Accepted python-acme 1.3.0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 03 Mar 2020 20:48:00 -0500
Source: python-acme
Architecture: source
Version: 1.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Let's Encrypt 
Changed-By: Harlan Lieberman-Berg 
Changes:
 python-acme (1.3.0-1) unstable; urgency=medium
 .
   * New upstream release.
Checksums-Sha1:
 f638753982fc7fa461020d5d61c62496cdcaaa2d 2859 python-acme_1.3.0-1.dsc
 6c2f43e4e609be7b0dff50aceddaba5c6ac7926f 78471 python-acme_1.3.0.orig.tar.gz
 5880ae06f43f2af8afe7c0337e97fea06a66b63f 488 python-acme_1.3.0.orig.tar.gz.asc
 627a5c3ec7bd8757ffbffb2cf727c2cc26e2f655 6028 python-acme_1.3.0-1.debian.tar.xz
 1e5ad01e8a890692d22d65961639679e3ab6b825 8394 
python-acme_1.3.0-1_amd64.buildinfo
Checksums-Sha256:
 487c1ca6a11ece02d39b0da18cd32e8953dc2262469866436b1c8ebda868100e 2859 
python-acme_1.3.0-1.dsc
 c0de9e1fbcb4a28509825a4d19ab5455910862b23fa338acebc7bbe7c0abd20d 78471 
python-acme_1.3.0.orig.tar.gz
 fee8590787d061992ae016cdc1915162f6c9db5cb755dbaa8c9fb816579940d9 488 
python-acme_1.3.0.orig.tar.gz.asc
 e660b6c4c4ed9d873e6befc65bb087a426352528904d4d07b2431c017b2aeb30 6028 
python-acme_1.3.0-1.debian.tar.xz
 d4a3123564b46e6ef3d3f2483fc0a39c4cfd0e381a50f336802118afe08e7374 8394 
python-acme_1.3.0-1_amd64.buildinfo
Files:
 03fe26e4ac3ca8d2ad71c768ef680f7b 2859 python optional python-acme_1.3.0-1.dsc
 a71afdcb94c603818696ed73e7180aff 78471 python optional 
python-acme_1.3.0.orig.tar.gz
 1e476954d6663f0b63f3365f12ba8d50 488 python optional 
python-acme_1.3.0.orig.tar.gz.asc
 257f548ea0e48e4fdcf2f66881117d01 6028 python optional 
python-acme_1.3.0-1.debian.tar.xz
 12344b308024d278ffd535adc170f3e8 8394 python optional 
python-acme_1.3.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQKqBAEBCgCUFiEEYveV1JOn7SmlGhxBnX5VYE2Rn4MFAl5fDHBfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
Rjc5NUQ0OTNBN0VEMjlBNTFBMUM0MTlEN0U1NTYwNEQ5MTlGODMWHGhsaWViZXJt
YW5AZGViaWFuLm9yZwAKCRCdflVgTZGfg7ORD/0SlGvLETj/LRvkOdgaiw+FJAXq
Qm8LfMcabLAegH3wYiDy+ndoHs1fnQsqAAFofYhAOVttLC0v+VTfjK6/PS6XCBjo
gqgsb2Dwivdb2rlKPcF7Wm2QFz+eS2BFSh7o/pc03fsAUTPOjsJ+jq8oRDWco5U2
aKUUNG8MxjsSOPtoqTJ7mbS74hZHwQyFMh29oQc7FU2QkIZLaab2T05WLSH5VZrG
mHoMCqFy8J5uCYPFr7ScdbwMCLuAUadhYdVl0ZQeEfuLgS21YqJu/WLoeNwAFX0i
IsRJ2kyy39O0kRWuLNiDQYF8Pih5FVPgFF5y4JFJSnGxxq2o57Sp9vpnrNwzJLKS
+Mx64Z9KYpsfWJuCqVhgGwCSfAGmA9MxitLpqqtuxcuVJbrer04dtbqJstQrGJ7c
i3rmX9lQSST2geW/4NhXYIiYfhYVwMc4PYuINtkzStquL/LgcZ4hpseH5K+eZO8n
DEjP86kn+rV2QiNqowXPhVeEeP8CBaH7MjXJDWKMq+qVIIgkk69OcqaV22DJzSZn
iDRAHxj9ZTe7Wetji5XiFug5DmTAhysx/l/3gLgMWcUwoDdZ5hGdCuURAqBEX1Ij
UD+5cKqrrEN732MvD8iINQHi7P8iatJgAlBfJloe8552CWx2mhdv3m+dWkTnbH+N
GuDeDvJ0zSQWgGKIPA==
=dVzQ
-END PGP SIGNATURE-

Accepted python-lark 0.8.2-2 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 25 Mar 2020 00:35:11 -0400
Source: python-lark
Architecture: source
Version: 0.8.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: Scott Kitterman 
Changes:
 python-lark (0.8.2-2) unstable; urgency=medium
 .
   * Team upload.
   * Update d/tests/control and d/tests/python3-lark so that autopkgtest is
 reliabily run for all supported python3 versions
Checksums-Sha1:
 a28d80a4595a221f6673209d27664257e25bf007 2174 python-lark_0.8.2-2.dsc
 b5ff8c935f0e5235c747cf115b6df26796d09292 8248 python-lark_0.8.2-2.debian.tar.xz
 062989f8cf1df1f727e67e43297e57da893a4fb3 6042 
python-lark_0.8.2-2_source.buildinfo
Checksums-Sha256:
 6c53b7545ad2d7492ebca4ccc56ab394894aad614a6ef311323a8017295922f5 2174 
python-lark_0.8.2-2.dsc
 26dfad4f2a42a9abc4c4cc0aa5e285b08f8c3eba290b95a519005fee71eb9e42 8248 
python-lark_0.8.2-2.debian.tar.xz
 b6c4adc543532ac7adff982cfed1d6c3316879b183983729b4fe994a323749ff 6042 
python-lark_0.8.2-2_source.buildinfo
Files:
 fb42fe485f4145394666171ac77b0ef8 2174 python optional python-lark_0.8.2-2.dsc
 5a8565432b781df8311a7e3fdabbbc24 8248 python optional 
python-lark_0.8.2-2.debian.tar.xz
 834dacc3e6df012c386fe7b6ac8b496c 6042 python optional 
python-lark_0.8.2-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEE53Kb/76FQA/u7iOxeNfe+5rVmvEFAl5635sACgkQeNfe+5rV
mvG6mw//Q1lvJCD8e0wPJ4ORR2ZxDpo88T94ymmsRnZy7sFkdG2NU57Tib7qOI9g
y8nIef8pHnAIUxQzcN+IQTUkc/6kcWT1i8OG+SEKiyQHre/qhYEtkmYxWKtnI/0Y
v17LF/AtPQ9BJOcRyZI2fs66bhNjVqIgJz90FFRZQLbwjtNmFzoz8WjtZlw2BmJk
gNDgGYstDhQd/0dhZPpzxmcezZ0f8h9JXNnS1R4mg4WWzCF99+UMjCHIXVkMgRPP
AQAIgArkVWaRoYKgxzC/77/K7zpQqOrMTahvVLACf3HEhFocek3ghSgDLGwHJCL5
AhNmCAV04S28KUFb0oFFbBRgqGSClWkVbu6PVkrTUmfE1BWwCHRgIE1Q6ydGrx0g
hzcdZPjCNcpe6+x59dCVGgByv36eCvwGKUNMG3779fp1fDMVcR/0/PjG/Jg8+ayh
Geh14rnqpmBVNBcI/O1wzjS76wn6kpTRc9B7VgbEhVgbW1AcB3OyrKEYpsSmyP18
qcf1qMf9HFLUDXsftggf7xB5uZJBhjtlDLEiCnQJRZUyQW+Em7j6uW82zYriJDN3
gvbeS30ZcjEndX3Z8zinfzLd8EXm8DVNuHxCLBC2huRl1de/F33Ui6pmXnLte569
lF57AiHOwQF4y9Fvc9YV7kLR+Z6rMJrNgAJKs5PYHt+GRvwuT7o=
=p8yU
-END PGP SIGNATURE-

Re: new kubernetes packaging

2020-03-24 Thread Shengjing Zhu 
Another question for the current kubernetes maintainer.

What's your plan for the k8s.io/* libraries, eg k8s.io/api k8s.io/client-go.
They are supposed to be built from src:kubernetes, but it currently doesn't.

Some existing packages already embed them, like
https://codesearch.debian.net/search?q=filetype%3Ago+k8s.io%2Fapi=1
Because we thought it's hard to maintain kubernetes package in Debian,
meanwhile follow the common practice in pkg-go team.

Some new packages are blocked by not having kubernetes libraries. I
haven't checked the wnpp list. But recently there's a thread in
debian-go@.

If you provide k8s.io/* libraries, what about the libraries that
k8s.io/* depends?

-- 
Shengjing Zhu

Accepted golang-github-mattn-go-runewidth 0.0.9-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 17:04:07 +0530
Source: golang-github-mattn-go-runewidth
Architecture: source
Version: 0.0.9-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
Changed-By: Nilesh Patra 
Closes: 954638
Changes:
 golang-github-mattn-go-runewidth (0.0.9-1) unstable; urgency=medium
 .
   * Team Upload.
   * New upstream version 0.0.9 (Closes: #954638)
   * Refresh patches with new version
   * Fix control and patch with cme
   * Bump standards version to 4.5.0
   * Add upstream/metadata
Checksums-Sha1:
 73526c868813186a091feeba7bc0b0dfe11f594f 2367 
golang-github-mattn-go-runewidth_0.0.9-1.dsc
 eabc1d6cb0742094bab2c205b2808c795ad1b459 16714 
golang-github-mattn-go-runewidth_0.0.9.orig.tar.gz
 874368092cc20668ed37bcb6420e7d1c59495267 3704 
golang-github-mattn-go-runewidth_0.0.9-1.debian.tar.xz
 30d3bab7c52176e6b79e3ad0eb27d285276a3ba4 5883 
golang-github-mattn-go-runewidth_0.0.9-1_amd64.buildinfo
Checksums-Sha256:
 b682d7ea360c8a28873ec4067a2582c563da4a4856852c0964070e2247aa6f51 2367 
golang-github-mattn-go-runewidth_0.0.9-1.dsc
 4f20a337ad06e071f29535afe9c5207d3e8840c8c86672bbc5f9837c6229c835 16714 
golang-github-mattn-go-runewidth_0.0.9.orig.tar.gz
 1841a34c5dd40f4c82056682471f225920382e16bc3ea52d43fea53fed493621 3704 
golang-github-mattn-go-runewidth_0.0.9-1.debian.tar.xz
 5d55710be52ab7ac2f7f7d1a1ce556b48ef33c60e1ff0bf8e786fd5f124368f7 5883 
golang-github-mattn-go-runewidth_0.0.9-1_amd64.buildinfo
Files:
 29991689cfb42587ee059805599564b3 2367 devel optional 
golang-github-mattn-go-runewidth_0.0.9-1.dsc
 4a45a358d20e99c515542912119846b1 16714 devel optional 
golang-github-mattn-go-runewidth_0.0.9.orig.tar.gz
 d19b535d1fc1356642b9ae1794fa1ddc 3704 devel optional 
golang-github-mattn-go-runewidth_0.0.9-1.debian.tar.xz
 dfda7be73fdfbce2ec16601ec5c83d77 5883 devel optional 
golang-github-mattn-go-runewidth_0.0.9-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEULx8+TnSDCcqawZWUra72VOWjRsFAl563eYACgkQUra72VOW
jRv9cBAAk2qFnCjy926yvlC3qvjvsSYINQLcH9jjcHdrKLiuhHP6InYfEr7zvvZP
x1CKRKCyKlzlvKKPzWLmjDvBFA5C9CB3hgtCfz4tE8U6ki4V0p63X62YUUbs7pMQ
gJSKIxY+i3XkCE7jTsoujfxW/ASRxLj6lUwOT9FRoPcXGG8r/h2d0xfE2j3NSudI
yDx26z/NgR0/z87CbRJyAkXw/6cs+Kak6bJimfdXJ3PPP/RnYz6fpcbOMT1K+oGO
yg+CxXoOmdqmk2facbkm/1wc93uAlD4H+u/18vrJSqvwnEL7U64BKOgYP3KfyURn
NpZuk1TY8iTWcksnm9+KL57HLaiY0Tw4zhc5BUMAGzpay6eXwbGBbC+qA6cQ1Nj6
mXG3A4tbW5sBP0n+Tjv4aNPUXFqbbkmDBbNizsH8TRSPk1CjCE0/WZeFsaeBi9kf
Ph6tXk0Bu0Wg2H8idQZg93G5gnwhUTVxdCPYpPP8o8opRAbwGFnTgby/4flrHwRE
HfcjDqLxa2Q6gZzmv5A8gCwHSxHu7RcolD4csrldoK4zkKrCvbAHXdsm5i4Ble3Y
khbhvGPcr4rDc5hwPJnk85XJcIl+ATWZHWKMo/fzLXNFiLhGZg9oe/K5V20yMC+V
/4BENYZ6upX8Oj/7xBSEVipdWHaM2X+tR6NwxX8b5MyGHL1vxls=
=Ydhu
-END PGP SIGNATURE-

Accepted apertium-mk-bg 0.2.0~r49489-3 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 18:45:20 +0530
Source: apertium-mk-bg
Architecture: source
Version: 0.2.0~r49489-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Team 

Changed-By: Kartik Mistry 
Closes: 950559
Changes:
 apertium-mk-bg (0.2.0~r49489-3) unstable; urgency=medium
 .
   * Added patch to fix FTBFS with apertium 3.6 (Closes: #950559)
   * Added debian/gitlab-ci.yml file.
   * debian/control:
 + Updated Standards-Version to 4.5.0
 + Switched to debhelper-compat
 + Added 'Rules-Requires-Root' field.
   * Added debian/upstream/metadata file.
Checksums-Sha1:
 65a31fba857bb76ff2f429c64204bd9877a2040f 2117 apertium-mk-bg_0.2.0~r49489-3.dsc
 b5c1be70822843d53dbe4ea492dbc8916fbd1402 3004 
apertium-mk-bg_0.2.0~r49489-3.debian.tar.xz
Checksums-Sha256:
 6d20bed9ea837d1861a08bc3c62e26a10d61d168c9548e6aeb28959423a8d272 2117 
apertium-mk-bg_0.2.0~r49489-3.dsc
 48a304c0524bc7217ac56570c0b714fd5b58f5a90e9b8bab66bfbb63255ce999 3004 
apertium-mk-bg_0.2.0~r49489-3.debian.tar.xz
Files:
 548af10386c7b762cf334ef8c70d2a02 2117 science optional 
apertium-mk-bg_0.2.0~r49489-3.dsc
 385ca6a1078d2dd79633fe0256474ca6 3004 science optional 
apertium-mk-bg_0.2.0~r49489-3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEa2MbXvVUr2sRlmKSAsHT8ng6pN4FAl563KUACgkQAsHT8ng6
pN6hPw//Zvrkw1TWMp7W5Z6GD8PjZXP28LFf+9isTw6HlklRQBe9U2teVwJDPa0D
DaVesm+IO4RZlX4OcP9wwyjtK9bupwc++rHOHfyzZ7iBJMyl/yEihhyINx9itnun
4N1Ja6Qt0m1vkSKknrpRrzTGwTb2sdaB2h0N5rrENYONOXFisKLlXYv4stElWHl8
rBdUB2HypBmXUlItavJXVXkxTK1uedszZR+yKDyyFgWYxYjPYSY0k1tVyHXRr0+/
YPuKLimJxzgXrWu3ujAkL53nug0813Zq+kLaQTx3IdqLpQNcPvPfceBuYxmuwjdS
/C55AxDnvQg5i5ibOKfq2hIMS0TOVFUmux/xO/el1vj6KjnS2H0NFdNytXzLghUO
czqyQhz72F6ZIvjEaa8MoGIXYY8f5ezj0zY6x2g8wT7FYHa/0j0lzccfOo++IVsa
c3UI09D0PnM/0EEeZGvmdJj+X6VFd19p1iD42In1+4Eld5IBZNwTiCTAhoi6Be9N
8tauI6GyiRMJLLu/E3Ssn96PIvUnFYsq4Y5ImxNK1VK3m7Td9T/OYSlvATmcjRqo
qbEef0Q6QRxOYybjiOEfxkfAfMXdOgqEtaC8DqIcksh7+G7exAxn+ljf9qDFnjT4
JJ4h6HgQ6Zg3qPcS42bJLJtE61emY3Q1qsO+XhXzCux11u+mWMs=
=02V+
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Dmitry Smirnov 
On Wednesday, 25 March 2020 2:34:03 PM AEDT Michael Lustfield wrote:
> With regard to the kubernetes package, I don't see anything to indicate it
> was abandoned.

Sorry if I did not make it clear: the package was orphaned as per #886739.
The takeover was only technological. I don't dispute the ownership of the 
package.


> One person is
> interested in maintaining the package per our standards, and another is
> interested in getting it updated.

It is all about balance... I think we can have both: a package updated with 
respect to our standards or at least with best effort to respect standards. 

I'm not interested in maintaining Kubernetes any more. I simply can't afford 
to spend more time on it after investing so much already. I'm somewhat 
disappointed in upstream and their handling of the project. I'm not even 
using Kubernetes and my concerns are about packaging practices and 
methodologies.

-- 
All the best,
 Dmitry Smirnov.

---

Doublethink means the power of holding two contradictory beliefs in one's
mind simultaneously, and accepting both of them.
-- George Orwell, 1984.


signature.asc
Description: This is a digitally signed message part.

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Michael Lustfield 
Ehm... perhaps we should practice some de-escalation techniques, please. :/

On Wed, 25 Mar 2020 13:55:50 +1100
Dmitry Smirnov  wrote:
> On Wednesday, 25 March 2020 6:08:23 AM AEDT Janos LENART wrote:
> > Debian Policy, paragraph 4.13 states:  
> 
> There are several problems with how you did it too. You did not use anyone's 
> advise, ignored Salsa repository, threw away _everything_ and made no effort 
> to understand how and why things were implemented, let alone appreciated 
> prior work or tried to improve it. What you did is technological hijack of 
> the package, a gross violation of practices.
> 
> Imagine I'll upload a package to NEW, get in reviewed and accepted for what 
> it is then re-upload as something entirely different bundled with 500+ 
> dependencies that were not reviewed then claim that policy allows it?

I missed this earlier...

With regard to the kubernetes package, I don't see anything to indicate it was
abandoned. I'll also assume that the current maintainer (Dmitry) was not
contacted by Janos. Considering how quickly this started after the upload, this
seems like a safe bet.

Janos- If that's correct, then this would indeed be considered a "hostile
takeover" of the package. It would be nice to assume that this was simple
oversight of forgotten communication.

No matter the actual facts- please remember how important communication is to
our community.

So... with Dmitry still active in Debian and still holding interest in the
package, the path forward seems obvious, doesn't it? One person is interested
in maintaining the package per our standards, and another is interested in
getting it updated.

Regarding vendor/ libraries... [Was: Re: What to do when DD considers policy to be optional? [kubernetes]]

2020-03-24 Thread Michael Lustfield 
On Tue, 24 Mar 2020 19:25:49 -0700
Russ Allbery  wrote:

> Michael Lustfield  writes:
> 
> > One last thing to consider... NEW reviews are already an intense
> > process. If this package hit NEW /and/ we allowed vendored libs, you
> > could safely expect me to never complete that particular review. I doubt
> > I'm the only one; that's essentially ~200 package reviews wrapped into
> > 1.  
> 
> I'll repeat a point that I made earlier but put a bit of a sharper point
> on it: We should thoughtfully question whether the current approach to
> license review that we as a project ask ftpmasters to do is a correct
> investment of project resources.
> 
> The current approach to NEW license review is not a law of nature.  It's a
> choice.  Other choices are possible, such as trusting license declarations
> by upstream and then handling upstream mistakes that are later discovered
> as RC bugs.  The project is much better at sharing the load of handling RC
> bugs than it is at sharing the load of NEW license reviews.
> 
> Most of the ecosystems that make extensive use of vendored packages also
> make extensive use of license metadata.  Sometimes that license metadata
> is wrong, and we will have to have a process for dealing with those
> errors.  But the purpose of Debian is not to be a license checking service
> for the entire free software world.  It's to build a distribution adhering
> to a set of principles but with the understanding that we will sometimes
> make errors and fix them later as bugs, not be perfect and error-free at
> any of our principles, including our licensing principles.  For everything
> other than licenses, we accept the risk that we will incorporate upstream
> errors in our distribution until someone points them out via a bug report.
> 
> We do not *have* to do a detailed file-by-file review of the correctness
> of upstream's license metadata when packaging.  This is a choice.  By
> choosing to do this, we absolutely catch bugs... just like we would catch
> bugs if we did a detailed file-by-file review of any other property of
> upstream code.  For many other types of bugs (including ones that arguably
> have a more severe impact on our users than licensing bugs, such as
> security bugs), we often make trade-off decisions in favor of accepting a
> risk of upstream mistakes and having to fix them later.

Scott K. reminded me that the policy in question is a "should" and not a
"must." This is a pretty important distinction that I forgot about. In
practice, it's useful for when a single file is taken from a large project,
sometimes including weird build tools.

Assuming d/copyright is actually correct (it's not..), then it's not a policy
violation. However, for all of the reasons mentioned, and especially because
most of that work was already complete, I have to agree with the term sloppy.

We obviously need to continue the vendor/ discussion, but I think switching
threads would be a good idea.

