36]

   36: https://wiki.debian.org/BSP/2019/04/Salzburg


Reports
-------

LTS Freexian Monthly Reports

Freexian issues monthly reports [37] about the work of paid contributors
to Debian Long Term Support.

   37: https://raphaelhertzog.com/tag/Freexian+LTS/

Reproducible Builds status update

Follow the Reproducible Builds blog [38] to get the weekly reports on
their work in the "Buster" cycle.

   38: https://reproducible-builds.org/blog/


Help needed
-----------

Packages needing help

Currently [39] 1311 packages are orphaned [40] and 157 packages are up
for adoption [41]: please visit the complete list of packages which need
your help [42].

   39: https://lists.debian.org/debian-devel/2018/11/msg00733.html
   40: https://www.debian.org/devel/wnpp/orphaned
   41: https://www.debian.org/devel/wnpp/rfa
   42: https://www.debian.org/devel/wnpp/help_requested

Newcomer bugs

Debian has a "newcomer" bug tag, used to indicate bugs which are
suitable for new contributors to use as an entry point to working on
specific packages. There are currently 212 [43] bugs available tagged
"newcomer".

   43: https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=newcomer


More than just code
-------------------

Carl Chenet opined, You Think the Visual Studio Code binary you use is a
Free Software? Think again. [44] He points out some of the licensing
practices used in regard to the MIT license, a permissive Free Software
license.

   44:
https://carlchenet.com/you-think-the-visual-studio-code-binary-you-use-is-a-free-software-think-again/

Elana Hashman shares information on her PyGotham 2018 Talk
Resources [45] for a talk called "The Black Magic of Python Wheels",
based on 2 years of work on auditwheel and the manylinux platform.

   45: https://hashman.ca/pygotham-2018/

Benjamin Mako Hill talks about What we lose when we move from social to
market exchange [46], on the topic of exchanging money in return for
something vs. the exchange of hospitality.

   46:
https://mako.cc/copyrighteous/what-we-lose-when-we-move-from-social-to-market-exchange

Molly de Blanc shared how she came to run a Conservancy Match [47]
donation program for the benefit of Software Freedom Conservancy.

   47: http://deblanc.net/blog/2018/11/24/conservancy-match/


Code, coders, and contributors
------------------------------

New Package Maintainers since 19 August

New Debian Maintainers

New Debian Developers

Contributors

1603 people and 19 teams are currently listed on the Debian
Contributors [48] page for 2018.

   48: https://contributors.debian.org/

Statistics

buster Source files: 11,885,550 Source packages: 28,697 Disk usage:
252,791,492 kB Ctags: 17,452,645 Source lines of code: 1,044,492,396

  * ddSource files: 20,019,227
  * Source packages: 33,533
  * Disk usage: 381,351,424 kB
  * Ctags: 42,219,156
  * Source lines of code: 1,759,157,606

Discussions

Debian user Aurélien Couderc asked about Bumping an epoch and reusing a
package name [49], which led to a discussion about requesting upstream
changes for Debian internal policies and the effect on users. Several
alternatives are mentioned in the discussion as well pitfalls of bumping
a version number.

   49: https://lists.debian.org/debian-devel/2018/09/msg00220.html

Debian user Pétùr asked for help with a File with weird permissions,
impossible to delete [50]. The discussion moves quick onto permission
issues, inodes, fsck, and bad SATA cabling.

   50: https://lists.debian.org/debian-user/2018/09/msg00311.html

Debian user Subhadip Ghosh asked, Why does Debian allow all incoming
traffic by default? [51]

   51: https://lists.debian.org/debian-user/2018/09/msg00700.html

Tips and Tricks

Jonathan McDowell continues his series of write ups on home automation
with Controlling my heating with Home Assistant [52] and Using ARP via
netlink to detect presence. [53]

   52: https://www.earth.li/~noodles/blog/2018/10/heating-automation.html
   53: https://www.earth.li/~noodles/blog/2018/09/netlink-arp-presence.html

Antoine Beaupré shared tips for Archiving web sites [54] using freely
available tools and some knowledge.

   54: https://anarc.at/blog/2018-10-04-archiving-web-sites/

Sergio Alberti shared [55] a guide on Reverse Engineering Bluetooth Low
Energy Devices [56]

   55: https://sergioalberti.gitlab.io//gsoc/debian/2018/09/24/reveng.html
   56: https://reverse-engineering-ble-devices.readthedocs.io/en/latest/

Petter Reinholdtsen shares VLC in Debian now can do bittorrent
streaming [57].