-- 
Michael Lustfield

Accepted quantlib-swig 1.18-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 21:54:09 -0500
Source: quantlib-swig
Architecture: source
Version: 1.18-1
Distribution: unstable
Urgency: medium
Maintainer: Dirk Eddelbuettel 
Changed-By: Dirk Eddelbuettel 
Changes:
 quantlib-swig (1.18-1) unstable; urgency=medium
 .
   * New upstream release
 .
   * debian/control: Update Standards-Version: to current version
   * debian/control: Update Build-Depends to current QuantLib
Checksums-Sha1:
 732e999a5b139435df836b2a22a7cf5a2bc20ad0 1823 quantlib-swig_1.18-1.dsc
 0c0e89bd7f1f7bfa7bbb009cf908b0a0d7312734 4173761 quantlib-swig_1.18.orig.tar.gz
 4e876eaf37903124f39e59c97db99bfa1a43b8e4 10356 
quantlib-swig_1.18-1.debian.tar.xz
 77b6aaacb85d221318ecd92e23dd3dc5308a933c 6835 
quantlib-swig_1.18-1_amd64.buildinfo
Checksums-Sha256:
 3440c9661c3793bd2684687839797f54df35cf585602bf6ef4c9c6f08a7d3e74 1823 
quantlib-swig_1.18-1.dsc
 9a14d9fc2dc9489831e1d27f22ed5d6301cb387737a2567b686d76ba9a82 4173761 
quantlib-swig_1.18.orig.tar.gz
 4c98372a50eb6d18bcbea5a866f0b693de4690fb98486f716052e199d256d200 10356 
quantlib-swig_1.18-1.debian.tar.xz
 cde36aca11144f623523cd5416677a0196d4b5762085e7fcfba7164d25137d8d 6835 
quantlib-swig_1.18-1_amd64.buildinfo
Files:
 f7a4527d46189eebff46352b27eede70 1823 interpreters optional 
quantlib-swig_1.18-1.dsc
 ee23146dbe94f78d48b42bf2e58a57d0 4173761 interpreters optional 
quantlib-swig_1.18.orig.tar.gz
 020eb1046d484205975d46a296db1a8a 10356 interpreters optional 
quantlib-swig_1.18-1.debian.tar.xz
 0da4ffeda374edc5cd69b7fdbdfc2839 6835 interpreters optional 
quantlib-swig_1.18-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIVAwUBXnrI76FIn+KrmaIaAQjxMxAAiDNi8d2uDM7tFwv0Suga+1+7ajhsn9HD
VsX48Xx9TksGJqkkAsk0do9XN7m30fU+JjRHtyeMDoVdNGhpqoxNmYanLf1azmyF
pDwlylKRoP5vuVwoeGbbfc1QcE2aRuZhjStveWUPvAocPr7sgesDjw/XuC4WjIf6
44/wvWgR1hy4O42wn/69cB+LlgBd4pj90RLk7kOWiFqp/Ea8qFR2APaKfNJ5E3tb
+hKjs0hwYSV6sM2dB6fZebYrwfAMDBIESj2RGJFau5xC01ZvCvfkNZaBE1P4+dLk
ggGWp0hwAvQjTh5NkPFYM+ODhXbOVAUiIHcPK48FaNNRREhGr8fLnNBOqD39eIBv
k4QvbFyBMJpzCizY8/vDhlxhtfTHnhsMjB5fI9DcUv6b0X+Shp5JfthgUI5Lz7DR
S0ChghuUFKSwF0lpItGmdU32E/UDlTUWVvoLJfQ/GURH97Jiiamuyj17DgKs0J6b
Bv16wsA4/0CB+Ju/r+ro9nkm3YNV/8mssaf1FkLsYYo5lw9kRK518F3qXervILMH
Hr9lnfqVFa/pFFs3QC413TcyJci7ASK5NejtB5+QJVcMGhInp37lB4W9qhqHEqXW
6lJ34IHsGtp2iv/7sprpv6NZ9e93/31sL2aNyfZsbVj6vc2QCU1Pq7Bf7h4l7iD2
sliLAsgwRog=
=5rAK
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Wookey 
On 2020-03-24 19:08 +, Janos LENART wrote:
> Hi Dimitry, FTP masters and others,
> 4. TESTING. The Kubernetes releases are meticulously tested, with far greater
> technical resources that Debian can collectively muster.

On how many architectures? Debian's support of multiple architectures
often differentiates it from upstream, which sometimes knows little or
nothing of !x86. I don't know if kubernetes is doing a good job of
testing on other arches, but it's important to consider those when
thinking about the tradeoffs here.

I do know this is important software on arm64 too, and agree with Russ
that it's nice to have things packaged even where they are largely
what you would get from upstream, just because one only has to learn
one package manager, and can assume that policy has been followed at
least in terms of layout.

I am not at all happy with the tendency of some developer
groups/projects to bundle like crazy, but it's also true that there
are constraints on the degree to which we can and should (try to) fix
that for them. You make some good points in defense of your approach,
and thank you for responding cogently at length, but I'm not (yet)
convinced by the argument that we shouldn't try at all in this case.

Wookey
-- 
Principal hats:  Linaro, Debian, Wookware, ARM
http://wookware.org/


signature.asc
Description: PGP signature

Accepted python-stem 1.7.1-1.2 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 16:47:02 -0400
Source: python-stem
Architecture: source
Version: 1.7.1-1.2
Distribution: unstable
Urgency: medium
Maintainer: Ulises Vitulli 
Changed-By: Scott Kitterman 
Closes: 953863
Changes:
 python-stem (1.7.1-1.2) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add fix from upstream to fix dictionary key error (Closes: #953863
Checksums-Sha1:
 1b3485e961a0443204caff342c555405918a20b0 1972 python-stem_1.7.1-1.2.dsc
 71a0625fa207068bdc24275b7efd4e80a19d027d 8736 
python-stem_1.7.1-1.2.debian.tar.xz
 8a099941e64785023f514410b373f8ba873178c3 5973 
python-stem_1.7.1-1.2_source.buildinfo
Checksums-Sha256:
 3254a4629f25bbdc3dda5ab568c0566edda416ff3fe8c32cd62da7ec71c314c0 1972 
python-stem_1.7.1-1.2.dsc
 e5dc1273bf600d63049b0cfd87e8bcc68e3da02582832037fcc8cadd34ef90d7 8736 
python-stem_1.7.1-1.2.debian.tar.xz
 5dd8322ed53adb72e6e5d36b1c034040ed3736d9c14ccba096dbc8b0cfb8678a 5973 
python-stem_1.7.1-1.2_source.buildinfo
Files:
 0eb7c3c26997b8a0f732a7605102bc23 1972 python optional python-stem_1.7.1-1.2.dsc
 8e73a35d73c872c01b9ae8210327ce2c 8736 python optional 
python-stem_1.7.1-1.2.debian.tar.xz
 199875cfc2cd74544bd48cd967c28843 5973 python optional 
python-stem_1.7.1-1.2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEE53Kb/76FQA/u7iOxeNfe+5rVmvEFAl56vZ4ACgkQeNfe+5rV
mvHedA/8DGxL/HhZsUi8QVF6otrWCFp52s3sPeaPyzxRQgIatWqSwODULOyfonRU
eQL3EbSezP/wrWLUm9ePFVN5c7Txb0pAVU3QAqsI6jBvUAdHPF2Dntq4sRL6FzkQ
W5qGjwz50Ig9foLHwbeF+qWT5jFctxVm3r7oMqT2JrQ65z80pHiO0VnS+ll+6DTu
rKK8aRuc/gLh+THVeBNDZsJ3DfiiZfijjNTSh0bqoX4ewATKz1x3v4XFZUJ898Wb
Y7MV50b5794/tSiGLGfwIN/6AlEOj+8+ycBMpC91B07Agy2mRYgqoYy2glpgez2X
VV3aN7kD1jiJaZfaEGhL9Y4Bbn+XXje0DMu9shAt4NW9NcXjTxqB+BsaOdN9gvnj
N4tPAnqYsijE955/oY3sUTsDcfVtZoC3zCSYTELvewqINsuXGady2CiHOwOg2UAL
WkBFLMn98rs53q6uS7/uw5UwQR/ipMw7//xv7GVhhtKyLPPtknZ3PzLWptM4yS02
Ufkcm4OnBRoAS/8JnYL1AP7UWGmBcZay0bIOROtv4w6ELcESCRx2BxttoIGAhdHR
IXwd67HFIUqDlzAZsUVlh/V4U2UHujROdVTVReqzxzrnbvPXweke+As8bbp6ntXb
AGzanD/AS03ytA62NepFcOnjUh3ZG2mZSjFvcWiKW76ttnPTTHI=
=FxXw
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Dmitry Smirnov 
On Wednesday, 25 March 2020 6:08:23 AM AEDT Janos LENART wrote:
> I know Dimitry was fighting an uphill battle with kubernetes between 2016
> and 2018 and he experienced first hand the problems posed by vendored code.

No. This is a incorrect. Largest chunk of work that I did on Kubernetes was 
in 2015..2016 when I was packaging and introducing many new libraries and 
stabilizing their relationships. A lot of this work has been done with 
various upstreams and a lot of it was in Kubernetes' dependency packages such 
as docker.io. Licensing/copyright documentation and addressing numerous DFSG 
problems took a lot of time and effort to meet requirements for new packages. 
This effort took more than a year or work. Between 2016...2018 I barely 
touched Kubernetes as it was already orphaned.

Challenge is not with "vendored code" as such, or at least not the way you 
think.


> We see more and more software making excessive use of vendored code. Pretty
> much everything that is written in Go. Some of these are crucially
> important, like Docker or Kubernetes. So I understand the concern everyone
> has about how this fits with the Debian Policy.

No you don't understand.

Vendored code is nuisance but not a problem if/when you can throw it away in 
favor of packaged, tested, reusable libraries.

You've made no effort to reuse any existing packaged libraries. Most of them 
could be used without much effort. And there are many advantages of doing so 
beyond obvious benefits for security and de-duplication.

There is integrity of build to care about, and automated QA/CI checks for 
libraries to appreciate. Most of the libraries are tested on more 
architectures that upstreams ever test. We know when there is a problem and 
can do something about it. Concept of good quality reusable components is too 
powerful to throw it away just because you think it is inconvenient.

Vendored Golang libraries run no tests on build. IMHO Kubernetes bundle (with 
vendor directory) is unmaintainable and you can find how much upstream 
struggles with it to extent when they would not upgrade a component to fix a 
problem due to fears that everything might fall apart.

Using properly packages libraries is an advantage to maintainer and a benefit 
to a whole ecosystem.


> Debian Policy, paragraph 4.13 states:

Before we discuss the policy let me focus on your attitude first.

Kubernetes -- one of the most sophisticated packages -- was you _second_ ever 
upload to Debian. You are woefully inexperienced maintainer, knowing little 
if anything about team work, packaging practices, their meanings and 
implications. IMHO your interpretation of policy is mostly irrelevant as you 
are merely trying to use the policy to justify what you did.

There are several problems with how you did it too. You did not use anyone's 
advise, ignored Salsa repository, threw away _everything_ and made no effort 
to understand how and why things were implemented, let alone appreciated 
prior work or tried to improve it. What you did is technological hijack of 
the package, a gross violation of practices.

Imagine I'll upload a package to NEW, get in reviewed and accepted for what 
it is then re-upload as something entirely different bundled with 500+ 
dependencies that were not reviewed then claim that policy allows it?


> =
> I think this is the part that has the most bearing on the vendored code
> problem, especially the footnote. I agree with this principle. But we
> should apply it to the state of affairs in 2020, and to this specific
> situation.

Nonsense. In 2020 using packaged libraries is much easier than before.
You simply have no excuse not to do so. Again, you are not understanding what 
is the problem.


> Keeping all that in mind, here are the reasons why I think it is acceptable
> for now to package Kubernetes with the vendored code, and even the best
> solution that is available currently:

I keep telling you that it is not a best solution but the sloppiest and the 
most inferior one.


> 1. OTHER EXAMPLES.
> [...]
> - docker.io (58, including some that are vendored more than once within the
> same source package, but not including the fact that docker.io itself is
> made up of 7 tarballs)

Docker.io is a special, exceptionally difficult case which should be an 
example to you that even with Docker it is possible to leverage packaged 
libraries. Docker upstream is one of the worst with their abuse of versioning 
practices. On top of that Docker code base is shipped in several name spaces 
that make it impossible to package some components separately due to mutual 
circular dependencies. In Docker we use strategically bundled components only 
when necessary.


> - kubernetes (20 for the previous version, 200 now)
> - prometheus (4)
> - golang (4)
> None of these were REJECTed, and please don't sabotage these packages now

Perhaps Nomad or recently accepted Vault would serve as a better example. 
Vault is one of packages with

Accepted pypy3 7.3.0+dfsg-4 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 19:16:53 -0700
Source: pypy3
Architecture: source
Version: 7.3.0+dfsg-4
Distribution: unstable
Urgency: medium
Maintainer: Stefano Rivera 
Changed-By: Stefano Rivera 
Changes:
 pypy3 (7.3.0+dfsg-4) unstable; urgency=medium
 .
   * Patch: Build Sphinx docs with Python 3. This requires disabling autodoc
 and other custom extensions.
   * Byte compile exception patterns (bcep) changes following python3-defaults
 (3.8.2-2):
 - new "file" type to list just one file
   example: file|-4.0|/usr/share/foo/test.py
 - ignore lines that start with hash char. (to allow comments)
 - tighten checking directory name (partial match was possible before)
 - in "re" type's pattern - check relative paths in addition to full path
   (i.e. no need to include directory path in the pattern)
   example: re|-4.0|/usr/lib/bar|baz/test.*\.py
 - only warn about invalid patterns (instead of failing)
   * Execute python2 (instead of python) during the build.
   * We don't need python-docutils, any more.
Checksums-Sha1:
 b99e73b596d48010a88025325aa593885666e9af 1975 pypy3_7.3.0+dfsg-4.dsc
 d559a4dfa0a7342dd2033eafe9ea1195b6ea4a76 42828 pypy3_7.3.0+dfsg-4.debian.tar.xz
 536a60a6b4e72df3787d9bf345ea4d4675fa5bb6 8920 
pypy3_7.3.0+dfsg-4_source.buildinfo
Checksums-Sha256:
 bf1a8d1217b9f32aa6f4fc1b5884f87f45bc7b6a3672ab4e9d565deb52703f45 1975 
pypy3_7.3.0+dfsg-4.dsc
 618fb857586bf846478375fe5f8e3af3fb9c0a0c92ac70927346580b41496eed 42828 
pypy3_7.3.0+dfsg-4.debian.tar.xz
 57e241cff6a59f42d1375d276c1121ee9df713e51a13f26fce3e7107b7041e1a 8920 
pypy3_7.3.0+dfsg-4_source.buildinfo
Files:
 6d0c394053ce8d6d9ce3be152a59d677 1975 python optional pypy3_7.3.0+dfsg-4.dsc
 9f80a6f65d49dac7913138d834c7efb5 42828 python optional 
pypy3_7.3.0+dfsg-4.debian.tar.xz
 9a10e72698598bd45579a0dc2fce98d9 8920 python optional 
pypy3_7.3.0+dfsg-4_source.buildinfo

-BEGIN PGP SIGNATURE-

iHUEARYKAB0WIQTumtb5BSD6EfafSCRHew2wJjpU2AUCXnq/OAAKCRBHew2wJjpU
2AptAP95sZYMYcry4L0FmcuEiU2VR0hT4iYo2AfEjRh6q2vMtAEAjjAuhCNTGRDe
eh/ReWEzlIzlRK89r/hR0UcZKD6mYA8=
=Kywe
-END PGP SIGNATURE-

Accepted pypy 7.3.0+dfsg-3 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 19:16:40 -0700
Source: pypy
Architecture: source
Version: 7.3.0+dfsg-3
Distribution: unstable
Urgency: medium
Maintainer: Stefano Rivera 
Changed-By: Stefano Rivera 
Changes:
 pypy (7.3.0+dfsg-3) unstable; urgency=medium
 .
   * Patch: Force s390x port to target z10 by default.
   * Patch: Build Sphinx docs with Python 3. This requires disabling autodoc
 and other custom extensions.
   * Execute python2 (instead of python) during the build.
   * We don't need python-docutils, any more.
Checksums-Sha1:
 2ad1a292ec51f47ba6d126e0f3ad27554cbeb800 1937 pypy_7.3.0+dfsg-3.dsc
 aba7b2279dc7010f063da59579b3e1cbc7cb34e8 73376 pypy_7.3.0+dfsg-3.debian.tar.xz
 a7127d1a96ea9c3807cf768adb3c83fef239b625 8838 
pypy_7.3.0+dfsg-3_source.buildinfo
Checksums-Sha256:
 82a2fbd7ce7eae043e0cd9bd2e83640ba2d8f6f752fae504bdc56ebaebcdf911 1937 
pypy_7.3.0+dfsg-3.dsc
 d951fe22c83daa2633a51a947f232ec16f3707327d37f048debac13d067616ed 73376 
pypy_7.3.0+dfsg-3.debian.tar.xz
 cc3202ba2e1f0a2069b3e74040f603e19ee0a741f2985cd282df08d36a3d43a7 8838 
pypy_7.3.0+dfsg-3_source.buildinfo
Files:
 5504582f03c466c31843692c2c0623d0 1937 python optional pypy_7.3.0+dfsg-3.dsc
 037dcfcb27b09f495e06d5da38d85de9 73376 python optional 
pypy_7.3.0+dfsg-3.debian.tar.xz
 ee4673ea3538b43ea95ad41608be2962 8838 python optional 
pypy_7.3.0+dfsg-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iHUEARYKAB0WIQTumtb5BSD6EfafSCRHew2wJjpU2AUCXnq/OAAKCRBHew2wJjpU
2GxtAQDLJmda+Y/KbKgp4rzEsCB1CZZxadXy6VXi47xtFIc90QEAsCGXMlpjeIDq
8MY2F6SghIJ85QCQ4McXXaspqA2Mlgo=
=ZvZM
-END PGP SIGNATURE-

Accepted googleplay-api 0.4.4+git20200310-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 25 Mar 2020 02:06:44 +
Source: googleplay-api
Architecture: source
Version: 0.4.4+git20200310-1
Distribution: unstable
Urgency: low
Maintainer: Andres Salomon 
Changed-By: Andres Salomon 
Changes:
 googleplay-api (0.4.4+git20200310-1) unstable; urgency=low
 .
   * Git snapshot release to include support for split apks.
Checksums-Sha1:
 367d876a4994edbab2d66440fcfd74b36685bfb4 2031 
googleplay-api_0.4.4+git20200310-1.dsc
 7b15569e598e5d33abd5720dfe1fcb8236fd08db 3129494 
googleplay-api_0.4.4+git20200310.orig.tar.gz
 6b07bfd1f2a803a73cd0bdfeefec461493337e22 2592 
googleplay-api_0.4.4+git20200310-1.debian.tar.xz
 4a4392d477b62d21d0ad5eea093191f009c8cbd3 6271 
googleplay-api_0.4.4+git20200310-1_source.buildinfo
Checksums-Sha256:
 cd979783ccd88065cabce57a7ae2210e8709c9a9f61090f6150e41e9a6da5eea 2031 
googleplay-api_0.4.4+git20200310-1.dsc
 814c3ad73cc5aece126d6da440dad887d96897335d4a4b4e9fd4063f91b0a606 3129494 
googleplay-api_0.4.4+git20200310.orig.tar.gz
 7359f7812263495f191fd9d79e3a340d48e953b3996e0a5a797cc3e7e785a621 2592 
googleplay-api_0.4.4+git20200310-1.debian.tar.xz
 b0751128a9de8e15728f9a85feb1086d3e3f889a72d209c77c77dcc12c17a938 6271 
googleplay-api_0.4.4+git20200310-1_source.buildinfo
Files:
 b7adbef4676d1773de46db056ec63139 2031 python optional 
googleplay-api_0.4.4+git20200310-1.dsc
 d6c61dd5059f9207e208a3cfca2e986e 3129494 python optional 
googleplay-api_0.4.4+git20200310.orig.tar.gz
 dcccb3e4e7ef58dad187c7ce973d06d4 2592 python optional 
googleplay-api_0.4.4+git20200310-1.debian.tar.xz
 902890492129e57ba1093f9aa3de 6271 python optional 
googleplay-api_0.4.4+git20200310-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAl56wDgUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjfPIQ/+NmHvGrrBHhGkRFjycz23K6R6Z4kl
k1FuzILzcbTKVQFjSbS3LphkQJf4NLF6LYH3+yjiT0/5sefHa0ElTArqANavPnNF
IX/2eNlG2wOHScOwCTKchLfe4C2INh0nmZVDz0GJc0UkUnVdIKgl7jNM8vraNQpa
53b7N/8ZwcrXIDSnNxG3oRXOyj6Vu14drqDRy8YATWMEu//rWxxftJgObkOEB4Hd
zorY3bQkNj+kdcuC/bzLChIyppFiatuonQPIpUDeCUE5BTSuxkY65sXNYntWqH0B
98VXcAb0lauVMWfN7WmGkmVTbLjtSTZJZgoMdRovDWP9K6FPj2fmTidNHcu8/YJB
r2i/A6cVaovZuhE3ves8GifRvU82xvBaSMqP4oVT9+NwyIJxT9N3qJ8uS1RmUVVp
CaSeeIWjk2iiix5yVUx2d8RtI7Ky885D46SG1aCdCpsmLe+XwjN2eYrEa8txKcQe
fdkeKJaSDf66GMhFgJs3scKCSJvCShOK/LcuzRkWAuyKJ19YbcnRQvNU057JUMnZ
zLjbmFWOr2xqvW3SejcdxfKPyPxpW8GLOpVlUSxEaxkcdGn/2o0EpWt1UjK4863e
sGtyz7D92Fd4JTcGeSmYratdP1lY6eJlYKpYUpgmMEEEtqLTM1Rm6cvRqZRmgeOd
DaAFwcLU86vvH+Q=
=fw9E
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Russ Allbery 
Michael Lustfield  writes:

> One last thing to consider... NEW reviews are already an intense
> process. If this package hit NEW /and/ we allowed vendored libs, you
> could safely expect me to never complete that particular review. I doubt
> I'm the only one; that's essentially ~200 package reviews wrapped into
> 1.

I'll repeat a point that I made earlier but put a bit of a sharper point
on it: We should thoughtfully question whether the current approach to
license review that we as a project ask ftpmasters to do is a correct
investment of project resources.

The current approach to NEW license review is not a law of nature.  It's a
choice.  Other choices are possible, such as trusting license declarations
by upstream and then handling upstream mistakes that are later discovered
as RC bugs.  The project is much better at sharing the load of handling RC
bugs than it is at sharing the load of NEW license reviews.

Most of the ecosystems that make extensive use of vendored packages also
make extensive use of license metadata.  Sometimes that license metadata
is wrong, and we will have to have a process for dealing with those
errors.  But the purpose of Debian is not to be a license checking service
for the entire free software world.  It's to build a distribution adhering
to a set of principles but with the understanding that we will sometimes
make errors and fix them later as bugs, not be perfect and error-free at
any of our principles, including our licensing principles.  For everything
other than licenses, we accept the risk that we will incorporate upstream
errors in our distribution until someone points them out via a bug report.

We do not *have* to do a detailed file-by-file review of the correctness
of upstream's license metadata when packaging.  This is a choice.  By
choosing to do this, we absolutely catch bugs... just like we would catch
bugs if we did a detailed file-by-file review of any other property of
upstream code.  For many other types of bugs (including ones that arguably
have a more severe impact on our users than licensing bugs, such as
security bugs), we often make trade-off decisions in favor of accepting a
risk of upstream mistakes and having to fix them later.

-- 
Russ Allbery (r...@debian.org)

Accepted python-nest-asyncio 1.2.3-1 (source amd64) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 28 Jan 2020 13:59:39 +0100
Source: python-nest-asyncio
Binary: python3-nest-asyncio
Architecture: source amd64
Version: 1.2.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: Diego M. Rodriguez 
Description:
 python3-nest-asyncio - Patch asyncio to allow nested event loops
Closes: 942132
Changes:
 python-nest-asyncio (1.2.3-1) unstable; urgency=medium
 .
   * Initial release (Closes: #942132)
Checksums-Sha1:
 31eac9484908c0677c289dbddcfa016eb0b8adce 2152 python-nest-asyncio_1.2.3-1.dsc
 3b06e27e08d1faacd14175d9b4f4b50ba3e93e53 5798 
python-nest-asyncio_1.2.3.orig.tar.gz
 07b07c97e56dcea5efd5cf855d1aaa292e62fc1c 1916 
python-nest-asyncio_1.2.3-1.debian.tar.xz
 13064ba0de0e872a49502e76811ee42f2d9216e0 6725 
python-nest-asyncio_1.2.3-1_amd64.buildinfo
 ad371ac73824d18f0c4743284a464c73f4cbde08 5208 
python3-nest-asyncio_1.2.3-1_amd64.deb
Checksums-Sha256:
 81d6920650538ce121e204b1da24a6c692939f3dc0081803cb1b0ed1af6d7d06 2152 
python-nest-asyncio_1.2.3-1.dsc
 43078bf213344616a1782eb6baa36ccf88029b829cf7e6eeaececc2cc6cbf63b 5798 
python-nest-asyncio_1.2.3.orig.tar.gz
 2f6c27869ef821296727a250b0342579fac79a16d3e9c9d0f13551cc0ba81b26 1916 
python-nest-asyncio_1.2.3-1.debian.tar.xz
 ac962b77896110e6b50f974cc0adcc3490a03a840ec9490b375dd521f2ab033a 6725 
python-nest-asyncio_1.2.3-1_amd64.buildinfo
 ff9590c1a6985ed171cc9203c8b8810257b7abc0c5f1b4010450d70467aeb399 5208 
python3-nest-asyncio_1.2.3-1_amd64.deb
Files:
 9eef54ddc5a26ccaf3ab84668e0f8005 2152 python optional 
python-nest-asyncio_1.2.3-1.dsc
 dd22a2e7d1cb357681bdd22c95c4a6be 5798 python optional 
python-nest-asyncio_1.2.3.orig.tar.gz
 fc25d171c73da538d20be26344738b8f 1916 python optional 
python-nest-asyncio_1.2.3-1.debian.tar.xz
 8dc10ed532a9cbf6df3bf67e4eacd2d0 6725 python optional 
python-nest-asyncio_1.2.3-1_amd64.buildinfo
 491f6623fdf27f827631c491c38581a4 5208 python optional 
python3-nest-asyncio_1.2.3-1_amd64.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl5DMWkACgkQgj6WdgbD
S5a+1RAA4Vh7X56Sj+yACUaFDo1RgKAAIqlaPK8125BBWTtKWkblPLpMwDaI/L6M
OZMNvqvt/M+OWY8dA5yUyWfd9rjnse2tBtyB2n3kV/7BsYhKIPBHIcj3B3eZ1tzQ
vqQfswHySNVHVS3YUDLwXUFxtzBia5dkereUE40lMoMs4M/Zw+kD7522x8jfkoSh
Z5uhn5cHRA+HOsEY0zbpGpFne2iPqIIU4+ptXJ+ul0/1Va7kRiCluUMCPwXTBdD4
YRzT4PHCaiNH+/uMEOOk6P/8bTHE2+dlyNCfPb7m8ilte0krhcrlvQkx9PhhNXCM
JmO/dcH3edfp9xBJTMzoqPP9HnqsEHLH9C3K13csOMQ35mxNoZ3xe8kunhzGfqg+
zBs5kYPKzH1WwGbvUJu93U35qIRr9AzgS1a/YD9r/BHpivzfT6VM+LEby2B2Epq6
XzqMiY+w6rIbc0ObDGCPcDPGvnCGkm3Nt0jwxxFXQeO8jW+Ds77P4nPS9CXrAWwt
mad4UV7q+UquciXdh0t3gJn6iALq1ThYmoW1qZPIYzlJgNoetXIEeK5kApiPXLbv
vn65zNa+KR5kSEerXQNWaybOvfcWTrF3y6Pe6EGirKJbhVRNMGW6IaeAnnCWi2by
q2L8Ew03WtyXIAEZbBrwuJ6D9MuQn1UDYeaLfv3CWLjpQhv2N3Q=
=XYaC
-END PGP SIGNATURE-

Accepted arcp 0.2.1-1 (source all) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 12 Feb 2020 14:52:23 +0100
Source: arcp
Binary: python3-arcp
Architecture: source all
Version: 0.2.1-1
Distribution: unstable
Urgency: low
Maintainer: Debian Med Packaging Team 

Changed-By: Michael R. Crusoe 
Description:
 python3-arcp - (Archive and Package) URI parser and generator
Closes: 915829
Changes:
 arcp (0.2.1-1) unstable; urgency=low
 .
   * Initial release. (Closes: #915829)
Checksums-Sha1:
 58bc44c98f6f5ff8a9241c3c857e4c38189f3f59 1984 arcp_0.2.1-1.dsc
 c049d28e3c387752da76aaba985b5416e58c9b4e 22063 arcp_0.2.1.orig.tar.gz
 071f7b6740c889d41f5726140cd339926631d0a9 2344 arcp_0.2.1-1.debian.tar.xz
 bb6ea563c6d05ed7c1422e95005b8e811c1c71e2 6217 arcp_0.2.1-1_amd64.buildinfo
 94c01bc47384317c5e5e6d78e66170dae34b35bd 13320 python3-arcp_0.2.1-1_all.deb
Checksums-Sha256:
 0d7e514f2e136eac59fd1960c93081b19e946a3ae54a356a1cd8a170ab4b4aee 1984 
arcp_0.2.1-1.dsc
 5c17ac7972c9ef82979cc2caf2b3a87c1aefd3fefe9adb8a5dd728ada57715dd 22063 
arcp_0.2.1.orig.tar.gz
 680e4d4afb2548ccdf8ed98c0624ef52481d099449b1aaf051d1cabf60c88019 2344 
arcp_0.2.1-1.debian.tar.xz
 34c3554a5f282387e8d5f53a9856569e9135d17fc69e2b677c043b70b4c6f4e3 6217 
arcp_0.2.1-1_amd64.buildinfo
 d46dc195e0af4ab6f8c92a92bfab00e8712d2bb33e4b83daa4e7b358e64ee8b2 13320 
python3-arcp_0.2.1-1_all.deb
Files:
 18fd5ce8f9a5f4e2c15d414ede052006 1984 python optional arcp_0.2.1-1.dsc
 b1c9aa17474e16d809188aeb245cf83c 22063 python optional arcp_0.2.1.orig.tar.gz
 e355cbcc1b09c1656d9f07bd77b63f0a 2344 python optional 
arcp_0.2.1-1.debian.tar.xz
 fc3a68c1072beb738dc3c3f94a363c6b 6217 python optional 
arcp_0.2.1-1_amd64.buildinfo
 c99434bb95f2a7ac390162cddb5bd2ff 13320 python optional 
python3-arcp_0.2.1-1_all.deb

-BEGIN PGP SIGNATURE-

iQJCBAEBCAAsFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAl5EA+oOHHRpbGxlYUBy
a2kuZGUACgkQV4oElNHGRtHr4w/7BZd9mRgw73CKL2wdIg8f7qns2GyIib/41P5v
yfwBhYdZ8P12zkAjK35jKtuMncFE+UKSCjBZnOCCT6oU0TYOIHaQ80f7nPb/m25E
s73ikiNuNXCCHg3DpgRowB8LrJdHf/gCbQcRvpBCgTvCmxnDeXyzlSf7Hxm3biy1
/TddInTElXGiNBRVWZgsULiaqRTzh2BJPwdMPTmJjHVWpIrZjTTKHD68NdGZSNu+
vPmkGS3jI4oGbMkKYgF4yFYMLE3zsuAjv485eJ1+OqB17prNNxTY+NU3XWvd8nJt
RLFY6uz1yW621v9Oxml+pYWtE+sE2Mkk+nz3mzR/sAD4m4dU0z44AemVAbLsLvAU
0ibm3xWmdW5J794AQfm47EG/rg9En09g35IJzk6+xOa9SfMVV13Xg7g7silzlh2z
ui94ZWEg00erpww4gHBO8Gej+lm8Vu47MbNW8H+jo/5aJLGK++oaBl9LdahcQLWk
cGB+IKaLcAqwW2/IPssIHA/WwIxlCkwkLknLMr0pA15KShb3Ze7wehcJ4zrQYiT+
riToRgxF9LzeQE5WI38SoOPp7kEjICg7KmeaU2RzOR/BWtBJSqeYPEYSO0upF4Zd
kS5p8OdCFji97BQqGjl5iyfqBh4WwYT54G3oloBkhOqXRLRfwoCC2k4bw/wimUvn
KrspHAQ=
=fQle
-END PGP SIGNATURE-

Accepted python-pyscrypt 1.6.2-1 (source all) into experimental, experimental

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 13 Feb 2020 01:49:24 +0100
Source: python-pyscrypt
Binary: python3-pyscrypt
Architecture: source all
Version: 1.6.2-1
Distribution: experimental
Urgency: low
Maintainer: Jonas Smedegaard 
Changed-By: Jonas Smedegaard 
Description:
 python3-pyscrypt - pure-python scrypt password-based key derivation function
Closes: 951235
Changes:
 python-pyscrypt (1.6.2-1) experimental; urgency=low
 .
   * initial packaging release
 closes: bug#951235
Checksums-Sha1:
 92e99a758e404313256c50c0173548273c169ab7 1943 python-pyscrypt_1.6.2-1.dsc
 3e1ef40968d31345067dc511f64528f20c80b218 35915 
python-pyscrypt_1.6.2.orig.tar.gz
 5b367ba26ab11999303271316fd276f86f3a59d5 2864 
python-pyscrypt_1.6.2-1.debian.tar.xz
 8caf30d867f0f7f8147a98cdd80bf487fe53cb01 5989 
python-pyscrypt_1.6.2-1_amd64.buildinfo
 ec733b9f04d469125bdce674d6f82875f8f2d0c6 13692 python3-pyscrypt_1.6.2-1_all.deb
Checksums-Sha256:
 e43f3f8a3258364372cb1edb47b2a987cbdbea3839767f3a8241f402e58a56dc 1943 
python-pyscrypt_1.6.2-1.dsc
 70c79f5879a7bad661e6b71956d6e25da54bb372b53f2d91d1d3a2262b7b4d63 35915 
python-pyscrypt_1.6.2.orig.tar.gz
 c48862310b865d7ad26687ecf6488995b983469cde9f23bab2111b88823ac84e 2864 
python-pyscrypt_1.6.2-1.debian.tar.xz
 2a416dfc0f3f442f92572528a941edaf037d41a276aefb0e4b2d30ce612011f8 5989 
python-pyscrypt_1.6.2-1_amd64.buildinfo
 bfc398df88d5a7ad3d7a7edbba409a608e6ef9d86cdf33a5e435141724029d5c 13692 
python3-pyscrypt_1.6.2-1_all.deb
Files:
 e6b4efcaba38c9923b00082207bd62a4 1943 python optional 
python-pyscrypt_1.6.2-1.dsc
 fc97f195bebe03150dd5d03be9d9ffd2 35915 python optional 
python-pyscrypt_1.6.2.orig.tar.gz
 ba052f092b27e5d96332ee5f947dbdc2 2864 python optional 
python-pyscrypt_1.6.2-1.debian.tar.xz
 c3b8b3ab69e5b0ae63528015173efd95 5989 python optional 
python-pyscrypt_1.6.2-1_amd64.buildinfo
 295cdcda4b1fa933e826257947349db0 13692 python optional 
python3-pyscrypt_1.6.2-1_all.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAl5EnnAACgkQLHwxRsGg
ASHCag//evB3UEc6nlH8tSzJAxq9iTRYVmnsCmHKPRHeI8WIPxFjByRk0X2PVoWG
MBeUs5U6n2dRNU7XyAVvlqCM+uabHouX+6O2mkAO89BrpWvCqB3nEfxsqNHS/EN/
vn7fQ+Fx/4Wx4vOYNoGOyPNt1U6O3zEGq57ulJH5da0//xi7IKHcurLcAldmwO2/
HlHa5uuh41WJJu7ADGrHrvUpO3d86HpwRnosgq0Fk6bIhwaTOnYjBBcBjZ8lSE2x
TH0cFw3qgpVkbKyBWW/QfoCe1O9QY+O7c20u/QcMmvWs9rmvBh68Q6QjLBqLXFV/
BMT62o+oEMmfJg9C+GkapZwAuYG0Fcro5zfEGTDEfWBlzTISAQSc61CY/QWLbGfh
Up8IcuwMhdVQsvXHjuJfg6fTs+HTLnPHaNLNLq4oRIkeH7pxSCwO89N2Cz15ovIS
thGRidkNbkm78QwWRVaFooeGwNvAxr0Mv/y2hwWOFm96q3mnkco2R8kjWzqcdsPr
MDus3MMtmjIpcuT5Mz8dzuhqdFb4HzPcvAgwtobPv05d+jP+4qlOlHkx3+mIjAB+
5OnYXmxYfClsopBW8J12y95yFV6fEzCOzCVY9qVntRXGRSvPnzXO/NzACJ17uftj
NUgc5tU9PhtDN1jXBJc7OFm2i+grvD8+SPz978GwOPd1Utv5KTI=
=kZzH
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Michael Lustfield 
On Wed, 25 Mar 2020 02:07:13 +0100
Marco d'Itri  wrote:
> On Mar 24, Russ Allbery  wrote:
> [...]
> The main reason for mostly forbidding vendored libraries has been that 
> the security team rightly argues that in the event of a security issue 
> it would be too much work to 1) hunt each package using a vendored 
> library and 2) patch and rebuild all of them.
> This does not really matter for Go and Rust software because 1) the list 
> of (vendored) dependencies can be extracted automatically at build time 
> and 2) all this software would have to be rebuilt anyway since these 
> languages do not support or do not use dynamic linking.
> 
> Also, shared libraries save memory when multiple programs using them are 
> run concurrently, but nowadays this kind of saving is rarely meaningful.

My point earlier was that it's not just a security problem. We have established
that Debian does, and will continue to, care about fulfilling license
obligations, including distributing license and copyright information with the
package.

Bluntly put, I have yet to see a project that doesn't treat 'vendor/' as a black
box of collected libraries. These directories are rarely reviewed and it is
trivial (default) to wind up including extra libs between builds. Even if it's
possible to restrict that list, I doubt it would be done.

I was (pleasantly) surprised to see d/copyright updated in this package.
However, this is not maintainable-
   https://sources.debian.org/src/kubernetes/1.17.4-1/debian/copyright/


> Because of these reasons maybe we should consider supporting vendored 
> libraries in some cases.

My opinion is still a very hard "No."

This sounds (to me) rather akin to- "since app devs tend to be lazy, should we
be the same?"


One last thing to consider... NEW reviews are already an intense process. If
this package hit NEW /and/ we allowed vendored libs, you could safely expect me
to never complete that particular review. I doubt I'm the only one; that's
essentially ~200 package reviews wrapped into 1.

-- 
Michael Lustfield

Accepted aspell-br 0.50-2-8 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 22:01:16 -0300
Source: aspell-br
Architecture: source
Version: 0.50-2-8
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group 
Changed-By: Joao Eriberto Mota Filho 
Changes:
 aspell-br (0.50-2-8) unstable; urgency=medium
 .
   * QA upload.
   * debian/control:
   - Added 'Rules-Requires-Root: no' to source stanza.
   - Bumped Standards-Version to 4.5.0.
   * debian/copyright: updated packaging copyright years.
   * debian/salsa-ci.yml: added to provide CI tests for Salsa.
Checksums-Sha1:
 4467fbdfbf478a5afbc5f2cf7792d7f647e317b7 1893 aspell-br_0.50-2-8.dsc
 55112070b077a5c594fa85273001e2ccd907e6a1 3488 aspell-br_0.50-2-8.debian.tar.xz
 21ed2b76ec9908580056e7616771528fa5ef1161 5389 
aspell-br_0.50-2-8_source.buildinfo
Checksums-Sha256:
 63b43734d40830d6926d0da0a3816bb01aa2683161e6a63176c18681225f1b02 1893 
aspell-br_0.50-2-8.dsc
 7066916d7cccaca178d80d3f114940e4f5011081b838c1623130d2c95e8a755f 3488 
aspell-br_0.50-2-8.debian.tar.xz
 3264b7df588decce730cc225625d70dd5d83b0c6a9dd2eb8a843d4269f58c95e 5389 
aspell-br_0.50-2-8_source.buildinfo
Files:
 de7e498ab5f2769ef852d4571bce1ea8 1893 text optional aspell-br_0.50-2-8.dsc
 6a9748941f811c7cc8200a081748636d 3488 text optional 
aspell-br_0.50-2-8.debian.tar.xz
 6ca9e50f34afa299c4d221addf06572c 5389 text optional 
aspell-br_0.50-2-8_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAl56tL0ACgkQ3mO5xwTr
6e/nlw//TpTtOW/9de4mRjQaJgOUKUqEshxQHjKbbkiPgf2D1BFPKZqmC+9rjLGR
prNvtdiO0dr9VbRnyxWR1Zv0IeDnHdvT9/j9lcpGqJ5SZXhYNPC5ZWkDkvd2dad0
F2agMTCe2iJHxvXw/vpRkmkG3BQ5ItMaCrQ/x4R3cgu1d8joo5I7QWiq0IJNPDU1
oanQ8CjMOWHaOmW7sgnSe5/5tBC46DYJeMVywv9p+PCiwC8Xwap7LFRknvPUrd0u
DZZmJ9KWMhbjyC1rfLP7HSBVfyJ4Ml9UOhRP/U9ReIaWbSQZYoKtFPclG5h/UhGY
fQ/QxpXtkijxauAI5vuur53jjHohiORXy8C4EcQDxXcLuGSTfjyINJRiRiXqFnb6
mpXNABilcKp1+4lK9dYRjXGpPuIUixvlKe6AcQejPj1/qqXjKFDnEu4K3PwOMvbt
uBjgSAdOiQXB11kiB0YCfe8UThX8QGIkx0K1yiXR8XnE5qatVxtEXSnBuD9BQV57
YvJB7Im7G44heARuS1Z3scSN87+jiyctzMDkw5eMtXqtj7iuTokMNPA46HUQhStH
xjqlTQ2H5NzBqOGAnv+ijg9i3NqTOVXEA32CbR7UuHjZ/LiKfPGfDt5XeuXS7jAM
6WK8fcLU2R4JLcRf0i/sqGEdJGdttboxOsZ32tMImQ6yllXvRmc=
=ZzvI
-END PGP SIGNATURE-