   57:
http://people.skolelinux.org/pere/blog/VLC_in_Debian_now_can_do_bittorrent_streaming.html

Laura Arjona Reina found a small digital photo frame and brings it back
to use in Handling an old Digital Photo Frame (AX203) with Debian (and
gphoto2) [58].

   58:
https://larjona.wordpress.com/2018/09/22/handling-an-old-digital-photo-frame-ax203-with-debian-and-gphoto2/

Once upon a time in Debian:

  * 2009-12-08 Debian Bug #560000 reported by Mika Tiainen [59]
  * 2016-12-10 MiniDebconf 2016 held in Tokyo, Japan [60]
  * 1996-12-12 Debian 1.2 Released (Rex) [61]
  * 2014-12-13 Bug Squashing Party in Tilburg, The Netherlands [62]
  * 2016-12-13 Debian co-organizes and sponsors Reproducible Builds
Summit in Berlin, Germany [63]

   59: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560000
   60: https://miniconf.debian.or.jp/index.en.html
   61: https://lists.debian.org/debian-devel-announce/2014/08/msg00012.html
   62: https://wiki.debian.org/BSP/2014/12/nl/Tilburg
   63: https://reproducible-builds.org/events/berlin2016/


Outside News
------------

The Creative Commons Global Summit will be held in Lisbon, Portugal May
9-11 2019. Their Call for Proposals is open until December 10th 2018.
Visit https://summit.creativecommons.org/ for more details and
registration.



Quick Links from Debian Social Media
------------------------------------

This is an extract from the micronews.debian.org [64] feed, in which we
have removed the topics already commented on in this DPN issue. You can
skip this section if you already follow micronews.debian.org or <the
@debian> profile in a social network (Pump.io, GNU Social, Mastodon or
Twitter). The items are provided unformatted in descending order by date
(recent news at the top).

   64: https://micronews.debian.org

November

  * Bits from <the @Debian> Project Leader (November 2018)
https://lists.debian.org/debian-devel-announce/2018/11/msg00007.html
  * Debian CI pipeline for Debian Maintainers!
https://salsa.debian.org/salsa-ci-team/pipeline/blob/master/README.md
  * Happy <birthday @Fedora!>
https://fedoramagazine.org/celebrate-fifteen-years-fedora/
  * Perl 5.28 transition underway, wide uninstallability is to be
expected in sid for the next days!
https://lists.debian.org/debian-devel-announce/2018/10/msg00006.html


October

  * Bits from the Debian Project Leader (October 2018)
https://lists.debian.org/debian-devel-announce/2018/10/msg00005.html
  * "Salsa ribbons" by Chris Lamb
https://chris-lamb.co.uk/posts/salsa-ribbons
  * [debian-installer] Call to update translations for Buster
https://lists.debian.org/debian-i18n/2018/10/msg00002.html
  * Bits from MicroDebConf Brasília 2018
http://blog.kanashiro.xyz/debconf/2018/09/28/microdebconf-bsb.html


September

  * Bits from the Debian Project Leader (September 2018)
https://lists.debian.org/debian-devel-announce/2018/09/msg00005.html
  * Call for mentors and project ideas for next Outreachy round
https://lists.debian.org/debian-outreach/2018/09/msg00030.html
  * Debian security repositories stay online in Japan despite magnitude
6.7 earthquake
https://henrich-on-debian.blogspot.com/2018/09/earthquake-struck-hokkaido-and-caused.html


August

  * FISL19 in Porto Alegre will take place before DebCamp next year
https://debconf19.debconf.org/news/2018-08-23-fisl19/
  * Bits from the Debian Project Leader (August 2018)
https://lists.debian.org/debian-devel-announce/2018/08/msg00008.html



Want to continue reading DPN?
-----------------------------

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [65] to find out how to help. We're
looking forward to receiving your mail at
<debian-public...@lists.debian.org>.

   65: https://wiki.debian.org/ProjectNews/HowToContribute

Subscribe or Unsubscribe [66] from the Debian News mailing list

   66: https://lists.debian.org/debian-news/


This issue of Debian Project News was edited by The Publicity Team with
contributions from Jean-Pierre Giraud, Justin B Rye and Laura Arjona
Reina.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to