Accepted im-config 0.44-1 (source all) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 25 Mar 2020 10:11:29 +0900
Source: im-config
Binary: im-config
Architecture: source all
Version: 0.44-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Input Method Team 
Changed-By: Osamu Aoki 
Description:
 im-config  - Input method configuration framework
Changes:
 im-config (0.44-1) unstable; urgency=medium
 .
   * Clean up imconfig_find_files_with_prefixpath_glob.
 .
   [ Boyuan Yang ]
   * Add initial configuration data for fcitx5 support.
 .
   [ Gunnar Hjalmarsson ]
   * im-launch.1: Fix a typo in the man page. (LP: #1851997)
   * xinputrc.common.in: Use LC_ALL=C for dpkg-query to ensure
 English output. (LP: #1847618)
Checksums-Sha1:
 8f1ec99fd442bebee25f1c84fd2809ac9f10a7f8 1864 im-config_0.44-1.dsc
 af2dafa6dd157ba53a75700200d64b17bbdac322 44640 im-config_0.44.orig.tar.xz
 25c050402283e24f68610bf16640f7f039210484 9516 im-config_0.44-1.debian.tar.xz
 8d1e1542cfa74dddfbff5fd02e38f6b5ca02ac9b 55536 im-config_0.44-1_all.deb
 1ea3a83fae095b36a1ee069803e16bb68b6e087f 5568 im-config_0.44-1_amd64.buildinfo
Checksums-Sha256:
 0aa7d1330de686e19fece1a2c5da0e7db5b40a2d1e237c147416c0cb600b 1864 
im-config_0.44-1.dsc
 35affd343433cc2777b89dfa5461a3e8a1d9bb707bae9d5b3dfc73e633797b78 44640 
im-config_0.44.orig.tar.xz
 b98567b939f431c4a557ed669e06021dd9a2942008796b7521e988d88aeb8db7 9516 
im-config_0.44-1.debian.tar.xz
 cebb5ee9b4004d4cca818431ccc230484e7d3bed333bbb3629b91e38bba1c642 55536 
im-config_0.44-1_all.deb
 7d22abac98de7f03e03c7336d54195acaaeadc7145b3d7fb476d848d6f214415 5568 
im-config_0.44-1_amd64.buildinfo
Files:
 f0b5087ae1f41f1ae8739d3a8a63120a 1864 x11 optional im-config_0.44-1.dsc
 6fadc4cca80060ff1bc432b706a3dcba 44640 x11 optional im-config_0.44.orig.tar.xz
 7a3a0a1341c5d503f661bfa8ac6b882a 9516 x11 optional 
im-config_0.44-1.debian.tar.xz
 1b8056f98907f170cb1dd2489381dc0f 55536 x11 optional im-config_0.44-1_all.deb
 33a67acb50d0aeab113495fc2adf50fb 5568 x11 optional 
im-config_0.44-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEMTNyTWIHiBV56V1iHhNWiB3Y15EFAl56sYMACgkQHhNWiB3Y
15ER9w/8D78Pn5XXc/9x6u/ZHSFK/SAOd/ClN8rMV98mtsZgI3FNn4gObRa6217C
NHRvyhgqovc3V7Pfq+ErK6qpiLuPHcuvAeukO3tKxd2Q/HjGuuFFDFXYTozt3qIv
7ieq0GSILqS1E2jmVgapkUlGDvAWY7cRF0P15G/FNFS7+XHjA5jG2nEP+GrtYXL5
Utrzt5NAsq9ShkvNHOW7XnXQuvGysftWIbw7Vsh/gG0bepStekOv3Mm5n0Yvf3dL
gt1X8XIsWL6UxRFaUBP6oCWqAPXWx7yOJcxNrqu3gIKOTw3d09tDs/Wtndo1QBhy
0yWGEDHBDD2T/pm99uEYtgygDJc6MXfoWTcFu+tm5bryyu9wwMqit41ZoMur2y7q
iwzQiesVzpNqil91B5/u8JaANruMUungJXamnJpiglfDfGWncXldbvnbuGd5yweI
iI5TcGiZwNtI7uwyZhqOiZMfUOpB7owPmt/fBmEZFNDmiwwManYM+JeXnQv6efiA
jJiET+MbFIZk/rTsnBKYHQC+pWAdADs1zppgjHi8gN7YUxYbUQzLlQZRIwScvxCV
Z9lei9g2mQ60UY3xSXDgLe+heHkYRSxYAJkwGGF1Rcp5LVTSedWMo6bwhfWSIxtr
/84XImJIxbo54tOfJPvjpI5OnZoch8o7M8EvsoQiHg8Q6sHgY8Y=
=gKPW
-END PGP SIGNATURE-

Accepted gpick 0.2.6~rc1-2 (source amd64) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 23 Mar 2020 20:12:37 -0500
Source: gpick
Binary: gpick gpick-dbgsym
Architecture: source amd64
Version: 0.2.6~rc1-2
Distribution: unstable
Urgency: medium
Maintainer: Elías Alejandro Año Mendoza 
Changed-By: Elías Alejandro Año Mendoza 
Description:
 gpick  - advanced GTK+ color picker
Changes:
 gpick (0.2.6~rc1-2) unstable; urgency=medium
 .
   * Update Standards-Version to 4.5.0
   * debian/control
 + Add Rules-Requires-Root: no
   * debian/tests
 + Add to perform a simple test
   * debian/upstream
 + Add DEP-12 metadata
   * debian/salsa-ci
 + Add configuration file
   * debian/patches
 + 05_scons_python3.patch
 + 06_fix_python_indentation.patch
Checksums-Sha1:
 ae1705b07236fbc598f343e70dc50b95c863ddd5 2132 gpick_0.2.6~rc1-2.dsc
 32ca84e5a5b4b505b4b50e253829740c72f95cbe 6360 gpick_0.2.6~rc1-2.debian.tar.xz
 e2ff581aeb908789b63434c95302d97112735c4f 3476276 
gpick-dbgsym_0.2.6~rc1-2_amd64.deb
 7572417e1e0f5ef5f09ba1b45384ab0466abe5a6 11646 
gpick_0.2.6~rc1-2_amd64.buildinfo
 f5b4675856e646bbbc4705a5481c04d46d8483c9 334596 gpick_0.2.6~rc1-2_amd64.deb
Checksums-Sha256:
 4e6356e1377c470aab2c7183aae874ec95611a863a6a594cc8e28b30850803f8 2132 
gpick_0.2.6~rc1-2.dsc
 0843564ec2aa0ec11ecdbfac0038a9dac8bc77d2d9d1aec3ea94d6c098a1982c 6360 
gpick_0.2.6~rc1-2.debian.tar.xz
 5816bf2ecbf03981e0207e6c5b601156af9ce5910a7108fdf7c09462f3e6fa38 3476276 
gpick-dbgsym_0.2.6~rc1-2_amd64.deb
 18270225292829a9213c69eddb28ca445e42958375c872507d16cdd1ff11e8f9 11646 
gpick_0.2.6~rc1-2_amd64.buildinfo
 0783f43f400d93703913337ecf1be07dc1d14b04ebe29041af31c2df0671508f 334596 
gpick_0.2.6~rc1-2_amd64.deb
Files:
 63240b033b47b838cb30b4ac23a57f9a 2132 graphics optional gpick_0.2.6~rc1-2.dsc
 7d863378b82e9fd3336d511820c7e5eb 6360 graphics optional 
gpick_0.2.6~rc1-2.debian.tar.xz
 ed9cef3749c33604203b9b1f7d8551b0 3476276 debug optional 
gpick-dbgsym_0.2.6~rc1-2_amd64.deb
 2346a9d940064ef3cabee61be90529ed 11646 graphics optional 
gpick_0.2.6~rc1-2_amd64.buildinfo
 c6c9224026131ceee5feb0c9d9b8d1ba 334596 graphics optional 
gpick_0.2.6~rc1-2_amd64.deb

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEEZM98WeVrOPBMpvhhyfHL9WNR9xkFAl56rNERHGVhbG1kekBn
bWFpbC5jb20ACgkQyfHL9WNR9xlEzRAAt0qdiZpiS70cl/QNFmvfzF0nXKvCfNS1
jx74IZ5eWLTOhKVC2A/zFWOtRPd+6UovKg9l9JHQj4izafThKnSFL8T6MQw3JayT
RuWVcf/xZRKRlMMFPyBLHH1lynAmNkkGVh8u3I9UPvb8N15IEaUn0R+OaXbXOWF4
YgWxOAwCP+HnM1e4vRHbr79mXBnbp5x4hwTtW9GEZ+lcuG8b5EzwLS4oEwM6KnS8
6Aj+fgvwEsv/OrPCHqrP2cQbxoBikO+SH+QkN/x/r5UYcBarO92C/jbKc3oVKlNn
oPSHkDZbwVefj7M2Wxwo9dVMHBUMBrFwW77GBrySoG21U056PGleZsCG6yCYoru4
eEIxuDNaqF26DHjcDpHHHKUHMlR6rNgli+jXYYyC1XPepfj8EIP/X7b7TL21/4Pv
oaeBx4cG3271/aNwEroEKExWnVw6rrMMvzI3xCMvM/BTUjrYKhiSxJsn6ib8E3Oy
0gBpchP3wDVuZOnTJHEQeGfE4LZ2KbPVhGzIaHMArtsnwSSaoApFpsQp4gsJ+Nk+
X9a9VnjHby2w0rcgPn+5+NUsbc7PH2VPvNzaaBSIir15GgD9g1ZAp4yeLA/kR6A5
5O0Ej330MhCGg267jLzMgC8mDjX2Tl/x8KHv6l2c63iOdplgA4waN7Vthkdnnk3T
BrBYad3pp8I=
=Ajy9
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Marco d'Itri 
On Mar 24, Russ Allbery  wrote:

> (The Rust team is trying the package everything approach with some success
> but is uncovering other limitations in our processes and tools.)  But
"Some" success indeed. My personal experience with trying to package 
routinator has been awful, and there is still no actualy package in the 
archive after many months because it depends on a version of a library 
which is different from the version that we have in the archive, and 
there is nothing wrong with this in the Rust world.

The main reason for mostly forbidding vendored libraries has been that 
the security team rightly argues that in the event of a security issue 
it would be too much work to 1) hunt each package using a vendored 
library and 2) patch and rebuild all of them.
This does not really matter for Go and Rust software because 1) the list 
of (vendored) dependencies can be extracted automatically at build time 
and 2) all this software would have to be rebuilt anyway since these 
languages do not support or do not use dynamic linking.

Also, shared libraries save memory when multiple programs using them are 
run concurrently, but nowadays this kind of saving is rarely meaningful.

Because of these reasons maybe we should consider supporting vendored 
libraries in some cases.

-- 
ciao,
Marco


signature.asc
Description: PGP signature

Accepted colortest-python 3.0.1-1 (source all) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 08 Feb 2020 17:59:30 +0200
Source: colortest-python
Binary: colortest-python
Architecture: source all
Version: 3.0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Pablo Mestre Drake 
Changed-By: Otto Kekäläinen 
Description:
 colortest-python - utility to test color capabilities of terminal
Changes:
 colortest-python (3.0.1-1) unstable; urgency=medium
 .
   [ Pablo Mestre Drake ]
   * New maintainer re-introducing package to Debian
   * New upstream version 3.0.1
   * Add salsa-ci.yml for automatic quality assurance
   * Add parameters to watch check for new upstream versions from Github
   * Add rudimentary autopkgtest for ci.debian.net
   * Update copyright to cover latest realese in 2020
   * Update parameters on control file
 - Update dependencies for python version 3
 - Add new maintainer Pablo Mestre
 - Migrate to debhelper-compat (= 12)
 - Migrate Standards-Version to 4.4.1
 - AddRules-Requires-Root definition
   * Add upstream metadata file
 .
   [ Otto Kekäläinen ]
   * Simplyfy d/control as the whole project is GPL-3+
   * Add metadata in d/control before upload
   * Clean up d/rules of excess lines with no function
   * Define a gbp.conf to enforce best practices for git-buildpackage
Checksums-Sha1:
 4e47f8bacaca0b42673079443b8a988c9abe9b69 2132 colortest-python_3.0.1-1.dsc
 c84ab48bf0081357f65903f88356a0af633aad52 152038 
colortest-python_3.0.1.orig.tar.gz
 183e9bf6015e91f6d5a97dddbf4f83335a7dea8b 5152 
colortest-python_3.0.1-1.debian.tar.xz
 2f2d46d88152f9ca8ae242d28da69599f35d69a2 11028 colortest-python_3.0.1-1_all.deb
 4e490405fffede6c1d781756a9ef01d50004e5c8 6040 
colortest-python_3.0.1-1_amd64.buildinfo
Checksums-Sha256:
 b3a5fa81dbaa45ce72fcfdbfd081a83525f5720fde2d70e6207d3eae7db3fcf4 2132 
colortest-python_3.0.1-1.dsc
 187d8cc5981cb28ec1bc8912360d9d710f51fce2ae3f2b8ecdc4ca3ecf177fdc 152038 
colortest-python_3.0.1.orig.tar.gz
 d4f3f66d583b44e1331ddb4aeb441bee2abb1c7d1e58c16266a7b8a84c93a7f8 5152 
colortest-python_3.0.1-1.debian.tar.xz
 41b9ccac05fbf6d7eaddcfaaf42500c9f1bea396af23100274eb3ef052a2e738 11028 
colortest-python_3.0.1-1_all.deb
 f7b27978bf9cb19448c22ab340287aab2e87ee3eaf6702ab3a3f67ec73bf4d23 6040 
colortest-python_3.0.1-1_amd64.buildinfo
Files:
 906bd2e5edf5dfb54a4bf7aff863b9d8 2132 utils optional 
colortest-python_3.0.1-1.dsc
 9647271ea62f7fb36f067a5a7c948e00 152038 utils optional 
colortest-python_3.0.1.orig.tar.gz
 f8cd77486eaabf592b6e3b74f0eaa6bb 5152 utils optional 
colortest-python_3.0.1-1.debian.tar.xz
 b1f2f385410c5a585e8a593f75483827 11028 utils optional 
colortest-python_3.0.1-1_all.deb
 2ad2b8d062861e45138783d602be9da7 6040 utils optional 
colortest-python_3.0.1-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEmbRSsR88dMO0U+RvvthEn87o2ogFAl4/DFkACgkQvthEn87o
2ogXUw//XfUtAQPaIQtDBsjPi8pUjayIt7ZUdaVn94WAkBwK+IVjRLEdw+5c7kw6
TGTiOpmiB4SUAnKIZk70PpBPUPLFODpJQck1AiC4SaLg13cKr1HlqSVnORCiJi4z
mhX+m0o7qdOmIIEFHjyr9jm+PwbFTN7fm23K0QyKp47ymUYMEkv6Zx2ieCpxtK8J
DkW6PGrbTA995eY6EQmHizb0EMASRdOJHeaUPQq5uyMaP5rdBiXIGCfOruyTT9p/
cabJIaxU3Qdd7zGugTTgusTAUYZsKJ8BBF8JZQUzhIpNkYJE6kPLdiVOD5Zay8wj
kyKhtFjTfM+EFPeoUczx7Yl86RBtCa2q3gJBPvEAWr6wYdezPTo8yS8J8PNK/Cbg
/vCj+aVygdSUMAKDHX13zo7VHku+R/aeDXkgTqSo/pJvbJZ31t++6e1xoHBF23GN
pGH9txoM+GOYPLhnf44zrYWCUROGYCslylp4jiavhUq2PY28mGxWbJjbLSNROR8S
pS3Miy/T5ywzXX4MCWMNMqPJgAQvsyQdq5s3ucbOlzZ8VvHJtG3GyoqXMBT8Slyi
VwEJJUA8DTHGtLEKJNEmTNKIa2pzZpnSxBoPwwCk7s+WBcbwyD+ezQGuD608/9KM
o/ac8dCizV0rF7d3u7DByg8UgwYjuYN9xRkJDBofbxfpxZnpvGI=
=NTe0
-END PGP SIGNATURE-

Accepted rust-generator 0.6.20-1 (source amd64) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 08 Feb 2020 19:01:53 +0100
Source: rust-generator
Binary: librust-generator-dev
Architecture: source amd64
Version: 0.6.20-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers 

Changed-By: Fabian Grünbichler 
Description:
 librust-generator-dev - Stackfull Generator Library in Rust - Rust source code
Changes:
 rust-generator (0.6.20-1) unstable; urgency=medium
 .
   * Package generator 0.6.20 from crates.io using debcargo 2.4.2
Checksums-Sha1:
 8ea6095b2c41c670e3ef381ffe3573338e8c129a 2507 rust-generator_0.6.20-1.dsc
 6435aa5499d390cb79777b9534a785d42d3c0788 26788 
rust-generator_0.6.20.orig.tar.gz
 c66a9fc68cc358a13d6b9632af5c96a0f167c7d4 2804 
rust-generator_0.6.20-1.debian.tar.xz
 af9b2196cc844f9104d4020726367025241bd5aa 26108 
librust-generator-dev_0.6.20-1_amd64.deb
 3a5df2e1a5aa30e79fbb97458a918c3d7da93668 7469 
rust-generator_0.6.20-1_amd64.buildinfo
Checksums-Sha256:
 5cba198e80838a7399f95655f2ce0b2b255d3022b9cadc6e583c771160f91147 2507 
rust-generator_0.6.20-1.dsc
 caaa160efb38ce00acbe4450d41a103fb3d2acdb17ff09a7cf38f3ac26af0738 26788 
rust-generator_0.6.20.orig.tar.gz
 186af5f16cfd17007d59d6edc7b89bbf37295db6dac6d81aec5735862e0d48ff 2804 
rust-generator_0.6.20-1.debian.tar.xz
 45a80a856fd9cb09b55c4c3b15741eaf7fafc00f5ffdce2562df7017a86bdc1a 26108 
librust-generator-dev_0.6.20-1_amd64.deb
 ae1d16f13c52e2a70e78f41839732d88fe555f5d445423e4af21cad6cc06b586 7469 
rust-generator_0.6.20-1_amd64.buildinfo
Files:
 ce2159558f76e43f9aaa27d0fd506018 2507 rust optional rust-generator_0.6.20-1.dsc
 e889b3fd709d603878bc76313b0d399d 26788 rust optional 
rust-generator_0.6.20.orig.tar.gz
 c3dc601bf4f83fc80096ec5fb1f8a886 2804 rust optional 
rust-generator_0.6.20-1.debian.tar.xz
 ee8b88931d0edb39bb0fc8ef405691b5 26108 rust optional 
librust-generator-dev_0.6.20-1_amd64.deb
 2f27e5627e12e5879d1619d0b35aa504 7469 rust optional 
rust-generator_0.6.20-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEtg21mU05vsTRqVzPfmUo2nUvG+EFAl4++RsACgkQfmUo2nUv
G+EHLg//SnfYIn8gv2gxB2EN8oMAOfD5qgR/Y/f5mOP1VOGwbbMy7mG3E1pDr1dH
NKKXen3t1yOmp5YdsZYaI5sS2yyPCiRRFHJKPoiUvgF27xrqtr7ncFS+ok35jEcD
xkKJJkazh7ESMfBp1cgK4/jIjmUKXRA+sw6lUwffDVZGkWmi/0M/j7pNFgk9UASQ
3wTVyMDESUCRhWkbykDjGjDoHhuCacaDBkn+FwcwUNINAm7wj2YGFdKvHc1/vfK0
Fs9a66efXcpCHIXdHuiv+GYAD5BD27hWePZM5oWeQTy/t2PxpoNZbzAL+hJAYamU
51DcPRsWGEHOQDPhfqciJs20J3LO16hzIJh/HQhvD7BAu5k0GeT+B51MiM+E/9YO
UFjqhbgxJaWtT0fYUa2eevH7T+zJ/Woj15C0pXOrkSkSwAwnxIlJVTg2RrWh76ap
3Nq6Z/qxNm7QvC2QaeZyrV8nSh/CSbesrco6/1MbS3X0DWKdCjYQLZbwgejS6Q4V
dWNlIKzTpuskSTnZBEObuCws7f+8d1FgnXhJqWNZ75k5IvmTv71x29mn0eG3Kil6
a5qRbAoU2CSYv2AepPAzyHEiZufe2mmDOTO6WrvxpPlBzRfK8spll7htOLo0gShh
u0ApTdnAdqlqwOIJ3WqHNJOKil15fNFvL8XBintZVCfrTS3DnVY=
=bcqk
-END PGP SIGNATURE-

Accepted rust-gettext 0.4.0-1 (source amd64) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 08 Feb 2020 18:59:17 +0100
Source: rust-gettext
Binary: librust-gettext-dev
Architecture: source amd64
Version: 0.4.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers 

Changed-By: Alexander Kjäll 
Description:
 librust-gettext-dev - Gettext translation framework for Rust - Rust source code
Changes:
 rust-gettext (0.4.0-1) unstable; urgency=medium
 .
   * Package gettext 0.4.0 from crates.io using debcargo 2.4.2
Checksums-Sha1:
 fe7ae86ef896b82832737356d4bcff6815af269b 2229 rust-gettext_0.4.0-1.dsc
 747110d0463aa59dbfed32ef08a46ea50d2bea7b 12223 rust-gettext_0.4.0.orig.tar.gz
 772e4f99de5e8c801ff1a9807dd6bdc2dbbb6866 2488 
rust-gettext_0.4.0-1.debian.tar.xz
 b2b7133102cbedff7ca07730f4795cd1ebc9c7f4 13628 
librust-gettext-dev_0.4.0-1_amd64.deb
 e85825cd5874bee05885efe9a05f92c97cc46305 7646 
rust-gettext_0.4.0-1_amd64.buildinfo
Checksums-Sha256:
 b7a4694b1ade287cdc8bc854df6ad5fc8d84edb216200d4c8a4075cdf16c8b70 2229 
rust-gettext_0.4.0-1.dsc
 9ebb594e753d5997e4be036e5a8cf048ab9414352870fb45c779557bbc9ba971 12223 
rust-gettext_0.4.0.orig.tar.gz
 7a4647d3bd166e3cd07c6749e4bbde4476b0f0a28f225bcff3a6e1c4310a7794 2488 
rust-gettext_0.4.0-1.debian.tar.xz
 d575aca412c144a20948479756a50ddadb834ab5d4b6d6d15fa880347853ef42 13628 
librust-gettext-dev_0.4.0-1_amd64.deb
 6192228930ac91a74562b6e7356fb0841bcd2c8150d14f164d795ae985040d01 7646 
rust-gettext_0.4.0-1_amd64.buildinfo
Files:
 57e2d32f2f1f832f48c3cffdfcc6c6a9 2229 rust optional rust-gettext_0.4.0-1.dsc
 773fcff5e88bd8d7a27f367adeb9e07e 12223 rust optional 
rust-gettext_0.4.0.orig.tar.gz
 2f053851a1c1f49ff193ac5feafd2ad2 2488 rust optional 
rust-gettext_0.4.0-1.debian.tar.xz
 7156b90612f9d53f75b6711ab7ecafa7 13628 rust optional 
librust-gettext-dev_0.4.0-1_amd64.deb
 7b2661be1f7f522fef4e7f4a2be86e26 7646 rust optional 
rust-gettext_0.4.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEtg21mU05vsTRqVzPfmUo2nUvG+EFAl4+96UACgkQfmUo2nUv
G+FEyQ//cEnbCMMBMBxduumuLoqIX0m2tqB3zOOhW/C1fscKFQSik0BJLK+tt4HB
OzwyLd4OkLwvKYe7oq7xB324nTmOkcpNW8vjbzVZ5hOWvBXcq/TLzLUY99xCFyWg
l9c9ApyU8XKff8LfszrNCNr5XZJ8VJ0pdVlEEunjcEbtSDkrBW6Y1ZHV2aNhBKSx
oiBxzI5LeAQ53MD9TdpOPAP5d6vwN2LPhz14EPbg1CFMkgee5K8oR7gWO18QlV4D
CN2sZdHQypznS8o4Iixy+d/VOD9ijwcFhgEeo0iTACB12tobNRUm/faveVGxXaiT
DT4dTVcubErqMgiYsFohATzpyDDgRUQcf3vQL6Bz+66agq3Q48U3NTDVIleu9Ea9
txzlba/S6mqyjYRUWQ5bcGTP2P2DSXGN0mKT8+MC+ukBqPrul5DoMKhXycmlB5tR
9nzesyRoPsdVPGKzVXdzFNLlBZz2gejQFIaKCWiwBJu5ukp6oGTjWHxfzpiuHVa+
tctWq5T5Khcp3v4wKZClBuQwWhn0kwvE5zaRgKv9vfgapMagdsCVFonEwwBCJ3EQ
npNJm5Y1BlNlGSncX7q0HQYlXRXWf/u9UbYRMKLamZcqVTf6WkqXDQLpxMTOhFwd
HW++X75oTLWy+FhWz2/v3uCoVCzKnkVoiYAArQPwETLCE2x3hUI=
=/dsE
-END PGP SIGNATURE-

Accepted rust-subprocess 0.2.4-1 (source amd64) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 08 Feb 2020 19:22:16 +0100
Source: rust-subprocess
Binary: librust-subprocess-dev
Architecture: source amd64
Version: 0.2.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers 

Changed-By: Sylvestre Ledru 
Description:
 librust-subprocess-dev - execution of child processes and pipelines - Rust 
source code
Changes:
 rust-subprocess (0.2.4-1) unstable; urgency=medium
 .
   * Team upload.
   * Package subprocess 0.2.4 from crates.io using debcargo 2.4.0
 .
   [ Robin Krahl ]
   * Package subprocess 0.1.20 from crates.io using debcargo 2.4.2
Checksums-Sha1:
 c3bc81deb8df684e4fcfd6ff09e749b16cf4fd9b 2757 rust-subprocess_0.2.4-1.dsc
 de50a87d1209eeb07b0ec5e020936b32f6bc733d 44467 
rust-subprocess_0.2.4.orig.tar.gz
 00101df2c24db897cf2648e5301e2ac66ec9e4e9 2680 
rust-subprocess_0.2.4-1.debian.tar.xz
 d771f78b70e4d8e39d8457e971549435ac03b559 40192 
librust-subprocess-dev_0.2.4-1_amd64.deb
 4ce3f2d79700ed01df88c355653a821cadb94369 7250 
rust-subprocess_0.2.4-1_amd64.buildinfo
Checksums-Sha256:
 9bbca8707425d9ba2317fb7ed808f702c20fa15c50c189b46f1c767f7fd48541 2757 
rust-subprocess_0.2.4-1.dsc
 5109e3c3215ce5339ca9766a6db7f39144ccc7d9bad53b96d65cfb14ae6c2985 44467 
rust-subprocess_0.2.4.orig.tar.gz
 031e1c35d86a8ac6b04e4cc78241d8df53997460fa7c75a4c61d39de4d440278 2680 
rust-subprocess_0.2.4-1.debian.tar.xz
 c843187d2e2c1a6a6aa0fde83cf51ea7a0244dbcbe1841414ce9d153ed28dcbc 40192 
librust-subprocess-dev_0.2.4-1_amd64.deb
 4d5a75957269dbe42f05c06462e8d5b251c14175b38386ef64b2f87aab2eb20b 7250 
rust-subprocess_0.2.4-1_amd64.buildinfo
Files:
 fe781a985b58cb75c7086aa556c8857b 2757 rust optional rust-subprocess_0.2.4-1.dsc
 04e1aaab2bb20bdbfb0eadac24a9ecfc 44467 rust optional 
rust-subprocess_0.2.4.orig.tar.gz
 7c0fd2573b1f2a9627086c5e8708129b 2680 rust optional 
rust-subprocess_0.2.4-1.debian.tar.xz
 1b35f0bfce1e9ecdd20bcbd5a5f954f1 40192 rust optional 
librust-subprocess-dev_0.2.4-1_amd64.deb
 5559e5a7ed140dae2c5036836f4ede47 7250 rust optional 
rust-subprocess_0.2.4-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEtg21mU05vsTRqVzPfmUo2nUvG+EFAl4+/NMACgkQfmUo2nUv
G+Fxmg//XndcBP4JxC02QN2o6eXogwObwc0QK6O6KEB3Uam1hz9HhY/Cc+XvPwvD
CLMONbAO9UPt213mZHHc+FRldSAvHMwzU7Si45XLg5nBR5hCvu+CjQb/Em9iHUqz
4iPWAYZsphZe9qu2aRWYHfIQVTQ7L9wJ5wD48E3V/FDVVN21aICkLZ3Yl5O6v4dg
SkrxQDI7Dz5rHOp09BqS/U1pa4jNEKUGDNoDNOmcUVUMao0v500fm4nCO/SywVMe
6/Pk7jABrvSdrAl7+p8nGJLozocJTbvQXYfZg1EYi4LWrJte4uBJw6PZlyMyY5N2
pOwncRPWvMVytS7OUaqh/6EoImG4fhRZCJYpUn4BvU426HznbqWSW5iXEnCqNNWj
dy5LmVgH3jt6GJ/5kDQcIA0HgAreaulp4+dCjX7Oi89rVCvy9erLR6bu4lf+PAsV
r1aOkx5DYU41MGj8Lts7pT3ajct9W9vsYUBLSfX9jiGWzCuopKGzJXElyhJHc1pn
s6t8K6BgzovX4HtNc5dwyaedWoGoAtjYK3YkqlBnsN7AQvMCaxiAwftRR4rSBmSh
QZRqDYe37v0llGm5N2VQ8sJO8cq//drVtcGXNRlCQ+zzfFKMt4cwihedKe9Wxyzk
9GHBEDOTlw7SIl4tBggk5O78vd08tI74eZTefvPC53LHnOEpOwY=
=ZbZY
-END PGP SIGNATURE-

Accepted rust-console-error-panic-hook 0.1.6-1 (source amd64) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 08 Feb 2020 19:05:28 +0100
Source: rust-console-error-panic-hook
Binary: librust-console-error-panic-hook-dev
Architecture: source amd64
Version: 0.1.6-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers 

Changed-By: Wolfgang Silbermayr 
Description:
 librust-console-error-panic-hook-dev - wasm32-unknown-unknown log panic hook 
to `console.error` - Rust s
Changes:
 rust-console-error-panic-hook (0.1.6-1) unstable; urgency=medium
 .
   * Package console_error_panic_hook 0.1.6 from crates.io using debcargo 2.4.2
Checksums-Sha1:
 c8a64ab8290802620c9c308392bf25d88227f14b 2424 
rust-console-error-panic-hook_0.1.6-1.dsc
 8b3bf50e8489b32df11ca112bf8d636113659ed0 501738 
rust-console-error-panic-hook_0.1.6.orig.tar.gz
 b4aed898eafb7d3da84f24f50858ad09655be78a 3084 
rust-console-error-panic-hook_0.1.6-1.debian.tar.xz
 3dcfab5eb90803e48f6312800e01fe332024ca0b 501952 
librust-console-error-panic-hook-dev_0.1.6-1_amd64.deb
 19f17af2021d7c456da6c1f57db0e887688210ec 8251 
rust-console-error-panic-hook_0.1.6-1_amd64.buildinfo
Checksums-Sha256:
 026740fb583739990ff9d4e9aa4ff6e4214968723f43c27974edd1df643fc3fd 2424 
rust-console-error-panic-hook_0.1.6-1.dsc
 b8d976903543e0c48546a91908f21588a680a8c8f984df9a5d69feccb2b2a211 501738 
rust-console-error-panic-hook_0.1.6.orig.tar.gz
 f9ecec2abfc0393c66324ebd8c3f92f55ed44f1aacb66693f6c62d6a887aa495 3084 
rust-console-error-panic-hook_0.1.6-1.debian.tar.xz
 bc3bf8e61535dfb3169798b26686c67baed60a7f7170aa376b07dea7e1019f6f 501952 
librust-console-error-panic-hook-dev_0.1.6-1_amd64.deb
 96e3ac713c235e1074e7ea8aba0302aa4adcfa0935e545496622fedbce777f15 8251 
rust-console-error-panic-hook_0.1.6-1_amd64.buildinfo
Files:
 5a321c237757341e543e96b544a9c0d1 2424 rust optional 
rust-console-error-panic-hook_0.1.6-1.dsc
 9c5250d080d5438c22fdd8490441a01e 501738 rust optional 
rust-console-error-panic-hook_0.1.6.orig.tar.gz
 6ad9953398a7560df604ff95382ac5fe 3084 rust optional 
rust-console-error-panic-hook_0.1.6-1.debian.tar.xz
 03d7188642c52c53daaef90e8c42ffcb 501952 rust optional 
librust-console-error-panic-hook-dev_0.1.6-1_amd64.deb
 61b2deb37580d3258f8406b04fab3757 8251 rust optional 
rust-console-error-panic-hook_0.1.6-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEtg21mU05vsTRqVzPfmUo2nUvG+EFAl4++QsACgkQfmUo2nUv
G+G9dw//VQYqt/1eS1c/TmMhgVQwJq4nls2JG+5UrqD0a7fS9w0NIu70pY8UXlj4
MvujsNCFDldxjrAnq8Md3EdqbiwrUDYzTv1aqOxkdB2jGnKZMd5eVHkLxH+ySPmi
59jbaYqj7PA3Qpl+aDh0Kv4yWiZtyHrCduAWWfvx5ohXo7Q0dbvriDkv9YhMtPsa
zG8qdVE5nQXMRQqBmmX9IrsY2wlv9kqt3EmZfzFAXLuSjq7fHC7GM7bz++ht4SQV
cz38+NgRRUc4snSmzrnchL1d3Ks8ueTR6JDYvXP4crsyjEhz4TuXOhzPnTQtzhGx
Xa+dzPD2kIo8A4hQJLqiISzcFohvwyUWpR8OPhuU92gpaESL9hhhqVYPNRNo31aD
naa1wtHqwO97WwDu8cpNKPU7xcNN/TKJxJyYpdjHd2ZntpybxwlS7yyrw94aZhvX
WFMBHuC/4rXBoCX4zJMdkzipKLpP72mWCYRkTFMrQJWXP1s5Ynm/rTxuSrY3iCAa
wf51w2qs0cWGWBSczEq0RaBzrXowzjH3UtgURX2ktN2SvLOrSItuvJ5/qJXrO553
ZfdRVXLXPSMbw6xO3eoiSllFpKBwWpeyoKkvlX079sfRT9ILiMPhD/jraduK//00
iD7NkU0q1YkYdPlAV/GNerAfthSS5UMRCTHktUKDbmfUhdrJ7lg=
=cnhx
-END PGP SIGNATURE-

Accepted node-mqtt-connection 4.0.0-1 (source all) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 06 Feb 2020 02:30:57 +0800
Source: node-mqtt-connection
Binary: node-mqtt-connection
Architecture: source all
Version: 4.0.0-1
Distribution: unstable
Urgency: low
Maintainer: Debian Javascript Maintainers 

Changed-By: Ying-Chun Liu (PaulLiu) 
Description:
 node-mqtt-connection - Barebone Connection object for MQTT
Closes: 950749
Changes:
 node-mqtt-connection (4.0.0-1) unstable; urgency=low
 .
   [ Ying-Chun Liu (PaulLiu)  ]
   * Initial release (Closes: #950749)
Checksums-Sha1:
 a8af093af2d43ff272b0b58f4a2fbe8d894f2b90 2348 node-mqtt-connection_4.0.0-1.dsc
 f171f08edb113c880c67d5cca29b081338139f1e 11718 
node-mqtt-connection_4.0.0.orig.tar.gz
 4299e042fab35865eed50176a234a64fdb64f80f 2292 
node-mqtt-connection_4.0.0-1.debian.tar.xz
 cde6a49b9b5a0a0a0e3e6169bf7d6d6504adee00 8664 
node-mqtt-connection_4.0.0-1_all.deb
 aeed0d1ede09d91ee678f13569390f5a2cba34dc 12198 
node-mqtt-connection_4.0.0-1_amd64.buildinfo
Checksums-Sha256:
 a6de79898854e3c4dbc1d2d962a7a518a0a489fcbd1e70b984096dcd5d2a345b 2348 
node-mqtt-connection_4.0.0-1.dsc
 39c6a72790528bc62d2f6fd34e920dd0e129e0fa6f7e85f387154400d2e03dd1 11718 
node-mqtt-connection_4.0.0.orig.tar.gz
 4123dd6483ab245d26558cabf0c663d6c84982e333ed865c387a9385d0b06e90 2292 
node-mqtt-connection_4.0.0-1.debian.tar.xz
 2a2232623163c458824333ad81ae4d80433ee15463488fcf482afe055a631652 8664 
node-mqtt-connection_4.0.0-1_all.deb
 48cf87286cd75c2ce7dd4d3ea9de4d0dab738ebcc97304b8dfbde67694cfc985 12198 
node-mqtt-connection_4.0.0-1_amd64.buildinfo
Files:
 a99f36f0e2e8731309690b58136268b4 2348 javascript optional 
node-mqtt-connection_4.0.0-1.dsc
 27a5afcdd463fe3e2a119e5d641f250a 11718 javascript optional 
node-mqtt-connection_4.0.0.orig.tar.gz
 1948227c22a858467ab4c1951cb64e14 2292 javascript optional 
node-mqtt-connection_4.0.0-1.debian.tar.xz
 69d32e92b11a0742470ffd10060eaf30 8664 javascript optional 
node-mqtt-connection_4.0.0-1_all.deb
 0d97de98e58f6a8fb14e32c0cbf8cf84 12198 javascript optional 
node-mqtt-connection_4.0.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJHBAEBCgAxFiEEo2h49GQQhoFgDLZIRBc/oT0FiIgFAl5Bp58THHBhdWxsaXVA
ZGViaWFuLm9yZwAKCRBEFz+hPQWIiOqwEACT3tMA/NFtPgT7+E+UPM6G1HzFNmmF
JImQrQLkdB7oClritWIPMen+g8nVJzm99r7Ukqn/iBnuPlBCE3vqIzTBdZ6Vd89v
cbFrcLCsH8ENZMYQbioAIqCJAT8Aq5vpL5kcIVJG3lkS4WLjBWy4QNY6jbJsvKv/
5CrWuEweC8jtKDp+iUuKi5pIboSNSiBTGU9VTMKAPq8c1Z9HrzH/DfXRkKRKCOfd
5eVWToB6fmPzZJSi0qa2ZitGedpcq2mPkBqOr4HF6Gq1XmHfzqcZA5IqpB0SzTMu
3hkog+TpFXUSTx4PRB6ko1Xw1aXp1iohHwlToqhImFKryCRmUCx2eaPRWcrJ1e8u
RlTJrYWUuC7LAXaOG9HWKP4BikhX8ETHF7TqPco1HWeLw3ahwaoSWfvI4Ew4ajKX
M5m9ELo6mDBENWWD3rgZNFgST3DsKZDAZ5SyB7xuPfq7EkFJH/ftArJEc6yWUeJu
+02c5TpRRQTjdZ7KJyuizuEhLy9lgHNDiOxzzkqhWFtI9qgeYhys8E5v2Q7qPlB3
5KTox35eP0ofpdC/8834YMAlMmCqiPpg7e8Zt7v3TUq6rbBUpWxsJA/xTFt0fKDk
N6dLusgXTd2EmExrX8sUGaLxhsuT9J8BY0kWbqmAtLBL2NmXYAlP98E/QG6vKttG
OjRR2xrHnbNMZA==
=7YpW
-END PGP SIGNATURE-

Accepted neomutt 20191207+dfsg.1-1.1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 19 Mar 2020 17:09:59 -0700
Source: neomutt
Architecture: source
Version: 20191207+dfsg.1-1.1
Distribution: unstable
Urgency: medium
Maintainer: Mutt maintainers 
Changed-By: Stefano Rivera 
Closes: 948895 953757
Changes:
 neomutt (20191207+dfsg.1-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix segfault in pager on new message received. (Closes: #953757)
   * Fix FTBFS in non-UTC timezone. (Closes: #948895)
Checksums-Sha1:
 bf99aecf42d5b235ad4cbafbb933c493140c062b 1694 neomutt_20191207+dfsg.1-1.1.dsc
 105a7dd075f196302d356e7d8e9404f1ff60b17a 21172 
neomutt_20191207+dfsg.1-1.1.debian.tar.xz
 a39727e88a10cf2fa80fb90b4bb34069e100649d 5225 
neomutt_20191207+dfsg.1-1.1_source.buildinfo
Checksums-Sha256:
 791a70acbade8f0c287283a0e8c6e31a89f4cbcd8d779d529e4f69df97e8193c 1694 
neomutt_20191207+dfsg.1-1.1.dsc
 a336a7184e0e0f0019add0f451f6f9c9b3e7f8ebeb1042a80635bd1b3d17513f 21172 
neomutt_20191207+dfsg.1-1.1.debian.tar.xz
 ae450c0e3564b7b35391cbf8701d42366df91de1e00b5174abcccb8b72a628b5 5225 
neomutt_20191207+dfsg.1-1.1_source.buildinfo
Files:
 b675a3f96df900d0b8d4352956d54501 1694 mail optional 
neomutt_20191207+dfsg.1-1.1.dsc
 dbdbc6ba5b1651b01441b4772ecef522 21172 mail optional 
neomutt_20191207+dfsg.1-1.1.debian.tar.xz
 b1cbc5caf03b67cc15656bc6748bddea 5225 mail optional 
neomutt_20191207+dfsg.1-1.1_source.buildinfo

-BEGIN PGP SIGNATURE-

iHUEARYKAB0WIQTumtb5BSD6EfafSCRHew2wJjpU2AUCXnQKwAAKCRBHew2wJjpU
2G2lAP43vJR/02/VO9EfVbLaJaY5jnf70pYcu5sMPEcyGsRYEAD/Ximy16b7ZJ3K
52mI912BamnNDET9cItYotmtTlCfKAU=
=m1g0
-END PGP SIGNATURE-

Accepted ruby-graphviz 1.2.5-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 25 Mar 2020 01:10:06 +0100
Source: ruby-graphviz
Architecture: source
Version: 1.2.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Daniel Leidert 
Closes: 952039
Changes:
 ruby-graphviz (1.2.5-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream release.
 - Fixes Ruby2.7 build issues.
 .
   [ Debian Janitor ]
   * Bump debhelper from old 11 to 12.
   * Set debhelper-compat version in Build-Depends.
   * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
 Repository-Browse.
 .
   [ Daniel Leidert ]
   * d/control: Add Rules-Requires-Root field.
 (Standards-Version): Bump to 4.5.0.
 (Depends): Remove ruby-interpreter.
   * d/copyright: Add Upstream-Contact.
 (Source): Use github release page.
   * d/ruby-graphviz.docs: Install README.md.
   * d/ruby-graphviz.lintian-overrides: Update.
   * d/ruby-tests.rake: Don't run files in sub-directories copied from the
 examples directory (closes: #952039). Be verbose and show warnings.
   * d/rules: Remove obsolete pango related G_HOME environment variable. Use gem
 install layout.
 (override_dh_installchangelogs): Install CHANGELOG.md.
   * d/watch: Use github release page.
   * d/upstream/metadata: Add YAML markup, and Archive and Changelog fields.
Checksums-Sha1:
 7c01c1dc4634c4c3e07990b77c1d27ebf82a48f6 2066 ruby-graphviz_1.2.5-1.dsc
 2f0155240e534740a602320cfde6271434cf21e3 118101 ruby-graphviz_1.2.5.orig.tar.gz
 5c85bd3e8defc1f06a518f4742750ad18bc1907e 5160 
ruby-graphviz_1.2.5-1.debian.tar.xz
 92cc8eb2deaca03e5594ca7a1b5772cdfc3029f4 9997 
ruby-graphviz_1.2.5-1_amd64.buildinfo
Checksums-Sha256:
 19280f8ef554a4c3e9f2e5b67e88f3bd0585820d54073a31f7373a4df9832085 2066 
ruby-graphviz_1.2.5-1.dsc
 a98038ea7f8ecfca0e89962d98bd613999a13afb006bad31bd9c4f02c3618a28 118101 
ruby-graphviz_1.2.5.orig.tar.gz
 b227eea97fab29efcaef2c12b612179ac8d35e1662492afcb96c4d12cf759a8e 5160 
ruby-graphviz_1.2.5-1.debian.tar.xz
 38f3ef8add965db4103425ad91b587f31ccd9bffca7f5423a305d53db1e03898 9997 
ruby-graphviz_1.2.5-1_amd64.buildinfo
Files:
 205810fb74f2c934d8ecf77fd4fdfd30 2066 ruby optional ruby-graphviz_1.2.5-1.dsc
 82938cac5e8eecb06d22b143c87b0661 118101 ruby optional 
ruby-graphviz_1.2.5.orig.tar.gz
 ce83d40d0006db859ce2c8c892e76dae 5160 ruby optional 
ruby-graphviz_1.2.5-1.debian.tar.xz
 e2c9ec5298ca3444ae4890de70a9f0c4 9997 ruby optional 
ruby-graphviz_1.2.5-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAl56pI0ACgkQS80FZ8KW
0F3NDw/+KxSRdQ0QZer3Sym796E4ZzcZs2zjEtqiAfjUpbfVpygRQJWZUq2UBu4R
EHGC07ZAIgpIuuUWeyOcMiGeKi/llLro3PKck8hwBUrD0mwuUoC05UBrkqWbHyvV
4HgIzEqpUIuoQPUlqM/7tRhXldlPk+Oc2H3/BvEVdBANJalvy1pHNSrvr4l5Eew7
1qnwzSzI6HmxHqv1mvRrWeHkUpSj4bObDoCAulBqzk7NHxyhdVknD2LT6De78gB4
sg9EmpTTOQODZItb1Ub+d7OulFE68wxnHeR9sEYaM35S+ZZ/JggTFF3F+May5MAx
ufPzNxNploXxfgLV/XgmsiAC5AyrFuyyr/WC5gvqQsI+BZ/VpkM6Jk+6vjvK+tWy
delqPBYDUnnsvk7HgiDfwGlqF5rfuHNa0Q9lUrEcrs260MJmvd1ANBteCWRKfz6H
+Hk1LDcwSpoH4Bk3+9R1jZfihhxEY+eAIoFtSO5K8aiYqciboW0mF7tFn3JPYAzY
NEMpoKLjprQENaHjmxgsETZMhE2Sf/wooSb0qNECM1Ynuczl5QC24s8viS92lWNx
IEwsNLxFbICWnyYmeV8J6PskN2cPoaTxqJj7xG2ne9Rd9h1tSgQbs7X01WdQl2LA
VGsjUiQxoWSS+udt60Q/BXk2dO59nXf49dsbAiJ7D2NXaEB9/ug=
=7+Kj
-END PGP SIGNATURE-

Accepted plover 4.0.0~dev8~66~g685bd33-2 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 20:02:17 -0400
Source: plover
Architecture: source
Version: 4.0.0~dev8~66~g685bd33-2
Distribution: unstable
Urgency: medium
Maintainer: Harlan Lieberman-Berg 
Changed-By: Harlan Lieberman-Berg 
Closes: 950756
Changes:
 plover (4.0.0~dev8~66~g685bd33-2) unstable; urgency=medium
 .
   * Rebuild for source-only upload. (Closes: #950756)
Checksums-Sha1:
 56dd41a1cfb2afb6fde1f7b8bf72b816d7b61498 2412 
plover_4.0.0~dev8~66~g685bd33-2.dsc
 2d6a5c109f67fe0810829171dff2fbb24a0c4118 9596 
plover_4.0.0~dev8~66~g685bd33-2.debian.tar.xz
 e45f18985f7d86364f6f52590b998310619c6928 10461 
plover_4.0.0~dev8~66~g685bd33-2_amd64.buildinfo
Checksums-Sha256:
 98ea287d200b5a8e9c4fd5bb44280481674034fcab7084dfde3e775c61512d11 2412 
plover_4.0.0~dev8~66~g685bd33-2.dsc
 c3a3748ceb979903f92b0ccef524a9c23262b14c0f88f401c29ddef1e1ba54a0 9596 
plover_4.0.0~dev8~66~g685bd33-2.debian.tar.xz
 f841575ebfe0e7108426eba00dd01b511089352be0fb3e74854489a0ebf3a144 10461 
plover_4.0.0~dev8~66~g685bd33-2_amd64.buildinfo
Files:
 1daaa4adf670ebf7e61e21f88a67b136 2412 utils optional 
plover_4.0.0~dev8~66~g685bd33-2.dsc
 97ab05b95a21b2f11837fbe8d8e8979c 9596 utils optional 
plover_4.0.0~dev8~66~g685bd33-2.debian.tar.xz
 7b4b98a1e91c1e71b5cb2980e8bb267c 10461 utils optional 
plover_4.0.0~dev8~66~g685bd33-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQKqBAEBCgCUFiEEYveV1JOn7SmlGhxBnX5VYE2Rn4MFAl56ozFfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
Rjc5NUQ0OTNBN0VEMjlBNTFBMUM0MTlEN0U1NTYwNEQ5MTlGODMWHGhsaWViZXJt
YW5AZGViaWFuLm9yZwAKCRCdflVgTZGfg3AfD/94BrgHvGdE7VOwT1nvXJqlJ6mE
kyCtLAiRxx1+TgfOHx2j3kmrOlrAejnA5WyS5gObFLF/MlYARrnfkGxZddTVmK3o
Dr46iKJNP0ArJodNa9aN+7FJezFqbD1UMqO4faKF43p5JJO6F0B80HjSaUoqydPM
nfjfVrF+fjMi7ZjDATWXZlyH3ijB9Nr5AOw81peu66hdy5fRyDY2rcnK7yD9KzO/
fG6cJN2/c8wrHRzbuCNu4GnRtvBUYfNjBqYFXHjWOZHYzOTGND7BiUM9YQtUJGgx
mH+hurxZaah3erEmQUJBw83f+YHR/WdlYIG5RpjB9zpBc3IMKbY6LGHpBZz3KDET
VcpUB3oS3zPT8fdYCpKjvi2Ck63ulxuv4tC9cKgauI9Avai3/LO6wG/0AWmqBpgj
ShvBT0BUOx9NKOeLLWzwb2ucDsy9aw759d6u/9OLjmyqLkKcfZ/N44qmC+RE9Ujc
jNXrf3j3Z5AZavNbtXudITPHmvZsjDkFKF7GDHPlkANLCSku0GLQRKemjuHVRiv/
DWyIpX2QVWxWfJGEAWWnu9RZZ+rMpNj9GChtdr/6J3HeDwr/6yJRu3vF5YuETfRQ
U2KfBxAf70ffI4vG9Y9RvLi5jOV8mT3nPhhJDVD0DZE4e1M5VxIPWB/aYHJB7HtK
B3pTx7inJoxQZ+elGw==
=SMrp
-END PGP SIGNATURE-

Re: email backend for fedmsg

2020-03-24 Thread clime 
On Wed, 25 Mar 2020 at 01:00, clime  wrote:
>
> On Tue, 24 Mar 2020 at 22:45, Nicolas Dandrimont  wrote:
> >
> > On Tue, Mar 24, 2020, at 21:51, clime wrote:
> > > On Tue, 24 Mar 2020 at 20:40, Nicolas Dandrimont  wrote:
> > > >
> > > > Hi!
> > > >
> > > > On Sun, Mar 22, 2020, at 13:06, clime wrote:
> > > > > Hello!
> > > > >
> > > > > Ad. https://lists.debian.org/debian-devel/2016/07/msg00377.html -
> > > > > fedmsg usage in Debian.
> > > > >
> > > > > There is a note: "it seems that people actually like parsing emails"
> > > >
> > > > This was just a way to say that fedmsg never got much of a user base in 
> > > > the services that run on Debian infra, and that even the new services 
> > > > introduced at the time kept parsing emails.
> > >
> > > Hello Nicolas!
> > >
> > > Do you remember some such service and how it used email parsing 
> > > specifically?
> >
> > I believe that tracker.debian.org was introduced around that time.
> >
> > At the point it was created, tracker.d.o was mostly consuming emails from 
> > packages.debian.org to update its data. These days tracker.d.o has replaced 
> > packages.d.o as "email router", in that it receives all the mails from 
> > services (e.g. the BTS, the archive maintenance software, buildds, salsa 
> > webhooks, ...) and forwards them to the public.
> >
> > > I am still a bit unclear how email parsing is used in Debian
> > > infrastructure, don't get me wrong, I find it elegant
> >
> > Ha. I find that it's a big mess.
> >
> > Here's the set of headers of a message I received today from tracker.d.o, 
> > which are supposed to make parsing these emails better:
> >
> > X-PTS-Approved: yes
> > X-Distro-Tracker-Package: facter
> > X-Distro-Tracker-Keyword: derivatives
> > X-Remote-Delivered-To: dispa...@tracker.debian.org
> > X-Loop: dispa...@tracker.debian.org
> > X-Distro-Tracker-Keyword: derivatives
> > X-Distro-Tracker-Package: facter
> > List-Id: 
> > X-Debian: tracker.debian.org
> > X-Debian-Package: facter
> > X-PTS-Package: facter
> > X-PTS-Keyword: derivatives
> > Precedence: list
> > List-Unsubscribe: 
> > 
> >
> > I'll leave you to judge whether this makes sense or not.
> >
> > (and it turns out that the actual useful payload was just plaintext with no 
> > real chance of automated parsing)
> >
> > > but from what I have found (e.g. reportbug), in the beginning there is an
> > > email being sent by some human which will then trigger some automatic
> > > action (e.g. putting the bug into db). So it's like you could do all
> > > your work simply by sending emails (some of them machine-parsable).
> > >
> > > So do you have the opposite? I do some clicking action somewhere and
> > > it will send an email to a certain mailing list to inform human
> > > beings? Or let's not just clicking but e.g. `git push` (something that
> > > you can still do from command line).
> > >
> > > Do you have: I do some clicking action somewhere and it will send an
> > > email to a certain mailing list where the email is afterward parsed by
> > > another service which will do an action (e.g. launch a build) based on
> > > it?
> >
> > Both of these are somewhat true.
> >
> > Some examples of email-based behaviors:
> >  - Our bug tracking system is fully controlled by email.
> >  - Closing a bug in reaction to an upload is done by an email from the 
> > archive maintenance system (dak) to the bug tracking system.
> >  - Salsa has a webhook service that react to UI clicks (e.g. "clicking the 
> > merge button") by sending an email to the BTS (e.g. to tag bugs as 
> > pending), or to tracker.d.o (for new commit notifications).
> >  - Some of our IRC bots are triggered by procmail rules.
> >  - At some point mentors.debian.net depended on a NNTP gateway to the 
> > debian-devel-changes mailing list to trigger removal of superseded packages 
> > (...)
> >  - etc. etc.
> >
> > I'm still not sure where your trail of questions is going? fedmsg in Debian 
> > has been dead for years at this point, and there still doesn't seem to be 
> > much interest to implement anything beyond email parsing in some of our 
> > core systems.
>
> Cool, so basically what I am thinking about is to create a free
> software from what you are describing. I.e. create reusable tooling
> out of the Debian messaging system. Something that a new linux
> distribution can easily start using to connect their services.
>
> I didn't know Debian infra works like this but I find it very
> elegant/efficient and I would like the solution you have to be
> reusable by others.
>
> So basically the tooling should contain:
> - unified email message format
> - library that is able to translate a message to a language data
> structure (e.g. dictionary in python)
> - email receiver that would be listening for emails coming from the
> bus and emitting events based on that (this could be part of the
> library so you would be able to attach a callback for an incoming
>

Re: email backend for fedmsg

2020-03-24 Thread clime 
On Tue, 24 Mar 2020 at 22:45, Nicolas Dandrimont  wrote:
>
> On Tue, Mar 24, 2020, at 21:51, clime wrote:
> > On Tue, 24 Mar 2020 at 20:40, Nicolas Dandrimont  wrote:
> > >
> > > Hi!
> > >
> > > On Sun, Mar 22, 2020, at 13:06, clime wrote:
> > > > Hello!
> > > >
> > > > Ad. https://lists.debian.org/debian-devel/2016/07/msg00377.html -
> > > > fedmsg usage in Debian.
> > > >
> > > > There is a note: "it seems that people actually like parsing emails"
> > >
> > > This was just a way to say that fedmsg never got much of a user base in 
> > > the services that run on Debian infra, and that even the new services 
> > > introduced at the time kept parsing emails.
> >
> > Hello Nicolas!
> >
> > Do you remember some such service and how it used email parsing 
> > specifically?
>
> I believe that tracker.debian.org was introduced around that time.
>
> At the point it was created, tracker.d.o was mostly consuming emails from 
> packages.debian.org to update its data. These days tracker.d.o has replaced 
> packages.d.o as "email router", in that it receives all the mails from 
> services (e.g. the BTS, the archive maintenance software, buildds, salsa 
> webhooks, ...) and forwards them to the public.
>
> > I am still a bit unclear how email parsing is used in Debian
> > infrastructure, don't get me wrong, I find it elegant
>
> Ha. I find that it's a big mess.
>
> Here's the set of headers of a message I received today from tracker.d.o, 
> which are supposed to make parsing these emails better:
>
> X-PTS-Approved: yes
> X-Distro-Tracker-Package: facter
> X-Distro-Tracker-Keyword: derivatives
> X-Remote-Delivered-To: dispa...@tracker.debian.org
> X-Loop: dispa...@tracker.debian.org
> X-Distro-Tracker-Keyword: derivatives
> X-Distro-Tracker-Package: facter
> List-Id: 
> X-Debian: tracker.debian.org
> X-Debian-Package: facter
> X-PTS-Package: facter
> X-PTS-Keyword: derivatives
> Precedence: list
> List-Unsubscribe: 
> 
>
> I'll leave you to judge whether this makes sense or not.
>
> (and it turns out that the actual useful payload was just plaintext with no 
> real chance of automated parsing)
>
> > but from what I have found (e.g. reportbug), in the beginning there is an
> > email being sent by some human which will then trigger some automatic
> > action (e.g. putting the bug into db). So it's like you could do all
> > your work simply by sending emails (some of them machine-parsable).
> >
> > So do you have the opposite? I do some clicking action somewhere and
> > it will send an email to a certain mailing list to inform human
> > beings? Or let's not just clicking but e.g. `git push` (something that
> > you can still do from command line).
> >
> > Do you have: I do some clicking action somewhere and it will send an
> > email to a certain mailing list where the email is afterward parsed by
> > another service which will do an action (e.g. launch a build) based on
> > it?
>
> Both of these are somewhat true.
>
> Some examples of email-based behaviors:
>  - Our bug tracking system is fully controlled by email.
>  - Closing a bug in reaction to an upload is done by an email from the 
> archive maintenance system (dak) to the bug tracking system.
>  - Salsa has a webhook service that react to UI clicks (e.g. "clicking the 
> merge button") by sending an email to the BTS (e.g. to tag bugs as pending), 
> or to tracker.d.o (for new commit notifications).
>  - Some of our IRC bots are triggered by procmail rules.
>  - At some point mentors.debian.net depended on a NNTP gateway to the 
> debian-devel-changes mailing list to trigger removal of superseded packages 
> (...)
>  - etc. etc.
>
> I'm still not sure where your trail of questions is going? fedmsg in Debian 
> has been dead for years at this point, and there still doesn't seem to be 
> much interest to implement anything beyond email parsing in some of our core 
> systems.

Cool, so basically what I am thinking about is to create a free
software from what you are describing. I.e. create reusable tooling
out of the Debian messaging system. Something that a new linux
distribution can easily start using to connect their services.

I didn't know Debian infra works like this but I find it very
elegant/efficient and I would like the solution you have to be
reusable by others.

So basically the tooling should contain:
- unified email message format
- library that is able to translate a message to a language data
structure (e.g. dictionary in python)
- email receiver that would be listening for emails coming from the
bus and emitting events based on that (this could be part of the
library so you would be able to attach a callback for an incoming
message or just do blocking waits)
- email publisher - something that can send a new message into the
bus, i.e. to a preconfigured mail server (a "broker" or "hub")
- mail server that would have an http API to manage topic
subscriptions  (i.e. add/delete me from a given

Accepted ruby-mixlib-shellout 3.0.9-2 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 20:14:30 -0300
Source: ruby-mixlib-shellout
Architecture: source
Version: 3.0.9-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Lucas Kanashiro 
Changes:
 ruby-mixlib-shellout (3.0.9-2) unstable; urgency=medium
 .
   * Team upload.
   * Add patch to fix test failure in ppc64el
Checksums-Sha1:
 5e7f03d34c532dc363ef6a87a917d91bd282c70d 2231 ruby-mixlib-shellout_3.0.9-2.dsc
 7582fca847f1594ad0ccde846850daa20b7b3921 3284 
ruby-mixlib-shellout_3.0.9-2.debian.tar.xz
Checksums-Sha256:
 6c4d992fa6224f74332239556ac3808928b61722682b86f5c02e269c1b164a39 2231 
ruby-mixlib-shellout_3.0.9-2.dsc
 2e0722cc80290325d5d3ca1c0334aeedd709d44405f4895567532526098c3b3f 3284 
ruby-mixlib-shellout_3.0.9-2.debian.tar.xz
Files:
 62ca8f4a380d76a5f610d09eee461f89 2231 ruby optional 
ruby-mixlib-shellout_3.0.9-2.dsc
 aa3ec4bcef03449b9eedfc749d3d01bf 3284 ruby optional 
ruby-mixlib-shellout_3.0.9-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJSBAEBCAA8FiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAl56lZ8eHGx1Y2FzLmth
bmFzaGlyb0BjYW5vbmljYWwuY29tAAoJEPgjonKYg8l8mN4P/RcPnnlFzD6ARjQN
oJUpCu8ssXxhncLL5ThdAPuxez0XIhII4kakSabtHC4PG4MHDRPcxZL452GwAIh3
17//i2Jtp1euhOLgpgpqDkBL3nHFdXlgxFtfb9Aje+OFEc3orUdYEfX9rG6cQkmd
B0XmPjcfb77unnHXL1f3nDsE/hHqrRMcHJ9olUu7tRhyqRsGJzrit1T9H6VmxI1B
DXjtdrkc3wlPcg6fIvSM7D4wDoONAkMZG0LhzZ9RRR7qhk4woZckB836EWCoLtDv
F7lwYPmfeD3wQdY7OZDCkBHc+ARsGg9lSmIG04Zr+hcl4ztgXxYXyTC2DBkstgG5
8yoX1Z8UDQopTvRWjGwhmDrZ4DUWOTi6PhZaXyK7Z+X88fxldNmBStZSHuOTcDIe
rTnXNjIruOCpx4pyMma5PSXOukepGKXT+8U6pygd1U3u8pcXZzUg3KhAuper3giN
LEd3sCo+uUsCUcYuqcyhtf6IO5MEjGbSlTQrJ2XixhEHSCLlP/gDiXly/wBGdLuy
yLlOH/d8Q5snYBczNG5vCqUlQadNL1zEt/MYu/TTDHwFJL2dOroma83OSDW80das
pa8THKHflt98PXjDNig2t2kiLaD0qq067caISeZ68jMIQQsPBx/2kB4YDkdvWtjf
B0dHiKs4CjkyMCAZY6C1+pTdv+RS
=vOQ6
-END PGP SIGNATURE-

Re: new kubernetes packaging

2020-03-24 Thread Russ Allbery 
Simon McVittie  writes:

> I think the API stability of the libraries is also relevant (and ABI
> would be relevant too, if we had dynamically-linked Go libraries), both
> in terms of intended API/ABI breaks and unintended behaviour changes and
> regressions. The more stable they are, the more appealing it is to have
> them in a shared library; the more unstable they are, the more appealing
> it is to vendor them into a larger project.

I think this is also where upstream intentions are important.  For
example, the Rust community does care (intensely) about API stability and
even ABI stability, and is at least thinking about a future of Rust shared
libraries, although that's not currently the normal mechanism of
development of pure Rust packages.  They're sympathetic.  This is part of
what makes our packaging approach viable, I think.

On the other hand (and I don't follow this community closely, so apologies
if I have the details wrong here), my impression is that the Go community
is not planning to support shared libraries, loves its staticly-linked
binaries, and makes extensive use of the fact that different packages can
pin to different versions and this doesn't matter for their intended
output format (a static binary).

Trying to shoehorn the latter into a shared library update model is almost
certain to fail because it's working at intense cross-purposes to
upstream.

> This isn't necessarily such a new thing - the scale is new, but the
> practice isn't. There are several C/C++ libraries in Debian that are
> specifically designed to be vendored into dependent projects (either
> because they are not API-stable or to simplify dependency management),
> like gnulib (which exists as a package, but I think it's only there to
> facilitate vendoring bits of it?), libstb (which does exist as a
> separate package with a shared library, but I don't have a good picture
> of how API- and ABI-stable it is), and libglnx.

Indeed, I have a package, rra-c-util, which is vendored into every C
package that I personally maintain and package, because it's my version of
gnulib plus some other utility functions.  I recognize the potential
concern should a security vulnerability be found in any of its functions,
and accept the cost of providing security updates for every one of my
packages that use it.  This still is, in my opinion, a better maintenance
choice, not so much for Debian but for many non-Debian users of those C
packages who do not want to (and often get confused by trying to) install
a shared library as a prerequisite to installing the thing they actually
care about.  (Also because, like gnulib, rra-c-util consists of a lot of
different pieces, most of which are not needed for any given package, and
includes pieces like Autoconf machinery that are tricky to maintain
separately.)

-- 
Russ Allbery (r...@debian.org)

Accepted last-align 1060-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 21:22:27 +0100
Source: last-align
Architecture: source
Version: 1060-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Steffen Moeller 
Changes:
 last-align (1060-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version
   * Standards-Version: 4.5.0 (routine-update)
   * Add salsa-ci file (routine-update)
   * Rules-Requires-Root: no (routine-update)
   * Cleaner clean
Checksums-Sha1:
 9dd30352840da8819afbdb850ef19900e46bfd83 2070 last-align_1060-1.dsc
 e044005e749e5cada731852ee8e0c041d0cff00e 412672 last-align_1060.orig.tar.xz
 eb0e9d967e3343c6bed8238c4ad3cf562cb9d24b 66048 last-align_1060-1.debian.tar.xz
 08a2238011724e9babb1ab9b286b07301bc74210 6856 
last-align_1060-1_source.buildinfo
Checksums-Sha256:
 e3e8b7700c5e50593d406a82c54944bbe6ebe73cbe312cb347f48404f13d7127 2070 
last-align_1060-1.dsc
 b52c3a1a90e8494bd34615586ec34e6a51edad4839f2cde41d66396e6d0a9f55 412672 
last-align_1060.orig.tar.xz
 4c3ff87993189ec9a77e806bb11f60be095f8f1aad93c4747e289814dd8f8260 66048 
last-align_1060-1.debian.tar.xz
 a7f830dedf6acc90601318f4ee48a4c66a3667314a9021dfb7fba9be12637cc4 6856 
last-align_1060-1_source.buildinfo
Files:
 c7c62cf52c8c5eaa4d6bd41f48edf26c 2070 science optional last-align_1060-1.dsc
 5fa41cbde2ffa1d9ef870f59e4d3e58b 412672 science optional 
last-align_1060.orig.tar.xz
 cd9390082c0582930e379810b1dd857b 66048 science optional 
last-align_1060-1.debian.tar.xz
 05ad7241cac00a9af7b7e30e1a7f1689 6856 science optional 
last-align_1060-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJHBAEBCAAxFiEEhMGXeonn7+0+XKYuL9i+2sAg7tEFAl56i2QTHG1vZWxsZXJA
ZGViaWFuLm9yZwAKCRAv2L7awCDu0e/xEACWXZFB8bnsyccUceE7Ex1VaC7LeL35
7xm4HPQY97e6cA2mE/NNjiR8x+K0GxwjUeb64N3U4ezZPgUDZXlnSM1nPDaIB8RS
b1lr/dNigEhbw7y2pVsQLG2i2iLHa5R9dpNnu3f8g5nhAFRPmX09XGPSwzTyhUsn
wLeGuOCaRwy7P6Q0mzWpLamvOJe4ke25bJ8VIBFrKwRzBitjKesmOGpFub5HVvP/
Bm+Ud2ZK8pUmijgP4+i2xIq49GcpSM+Q+O0Ps+5uQMB2Cp6xTda592M4UAkt8jEA
2wzk/JDFImIBMEJ7CYkYHSC8/5gq2mEOXdZWhrt2VPlXNxIylheeSjaMjaUkHuNU
N6cq3MQOZLo+8KT+27cmYMqtogPEDcXTPwHaio74L7Njzt6vQ4ynBQwpXcPpR2XK
90S1A5+zFS3nCMS1l+CdlSQHs/ei/3UqQ5/yb7E7Zr5kAipt/uHU0QOdmuAl+RB1
fiKZc8rn6oyFElPH+WWJTW/7QtvsXN+jv7lWEebaE8LSN5pljQf1qCoFWnrCyqom
pA6TAYQ59/3R7LElsdZN1341DZATLHvTlVQh7iLSjgKX/hts+hy9SW4bpnucEcoZ
V+Q2Wxhd2HsQohV58pH3HN+njLrOCiLHSyjYQSWcP3iOjgF/uH/Im2xATGkfU5x+
fFfKVLioNaq2Kw==
=N6mC
-END PGP SIGNATURE-

Re: new kubernetes packaging

2020-03-24 Thread Simon McVittie 
On Tue, 24 Mar 2020 at 15:14:02 -0700, Russ Allbery wrote:
> I think this calculus is not entirely obvious.

Thank you for applying some much-needed nuance to this issue. I suspect
the ideal policy is neither "never use vendored dependencies" nor
"always use vendored dependencies".

Many of our packaging policies were designed for medium-sized C/C++
libraries - not much smaller than, say, zlib, but not much bigger than
something like GTK either - with a sufficiently stable API and ABI that
versions are somewhat interchangeable, and I think the further away
from that we get, the less well those policies will fit. We have a lot
of trouble with micropackages (as exemplified by the nodejs ecosystem
in which many packages provide a single function), but at the other end
of the scale, monoliths like Libreoffice, TeXLive and Firefox don't fit
a lot of our usual policies and practices so well either.

> Possibly more significantly is how the flow of security advisories work.
> If the advisory is likely to come from Kubernetes and their security fix
> release is a point release update to their package including the vendored
> modules, we can potentially adopt the "sane upstream stable point release"
> policy and just update stable to their point release.
...
> This of course doesn't apply if the individual libraries are releasing
> their own security advisories.

I think the API stability of the libraries is also relevant (and ABI
would be relevant too, if we had dynamically-linked Go libraries), both
in terms of intended API/ABI breaks and unintended behaviour changes
and regressions. The more stable they are, the more appealing it is to
have them in a shared library; the more unstable they are, the more
appealing it is to vendor them into a larger project.

This isn't necessarily such a new thing - the scale is new, but the
practice isn't. There are several C/C++ libraries in Debian that are
specifically designed to be vendored into dependent projects (either
because they are not API-stable or to simplify dependency management),
like gnulib (which exists as a package, but I think it's only there to
facilitate vendoring bits of it?), libstb (which does exist as a separate
package with a shared library, but I don't have a good picture of how API-
and ABI-stable it is), and libglnx.

smcv

Accepted glibc 2.30-3 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 23:31:35 +0100
Source: glibc
Architecture: source
Version: 2.30-3
Distribution: unstable
Urgency: medium
Maintainer: GNU Libc Maintainers 
Changed-By: Aurelien Jarno 
Closes: 953788 954374 954393 954715
Changes:
 glibc (2.30-3) unstable; urgency=medium
 .
   * debian/patches/git-updates.diff: update from upstream stable branch:
 - Fix a defect in the PowerPC backtrace function that could cause an
   out-of-bounds write when executed in a signal frame context
   (CVE-2020-1751).
 - Fix use-after-free vulnerability in the glob function when expanding
   ~user (CVE-2020-1752).  Closes: #953788.
   * debian/debhelper.in/libc.preinst, debian/rules.d/debhelper.mk: determine
 ld.so ELF magic at build time instead of at run time to avoid using
 "readlink -m".  Closes: #954374.
   * debian/rules.d/build.mk: unset LANGUAGE when running the testsuite.
   * debian/testsuite-xfail-debian.mk: ignore signal/tst-minsigstksz-1 and
 signal/tst-minsigstksz-2 on i386, they fail on i386 with an AVX-512 CPUs
 due to a kernel bug.  Closes: #954715.
   * debian/control.in/libc, debian/rules.d/debhelper.mk: Make libcX-dev
 declare a Breaks against libcX-dev-${DEB_HOST_ARCH}-cross
 (<< ${CURRENT_UPSTREAM_VERSION}~).  Closes: #954393.
   * debian/control.in/libc, debian/control.in/main: drop Conflicts, Breaks and
 Replaces against package version older than the one available in
 oldstable.
Checksums-Sha1:
 9fb2b38522f65cb047693cbc019c6060534eb454 8731 glibc_2.30-3.dsc
 191c5341141d90e9d23a9aa16302937d4cfe55d1 844628 glibc_2.30-3.debian.tar.xz
 a6d2d6a834be565122a56b6445ceed6a55339dc6 7589 glibc_2.30-3_source.buildinfo
Checksums-Sha256:
 31f0fd70db8c677f9f0cd526b5a43d8d719a76291181364290f4700c516395c7 8731 
glibc_2.30-3.dsc
 8995fbf0cca7ddab0d771b79c50fe78bbec9ef30a31ee0aa83d56899de83a822 844628 
glibc_2.30-3.debian.tar.xz
 f878eda4037d5e79b438ac4af7313ace941270bbbcd41b9f379db4d7bc9e1acd 7589 
glibc_2.30-3_source.buildinfo
Files:
 02306dbedb1e825fc3af27f6d474ebb3 8731 libs required glibc_2.30-3.dsc
 7cc54067c6e3ee5929dac8b489cf2c2a 844628 libs required 
glibc_2.30-3.debian.tar.xz
 2cc1c5109fd12d759019b743b197b3a7 7589 libs required 
glibc_2.30-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAl56i4oACgkQE4jA+Jno
M2tkbw/+OUUbH9cXbJ6cT21m1x6s+nzyysl9667sXqBNAtrFAffzGfIRnrqoeein
YSmQmrPJz+M0gSMrLWT+qAGhud299JXFrbSmb5FhjtgRIX+000z5xlmaD2927iaw
hRlaVeRTLJYDiDSgLeAt4xoHBRcny41TWBBj0gu7AmFUpl3AhZ9/hGCoDbm18hAm
CZZYCBMhi7XRBwqVszl9i4QYze9+NulNniAXkUK4DXMAEBqXurteq3IfpRkvl78x
U1/Qimei4BphGP4LpGb+JDF63GT6WRbTl5X8okU0NUcfD9ZkVuMTIuYgGp86rBbz
Ou1N3nDG2eBPa3PZo6mhzFvOtRHknuPjF1HbpElwJAhYTdVchH2pU0csiHBm2efb
pePY7LUnHUYU9rV3Q60PpVfE3iyh0Hp921VHLAn5nsViIheM3kC4Pkm4YZ3mgBUC
uz2RoeQMcbU/qlZfQwzIdShWLfsZNfMHHmsm/u8I6zVyCdoVRkvHsR9ua6jKxrXa
GFnssnsmJAQ/8C6Fg8Kud9fXifrHatGCwnNR0YrmpxNO5eLTxglGCirVFrpNBoSX
ssu6lZcijXrZMSlQynRm1uCwHIzlWr54Z1FcNm5RYqlCobAk/v5OvTxZQrv79RMt
jKBrhfg9sln9aVCL4Vz6cc8pfF1bToLYTh9iRHlM3a+JHdLPJlw=
=vUWC
-END PGP SIGNATURE-

Accepted ruby-rspec-puppet 2.7.8-3 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 23:25:38 +0100
Source: ruby-rspec-puppet
Architecture: source
Version: 2.7.8-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Daniel Leidert 
Closes: 954874
Changes:
 ruby-rspec-puppet (2.7.8-3) unstable; urgency=medium
 .
   * Team upload.
   * d/control (Depends): Replace puppet-common by puppet (closes: #954874).
Checksums-Sha1:
 a1f5442b455293d098d89c8778d5c1406366a074 2106 ruby-rspec-puppet_2.7.8-3.dsc
 ebaa4a997bf423558933eed4ef2cc353a59e7469  
ruby-rspec-puppet_2.7.8-3.debian.tar.xz
 a7562d0755803c9ee944c698a0b08f4609506903 9961 
ruby-rspec-puppet_2.7.8-3_amd64.buildinfo
Checksums-Sha256:
 8733af7f6282080ddc5a2f83a9a83666b77e2c888ee9157ddab0d3b85239a6fc 2106 
ruby-rspec-puppet_2.7.8-3.dsc
 21a03e71e7859dd853d2f1efe5cfdc066cff7b7f708952395214a5bc6168fb70  
ruby-rspec-puppet_2.7.8-3.debian.tar.xz
 1de78082e454dffc578a1d7dcde8d217862eb0c4bb9be62c30fcb514cc6653f7 9961 
ruby-rspec-puppet_2.7.8-3_amd64.buildinfo
Files:
 4f7e4a3e90ed4ed8d3de9e9a47c84e57 2106 ruby optional 
ruby-rspec-puppet_2.7.8-3.dsc
 be1bb5343c8cc612da0e9e3092d1279c  ruby optional 
ruby-rspec-puppet_2.7.8-3.debian.tar.xz
 bccc90ad040faa7119522070031c7228 9961 ruby optional 
ruby-rspec-puppet_2.7.8-3_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAl56i3EACgkQS80FZ8KW
0F18MQ/+MzQTvpwIGeODjvEG8tqp48NtA/mHNPQ/zTjpfaEC+zqsXY28QfdzMwai
4TOwcXFZJ9b3fobdAMmziD5NLcb33ZsyknYRKL6yjjQEWYXdCo4SmwIcwC5I3oOK
CV9AJwWwkzWKoz8q1j50k0Axhbunv0C9mESdykGUh+F31zwZ15DAKoAYlAkTvCLQ
GQyRvU0IMzVuXOh+VzZHTLf8MrUj1az8OJggXk4BqdK+DDL4rVOZvB9FSrjw6lUK
MEVh81MWldRPjCo6evYcWSb2n0U3E9eVTqgNoKvvNNgC/co4nMI3mxvJaWsRcS9h
4OPEoboCUUmZDRuIAv9DRUwcXpNMwxv2NBMIMr55Pz4cZ1x1HFAnQZsCZVi48UMt
4oWk5q5K4C6ptQ8cva+okiEVfaJ2ZPldZnnuR4SHUsLuZBHPIwYeSELh9yyMKKie
SEBiIb4OZB79/XTqKjBetTdyzm6Js0r3VY9YtEbK40501xUMn2ylsmnT8JZKh/4S
Psq5YtSLNGUWJOWnLjvcM3EqfhiW6IW2ZDdBxsCb2XiiAN1j6bVVY46b0/zGSP9m
1HHaKEEyeGr/qhIHb9rN2ozwmFU5Eje1HTs/V8JeNa5pyqnFMJc5Mf5vXfOfLUC8
kUiBdtYFwlsHiFww1i1QgnvvceXB49zeR04sUg0d3oxrqP8ADr4=
=No0X
-END PGP SIGNATURE-

Accepted gnome-shell-extension-bluetooth-quick-connect 10-3 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 20:06:38 +
Source: gnome-shell-extension-bluetooth-quick-connect
Architecture: source
Version: 10-3
Distribution: unstable
Urgency: medium
Maintainer: Simon McVittie 
Changed-By: Simon McVittie 
Changes:
 gnome-shell-extension-bluetooth-quick-connect (10-3) unstable; urgency=medium
 .
   * Bump maximum GNOME Shell version to 3.36
   * Declare GNOME Shell 3.34, 3.36 compatibility in metadata
   * Standards-Version: 4.5.0 (no changes required)
   * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
 Repository-Browse.
Checksums-Sha1:
 bf3a106747b96762a9b6b291663083d4d4b7e1c6 2551 
gnome-shell-extension-bluetooth-quick-connect_10-3.dsc
 dc0eaf721398d4405a3b66aed9eb74e162550ea6 3456 
gnome-shell-extension-bluetooth-quick-connect_10-3.debian.tar.xz
 6fd7256f5d40146d88d7ecbfe0499bfc12f10658 5540 
gnome-shell-extension-bluetooth-quick-connect_10-3_source.buildinfo
Checksums-Sha256:
 38ce3c0429759166b31403177c87633a881b83a43e797042fb11b1428dd51fa9 2551 
gnome-shell-extension-bluetooth-quick-connect_10-3.dsc
 044600661401898ddd38781e1e34f95dc6b21567309aa5b8600d89bac4fe7610 3456 
gnome-shell-extension-bluetooth-quick-connect_10-3.debian.tar.xz
 21d7ecce501e89029840f2c0e063f98da4c798f7f83c709dbadddaeeea889795 5540 
gnome-shell-extension-bluetooth-quick-connect_10-3_source.buildinfo
Files:
 0505855d945d1d12d6f662c1a7034be2 2551 gnome optional 
gnome-shell-extension-bluetooth-quick-connect_10-3.dsc
 caa0d24d3aa0f58c1fb51f00b1e565f0 3456 gnome optional 
gnome-shell-extension-bluetooth-quick-connect_10-3.debian.tar.xz
 649f34f927ebf27b642ce531b7ae3222 5540 gnome optional 
gnome-shell-extension-bluetooth-quick-connect_10-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAl56ih8QHHNtY3ZAZGVi
aWFuLm9yZwAKCRDgWuFHj4FMT6Q/D/9nHW5zf69v5LHer+DJrxfmdF34DlKlrV+I
ekWuOsy+uCWVeZpE3EI4oEiW/X/AJgI8Fd3Z5V+mMKOGdLOhiKupZ8UXPLnv9b5q
zGZ9D1nhXC7XfK5JVyPVYym1+fZUoJm7hhbX/AjK6tiYUmeJ3SI6CuyviojbSlwd
Bb/XHHu6YtFJ2g2bkqILI4SElux7mi89t1yJaBfAdmW1yfN+Yd3qYLMMJdQ7pn2A
aBhk+rgjDKszsDSEuC95ARatAUftDrW9qSO4nsOb1xTcI1CR+/yP7Jpa0Py8YOEa
mtrTLcAVckS6ltYSHdflZJFFJGaIqidT/NmpaKLrscZ5KlMlj/owoXdi2VQJncVA
iNbIuViQtK6fLSYFagoQso8EUOHtdABIh1NLgrK6ur6oRrYYjZtYMgM+EkUv9zMB
4Ztf9IrNw8DOScnTce0/qorkd9iMEuyV/FZBc9gjyc76EHbhxYazFf/AUBgIXaSj
LNTp+4gRzWpMyPV8C0dy73PGtatu59j0StkvC22Q0Acc7nfHZRkBRrlo5YRUWCoV
CyDrtqJlYvaquixKj+4t1qcGDdoDJZ2ai0wvvBlnBEp/tStYbcouidu8G1+jNrMw
+tL3UWPq0Ba1f83bSf98IlAklytz44y/+jALJsJ4lZ7dazX5Q4qGh2B5Ynina+4c
pVZNdynfPw==
=GjVx
-END PGP SIGNATURE-

Accepted gnome-shell-extension-top-icons-plus 22-5 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 20:06:26 +
Source: gnome-shell-extension-top-icons-plus
Architecture: source
Version: 22-5
Distribution: unstable
Urgency: medium
Maintainer: Simon McVittie 
Changed-By: Simon McVittie 
Changes:
 gnome-shell-extension-top-icons-plus (22-5) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
 Repository-Browse.
 .
   [ Simon McVittie ]
   * Mark as compatible with GNOME 3.36
Checksums-Sha1:
 adeaf7b767133f4d60892c5819484c95ad52b55d 2423 
gnome-shell-extension-top-icons-plus_22-5.dsc
 ef28c62c88a87282567fce8eaa746a9f7b5f9f5e 6952 
gnome-shell-extension-top-icons-plus_22-5.debian.tar.xz
 f6c7f84d0d615547f6b8548a8fb49de40024e4e3 5477 
gnome-shell-extension-top-icons-plus_22-5_source.buildinfo
Checksums-Sha256:
 b019da232183b1ff3b4c4bdf795cc3a7d054e18bc5a64179435d680d1bf7 2423 
gnome-shell-extension-top-icons-plus_22-5.dsc
 3a2882c3b104c9b5a3c5375fdbb607df7795e1e70ce2b0685ccde0fd34b7c27b 6952 
gnome-shell-extension-top-icons-plus_22-5.debian.tar.xz
 106af9996180b94d4cefa501691289c2d479fdff10590a59ace609a54d6af429 5477 
gnome-shell-extension-top-icons-plus_22-5_source.buildinfo
Files:
 b6105bdb6a591f0c2eb86006e5a8def7 2423 gnome optional 
gnome-shell-extension-top-icons-plus_22-5.dsc
 b6895a5f17bdfc7b1e36bde923395898 6952 gnome optional 
gnome-shell-extension-top-icons-plus_22-5.debian.tar.xz
 bee47db576bc61cec939b52a30557023 5477 gnome optional 
gnome-shell-extension-top-icons-plus_22-5_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAl56igUQHHNtY3ZAZGVi
aWFuLm9yZwAKCRDgWuFHj4FMT14TD/9yAts84tvbsUM8ifGnkOzOqxWrKAvKKFk9
Zls2TniR8Jz2J8nddcg6d+PDzgyrL9RpX1F3pJ0SBt0hw5NsWkQQ+83R0NMs3G/2
wLmgrdAKBMRSeacm66x9UEHWeilLY/80LW8tGv6YtoEI7Gpw4yMdVe3a6OdJ1lNj
4HP2DMiqPrUPtk3WZU6QwiFvK9eO8cKR+fUf2cor2bt6+WZul4sWaAoFdbmEQTch
WyT/288usDfa8mwnoYOXdKz1UnH621rCuUDtPqHhNpiEWsaB4lI7nTyJm7qxplew
TXEpSls1iglDTPElOdBOoyy/s0QGDpfgUeGOE/ZDy7uGxTueX/dNEr5XSUe9XuOa
uBzXCetIKT5E63qCj3BkmIDjEx+U7bDZKYsE/sNLunbK0WSR1g4PkX/FUtvv2QA4
lgXE+ACsZLc8QUAb/70uaC6qbAm7qXXhkR3bKkbfalfIPJSgzG2USLJ4gMPptqKs
nc0lXIeUQkCWRslE8BqGQp/3oTBe3GsR2kPEAeohhc1gIwu+KI+4dOIXKC+fg47T
rcEz+aDVMOzZ4zdiMV18EIxepD6+qM0Pdmuod0Ns5UbXxipeTsLTOHyHI9Kdx8o0
2uikEaa3pb92itD+1GYqgHqM3GIzLc5e7E2rZDwIcjA9FqUOszjnixpRgdZuh+/i
DY8Hl2iXXw==
=RUOI
-END PGP SIGNATURE-

Accepted gnome-shell-extension-caffeine 35-1 (source) into experimental

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 20:07:34 +
Source: gnome-shell-extension-caffeine
Architecture: source
Version: 35-1
Distribution: experimental
Urgency: medium
Maintainer: Simon McVittie 
Changed-By: Simon McVittie 
Changes:
 gnome-shell-extension-caffeine (35-1) experimental; urgency=medium
 .
   * New upstream release, breaking compatibility with GNOME Shell 3.34
   * Bump dependencies for GNOME Shell 3.36
   * d/upstream/metadata: Add
   * d/gbp.conf: Configure for experimental
   * Standards-Version: 4.5.0 (no changes required)
Checksums-Sha1:
 8da79cfce44337841982b69f7e9fec56e03f9f36 2397 
gnome-shell-extension-caffeine_35-1.dsc
 68a5216268111a22f8caf4d9fa3bc9a9c31919e6 78366 
gnome-shell-extension-caffeine_35.orig.tar.gz
 d03fbb91e8a2a6f8c947c5404fa13e4fe203d88c 5364 
gnome-shell-extension-caffeine_35-1.debian.tar.xz
 18579931d42ff8fd30f564f93c57a9382379a511 5435 
gnome-shell-extension-caffeine_35-1_source.buildinfo
Checksums-Sha256:
 9171e8b2888bbc0dee9f9b77124e865fa2f0cabc2460a6c338d03494c077a4ef 2397 
gnome-shell-extension-caffeine_35-1.dsc
 5fed1198bd78e312a1f6e76cb7d5522f986f8db41098ce29f8f34d09da8146ba 78366 
gnome-shell-extension-caffeine_35.orig.tar.gz
 2c252eb00ff75ba3269cd40aa56fa58e42da928e83dbb20c4981228ddf46d083 5364 
gnome-shell-extension-caffeine_35-1.debian.tar.xz
 62af07d27d8e59686c312ec852d81bb29cc10119edc44f653efa70f5b1538cd2 5435 
gnome-shell-extension-caffeine_35-1_source.buildinfo
Files:
 cf4407594b03da89403692ce08aae3d5 2397 gnome optional 
gnome-shell-extension-caffeine_35-1.dsc
 6ad90f18e3f234b764a4f8527963f0dd 78366 gnome optional 
gnome-shell-extension-caffeine_35.orig.tar.gz
 fee8562df8c91f923a5fbd1592110959 5364 gnome optional 
gnome-shell-extension-caffeine_35-1.debian.tar.xz
 4d565959569c02cf616db2920abd4b58 5435 gnome optional 
gnome-shell-extension-caffeine_35-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAl56ic8QHHNtY3ZAZGVi
aWFuLm9yZwAKCRDgWuFHj4FMT73VD/9r4NtAJypkULMeNElPlaOvZrF+YQm6jz+U
BagUTIW7TriyZBSDkfDo1dOsRqLVPv1BukWQuRJgp1NdqfAAB9J56j+vedjkEapI
muYtlZruYu3L/cf8Ne1C3aZgBn3Mk1/lsExJx9Zjz2BbppraCeuOunnFJc7XvhBw
3o5hGWUPAeqF2bCTKu5YmCHRgLbbq6bjFWQo5Aw91b3HSpRzTrIwe6+wbbcthRXo
VEn1TBnclcus0EKiZDojMPE+a5u9Qu+JMOtXl807ljiekZUv6YLuWGSpQYjAalbR
gFJ017/v0fTnsDNdybhaJIMsecF/BZSvV5Y/6qUaIk67ekZkSNqp3cHoj6xyVrmp
CRPKe38lfJvqaMbGavYzULg7VpMomkcNZYUrihKqsdyYKLq75NavnASwtALxbPRv
/XQkaMcUJKlQLxDpZd6om1Ao7ljVaEEgllCahyZNWq5H5QDt6oEhIJ/BNw/dHSMp
MIdX3B4CK4O9kWyamGOnihdePESypH7HUN7W+WizrI8ycbEcX5w85zVMG6SobsAs
fnbEa8swdL0iz1N70JiYMGjspN0L20pdc7JQy6i/AKeQX6se7nAisUJ+a9kQfDSZ
RauqMjCT6RmRUTKaOE+L8RbdDBlWzeOycIR7q0hNhCQuQNplHTr6IWT9TBC3hkj5
x9d7cfbidg==
=nh7Q
-END PGP SIGNATURE-

Accepted hgsubversion 1.9.3+git20190419+6a6ce-5 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 23:19:11 +0100
Source: hgsubversion
Architecture: source
Version: 1.9.3+git20190419+6a6ce-5
Distribution: unstable
Urgency: medium
Maintainer: Andrej Shadura 
Changed-By: Andrej Shadura 
Changes:
 hgsubversion (1.9.3+git20190419+6a6ce-5) unstable; urgency=medium
 .
   * Revert the Python 3 adaptation, it doesn’t work.
Checksums-Sha1:
 8111bbc137f2c95870be3094e3c1dae22b8322c7 1988 
hgsubversion_1.9.3+git20190419+6a6ce-5.dsc
 aa1066651f083224dca77e34b8db98c0ab6027ea 4576 
hgsubversion_1.9.3+git20190419+6a6ce-5.debian.tar.xz
Checksums-Sha256:
 8266d0e0492e6fa4163a99276981fb01a91c1bee3a0864f6b9a9ae9ff01046ef 1988 
hgsubversion_1.9.3+git20190419+6a6ce-5.dsc
 f36b1c4a090b2a7104a0d7c40f06d2461292b8e28f766a52a2f453f06ef3c000 4576 
hgsubversion_1.9.3+git20190419+6a6ce-5.debian.tar.xz
Files:
 b4028d110890db1b8abb0edf7b4eb0e8 1988 vcs optional 
hgsubversion_1.9.3+git20190419+6a6ce-5.dsc
 bdd52446f4df3096ecf69c57fbf97eb6 4576 vcs optional 
hgsubversion_1.9.3+git20190419+6a6ce-5.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAl56h4kACgkQXkCM2RzY
OdKeuggAlKdAFOn6oyaB8QFWdj4WDHRlpXVBrVipFyKjA27ppNh32KPpPadvp+GT
ae0/ovi6FcIh3C2qaNHO+n/P7l9WVNnfiy/V7luJmDha2Wnl2xHIMwIY8J9YM3uu
Nmr88HNxlOIEmO7s9G9UFbsySeB9t9egXcl2mesX05mT+NVlRT2e7x6OsfVBVN2X
yz0ja6ikNV+9LgTnz+pCad8IY0+uhSGxmOnn+m5T57NnoFHclyWK649vmjxjyhbD
Jr8vDWvMIj/zqFm+daaqsJNRo5p6KLg5jUQ9qSWCEkoSbiCYPdUJ8IW6zkHoZRDy
JWSZ3IrjfyQDaeYa6kjNEpWTafYqSQ==
=jqzx
-END PGP SIGNATURE-

Accepted octave-symbolic 2.9.0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 09 Mar 2020 03:40:22 -0300
Source: octave-symbolic
Architecture: source
Version: 2.9.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Octave Group 
Changed-By: Rafael Laboissière 
Changes:
 octave-symbolic (2.9.0-1) unstable; urgency=medium
 .
   * New upstream version 2.9.0
   * Dropped patch (applied upstream):
 + d/p/python3.patch
 + d/p/sympy-1.5.patch
   * d/copyright: Reflect upstream changes
Checksums-Sha1:
 4739f82a54b97825ae22e0df0546260d8b53b491 2115 octave-symbolic_2.9.0-1.dsc
 6b43b02c7ec0b9094a4846ff00500c2da33d1fa7 259373 
octave-symbolic_2.9.0.orig.tar.gz
 3fbecdc1579c3ef464874a0a6ce17745ced8cd6f 4896 
octave-symbolic_2.9.0-1.debian.tar.xz
 dad22cd3e5e78f154500d5a59651c07007ded286 18976 
octave-symbolic_2.9.0-1_amd64.buildinfo
Checksums-Sha256:
 00dcdd34bc0a3dca1570059c6c74ea4b17e81609f0f5335920975745463801d9 2115 
octave-symbolic_2.9.0-1.dsc
 089ec44a0a49417a8b78797e87f338da6a6e227509f3080724996483d39b23cb 259373 
octave-symbolic_2.9.0.orig.tar.gz
 c10fc3bd20c229d1b7e6273d1b18162e83578e5dccfbb20740eac16b61636718 4896 
octave-symbolic_2.9.0-1.debian.tar.xz
 7f94a6cca30b512796b3a76972570e55f9f2918e6e471d48da8c3cc7a34f5f3c 18976 
octave-symbolic_2.9.0-1_amd64.buildinfo
Files:
 c9cfb64792f3d0cb203b62189e164283 2115 math optional octave-symbolic_2.9.0-1.dsc
 9211966b3e81bd4d7c19e67ce7087096 259373 math optional 
octave-symbolic_2.9.0.orig.tar.gz
 afe815942a0defda01960bed1abc74a0 4896 math optional 
octave-symbolic_2.9.0-1.debian.tar.xz
 9484ff9167774ecce32085af715789ad 18976 math optional 
octave-symbolic_2.9.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEP0ZDkUmP6HS9tdmPISSqGYN4XJAFAl56hR4ACgkQISSqGYN4
XJDc8Q//QGhHxWTIfvlfuixgrIjQ82W4En/6+xptr0G9eBr1ghWnzvltoRHlXCpJ
ft5ft2r/0rdiD1Oh8MET/UKDLGkn1P54bwO3Afmv3WA7uced+Lkf8gojTnQlMnTi
vZJPqwDx5ugJFT291hNpthGiuhN/8X38e0iDoVzTVAfhXywwfP5qvb5OnPP6n2U7
Zl7KVAFZUOldbEtR/MiCDcteO9NbOK6HHcqdb7MbGNwE1cB4qS5IviUOCAv8gPxT
eqBjcMmB+ubL1jg3ER2jcp5+CiP+qoZ02DoW8YC32pXWrmaMc6D7kTXjaPcT0qOx
8R6A9U9Ysf5HuviQhg0lUwjEj+6waF7Tr6uEWCjnViuDCRNbej13V1BAQJ5SI1Ko
QbxmNPC/YIRRqhUEvhl9yXrFagy9nnp1iJL2FHwV3LKMCd24qPBonivAuyPppeks
o/3zaU26zHV7/dzkPajU+14uvGnFNDuWaGBfZRBB9qc/VUEcZ++FpZhfkBHsMCuf
xl36pdBN3ZAjrv6btA3+ZXzgEzWQz9iBLuMgsPFYbCS5zKueOhlrfuFjbWLApPzA
JyfARkKghHw/BfpL1Wv+fjMHYhP+odpuJwXVfa5VtF3UwPpjLNTskPZr52+LxQlG
Ew7TDgEz8DRvoJOZOCrqbwUbHrmI/KipwOfP9Rm6lSw3YCxyPhc=
=tMG4
-END PGP SIGNATURE-

Re: new kubernetes packaging

2020-03-24 Thread Sean Whitton 
Hello,

On Tue 24 Mar 2020 at 03:14PM -07, Russ Allbery wrote:

> What you say is true if the library is used by multiple applications in
> Debian (although it's still not as good of a story with Go as it is for
> C).  We can backport a patch to that one library, and then rebuild the
> applications that incorporate it.
>
> However, if a library exists in Debian solely because it is a dependency
> of some sprawling application and isn't used by other things, it may be
> easier to do a security update if it's vendored.  There are, at the least,
> fewer packages to rebuild, and the testing story is slightly more
> straightforward.

Right, if something is technically an independent language module but is
used only by kubernetes, and we don't expect that to change, there's no
need for it to be in its own source package just because it might seem
tidier to us.

I doubt that this is true of all the hundreds of dependencies presently
bundled with kubernetes, however.

> Possibly more significantly is how the flow of security advisories work.
> If the advisory is likely to come from Kubernetes and their security fix
> release is a point release update to their package including the vendored
> modules, we can potentially adopt the "sane upstream stable point release"
> policy and just update stable to their point release.  (Kubernetes does
> maintain long-lived stable branches, although I don't know how stringent
> they are about what changes they're willing to take in the stable
> branches.)  In this case, we create a bit more security work by separately
> packaging the dependencies, since we now have to trace down the package
> that corresponds to a Kubernetes security advisory and update it.

This is certainly a reasonable approach, if such releases aren't going
to violate the expectations of users of Debian stable.

I guess we'd have to see whether the Security Team are up for another
package which gets updated in this way.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Accepted 2vcard 0.6-3 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 16:05:26 -0300
Source: 2vcard
Architecture: source
Version: 0.6-3
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group 
Changed-By: Joao Eriberto Mota Filho 
Changes:
 2vcard (0.6-3) unstable; urgency=medium
 .
   * QA upload.
   * debian/control:
   - Added 'Rules-Requires-Root: no' to source stanza.
   - Bumped Standards-Version to 4.5.0.
   - Set 'Multi-Arch: foreign' for binary.
   * debian/copyright: updated packaging copyright years.
   * debian/patches/03_fhs-compliance.patch: updated to avoid
 a FTBFS when building by non-root users (it will allow
 debhelper uses 'Rules-Requires-Root: no'.
   * debian/salsa-ci.yml: added to provide CI tests for Salsa.
Checksums-Sha1:
 1488de9fef7ddca77881f889a4cd04addb731f2a 1818 2vcard_0.6-3.dsc
 04658e441fcebed4a46342aa8bdcbb5338101bd5 4720 2vcard_0.6-3.debian.tar.xz
 46d5a3d317993bda64b36d97f284984d69e6ddc4 5185 2vcard_0.6-3_source.buildinfo
Checksums-Sha256:
 48e3acf0916f4798f4de3f7d2a6fc3c0080f8b65f8b1c7003278b80113f659c4 1818 
2vcard_0.6-3.dsc
 85cd06d46a223e5e8b0a7ef04871263d065035e2544641cef373c5d570a35f0a 4720 
2vcard_0.6-3.debian.tar.xz
 fdca65893f1e12c0bb0424d7f66ccae58c8b77525f7edcdb15ad2d45572319ce 5185 
2vcard_0.6-3_source.buildinfo
Files:
 e539dc931f9ff147afda29f845ab1235 1818 utils optional 2vcard_0.6-3.dsc
 1fd8b3cc8f106871e2d6a000df13afc3 4720 utils optional 2vcard_0.6-3.debian.tar.xz
 3383423c554bb3271ccf954f995d9a7c 5185 utils optional 
2vcard_0.6-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAl56ggIACgkQ3mO5xwTr
6e8HiQ//cmp1730atITpNn0PtWjO1hUjXjMf7aCZMl4II9fYLt/dj4kX3cvTlO4E
p5P/xTvtJAu8LsMONdVzx08VWS7NqORvQ71zp9DVvxeMWxpQ2HZ0KhKjUZ9B9eNj
9jC3E2Jq5OyiG9adDY1M0z4M8lR6WBjb5fIciuaq5j2J4yVOmGTy/d+Yu1zqZJO6
DtJO9GSLh17o9uzitJIUrviKzp8bYZ5QK13zLjaz8+B6bpBD8T3phje+bvBNXPc8
vrLHBDgAXMaBTh9YfPkpR71Is2MwdmlOCj8CACVDXeCgzj2e+E7p5fSMycXavOeq
U1jxHCXC6vTvuz0gQUyLa23c9QeaGWBquY6zggmKEEpfKdLKQHAXIP6oIvKd+Jxc
28QXqJ0/NOpyempERCVD5PUPjNfZm3cSYWQKvUMSDFAEk/SfmLlA9TGfRktTrgLq
E4Hxx7S098j0CKJ2hCH2GCBGR4h+gbGfKqluH2e7x5Cq1NprLUZmXmxMU27cVQ/I
WBnn7oYjuQ9hdVH93WjtuA+gW3YlgfT02g3EbzaJCqOYmz1Cq0wBTRygdyEE6Ztv
8+xmHd7fv51de3dkPA4+5FYIXbTxaGXsnHOddkr0vynLKhFXkTXkpL7qlWtA7KSx
lieIJkmGnAt+rK2EaolgH3fZ6IIjMVsVoU7ZioiAIvCTv0SeHfY=
=1tgN
-END PGP SIGNATURE-

Re: new kubernetes packaging

2020-03-24 Thread Russ Allbery 
Sean Whitton  writes:

> Thank you for your e-mail.  I agree with you that security support is
> the most pressing reason to avoid piles of vendored code, and you make
> an interesting argument regarding how it can be difficult to provide
> security fixes if our refusal to use vendored code means we lag too far
> behind upstream.

> I am not sure, however, that your argument applies to security updates
> to our stable releases.  These updates are almost always a matter of
> backporting small fixes, rather than updating to new upstream releases.
> And for backported fixes, vendoring makes things much harder.

I think this calculus is not entirely obvious.

What you say is true if the library is used by multiple applications in
Debian (although it's still not as good of a story with Go as it is for
C).  We can backport a patch to that one library, and then rebuild the
applications that incorporate it.

However, if a library exists in Debian solely because it is a dependency
of some sprawling application and isn't used by other things, it may be
easier to do a security update if it's vendored.  There are, at the least,
fewer packages to rebuild, and the testing story is slightly more
straightforward.

Possibly more significantly is how the flow of security advisories work.
If the advisory is likely to come from Kubernetes and their security fix
release is a point release update to their package including the vendored
modules, we can potentially adopt the "sane upstream stable point release"
policy and just update stable to their point release.  (Kubernetes does
maintain long-lived stable branches, although I don't know how stringent
they are about what changes they're willing to take in the stable
branches.)  In this case, we create a bit more security work by separately
packaging the dependencies, since we now have to trace down the package
that corresponds to a Kubernetes security advisory and update it.

This of course doesn't apply if the individual libraries are releasing
their own security advisories.

-- 
Russ Allbery (r...@debian.org)

Re: new kubernetes packaging

2020-03-24 Thread Sean Whitton 
Hello Janos,

Thank you for your e-mail.  I agree with you that security support is
the most pressing reason to avoid piles of vendored code, and you make
an interesting argument regarding how it can be difficult to provide
security fixes if our refusal to use vendored code means we lag too far
behind upstream.

I am not sure, however, that your argument applies to security updates
to our stable releases.  These updates are almost always a matter of
backporting small fixes, rather than updating to new upstream releases.
And for backported fixes, vendoring makes things much harder.

You also write:

On Tue 24 Mar 2020 at 07:08PM +00, Janos LENART wrote:

> 1. OTHER EXAMPLES. If we take this paragraph completely literally and to
> the extreme then other packages are also in violation of it. True, the
> current packaging of kubernetes does this to a greater extent than its
> predecessor for example, but perhaps this shows that this section was
> always open for interpretation. Examples of some prominent packages in
> Debian that bundle and use the vendored code (in parentheses is the number
> of go packages bundled, estimate):
> - docker.io (58, including some that are vendored more than once within the
> same source package, but not including the fact that docker.io itself is
> made up of 7 tarballs)
> - kubernetes (20 for the previous version, 200 now)
> - prometheus (4)
> - golang (4)

but I am not sure this is relevant because the number of vendored copies
in the new kubernetes package is an order of magnitude larger than any
of these examples.

Finally, I would like to hear why you think it is valuable for us to
have a package like this in Debian as opposed to expecting people to
install it from upstream:

On Tue 24 Mar 2020 at 08:37PM +00, Jeremy Stanley wrote:

> If this represents the actual state of building Kubernetes, it's
> unclear to me why Debian would package it at all. I don't see the
> value to users in consuming Kubernetes from a Debian package if the
> result is compromising on Debian's vision and values so that they
> can get the exact same thing they'd have if they just used the
> Kubernetes community's recommended tooling to install it instead.
> I'm all for using the best tool for the job, and while I've been a
> die-hard Debian user for more than two decades I also don't install
> every last bit of software from its packages. Some software
> ecosystems have chosen to focus on tools and workflows which are
> incompatible with Debian's, but that doesn't mean that either one is
> inherently bad nor that they need to be integrated at all costs.

I find this persuasive.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Accepted protobuf 3.11.4-3 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 18:20:00 +
Source: protobuf
Architecture: source
Version: 3.11.4-3
Distribution: unstable
Urgency: medium
Maintainer: Laszlo Boszormenyi (GCS) 
Changed-By: Laszlo Boszormenyi (GCS) 
Changes:
 protobuf (3.11.4-3) unstable; urgency=medium
 .
   * Python3ify examples.
Checksums-Sha1:
 73e5dca6c99d2e9a0535304eee343aef6d9da48a 2684 protobuf_3.11.4-3.dsc
 6a22b3155f32fe79905e0b6178c894e40b69cd6e 25684 protobuf_3.11.4-3.debian.tar.xz
Checksums-Sha256:
 039348a4a629fcbc1581d10c49b95a54336193db4917e759cb0e53f81129df8c 2684 
protobuf_3.11.4-3.dsc
 a176054ad3b511bf60b191d412cceb16109da3a1c352f3e4b37f6983bb8f3768 25684 
protobuf_3.11.4-3.debian.tar.xz
Files:
 ee7e738a84e309ffeabcba463cb91496 2684 devel optional protobuf_3.11.4-3.dsc
 26ddc4d22f2d39ea58c7cb3487640c84 25684 devel optional 
protobuf_3.11.4-3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl56gXkACgkQ3OMQ54ZM
yL9pdg/9Fl1jvtnZP5u8zJdgwgU2KBV7JJawrswSrSQh6FOJQ1o+/HbMQjVzDD69
pc47l9j6e48cNqEocADHp4bbZswXH6sqqW7/Os7kRYlnpoeuMKv5KlsJ6E3mvKbP
oyvCd8ub+xcLfp2Ta5BjKqxyWxhmbdXflde5wu3vtfHFvE/iFlB4gzBsJ16heWeo
nc8BfysuaTmkRukeVbhuH+4Wp3TV2ga8uMOUwpsMU8mpG8hqT3yHTZ1pEdSwLufu
7u+L/kTWS7HY+6XF9irI/drddp804Ep7qdAoHMkWi5jTgmIFjJ7sex/yRKNY9NOn
pIqUFNM7CRVGBVVZo3gXx++C58+ZjxuH4WLXTGKXeEhCo43Tb3j6o9UXG7ZuVg5O
VywL78WcFkFBifuC2j+vSK0XsWS7ViyhmDvn8gZy4WU0WrhlG7smfuG6GNQZ1uQD
FnJV3DsfoqhqmemXOUsy9P4KjeF+DMOfAAbTxBwQeeJpDdyzGFpsn4L0itZntxWk
M2RFqgQNXTCwovuVKek+7uFlyNFtnCdusQwhpvR08iz/WruINoSIE9ZQ/8Y+uBBa
o79M+KQh3m8Z4DBd4ILp0EiFyuVcNHAslHlx0BlfzfLMTckty/vPyZBKb8oQ0oAd
+x2O6bMp19Q6psvhgiuRCmXf+SMWQk8J21EmoW60NL72HViZ/dI=
=i0k6
-END PGP SIGNATURE-

Accepted rust-regex 1.3.1-1 (amd64 source) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 31 Dec 2019 05:39:52 GMT
Source: rust-regex
Binary: librust-regex+aho-corasick-dev librust-regex+default-dev 
librust-regex+memchr-dev librust-regex+perf-cache-dev librust-regex+perf-dev 
librust-regex+perf-literal-dev librust-regex+unicode-age-dev 
librust-regex+unicode-bool-dev librust-regex+unicode-case-dev 
librust-regex+unicode-dev librust-regex+unicode-gencat-dev 
librust-regex+unicode-perl-dev librust-regex+unicode-script-dev 
librust-regex+unicode-segment-dev librust-regex-dev
Architecture: amd64 source
Version: 1.3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers 

Changed-By: Ximin Luo 
Description: 
 librust-regex+aho-corasick-dev - Regular expressions for Rust - feature 
"aho-corasick"
 librust-regex+default-dev - Regular expressions for Rust - feature "default"
 librust-regex+memchr-dev - Regular expressions for Rust - feature "memchr"
 librust-regex+perf-cache-dev - Regular expressions for Rust - feature 
"perf-cache" and 1 more
 librust-regex+perf-dev - Regular expressions for Rust - feature "perf"
 librust-regex+perf-literal-dev - Regular expressions for Rust - feature 
"perf-literal"
 librust-regex+unicode-age-dev - Regular expressions for Rust - feature 
"unicode-age"
 librust-regex+unicode-bool-dev - Regular expressions for Rust - feature 
"unicode-bool"
 librust-regex+unicode-case-dev - Regular expressions for Rust - feature 
"unicode-case"
 librust-regex+unicode-dev - Regular expressions for Rust - feature "unicode"
 librust-regex+unicode-gencat-dev - Regular expressions for Rust - feature 
"unicode-gencat"
 librust-regex+unicode-perl-dev - Regular expressions for Rust - feature 
"unicode-perl"
 librust-regex+unicode-script-dev - Regular expressions for Rust - feature 
"unicode-script"
 librust-regex+unicode-segment-dev - Regular expressions for Rust - feature 
"unicode-segment"
 librust-regex-dev - Regular expressions for Rust - Rust source code
Changes:
 rust-regex (1.3.1-1) unstable; urgency=medium
 .
   * Team upload.
   * Package regex 1.3.1 from crates.io using debcargo 2.4.0
Checksums-Sha256: 
 6d79e8ec2eb04e72a90bfebc0e6f856f2d46e7aa512bdc99e3fec0728daba64b 1132 
librust-regex+aho-corasick-dev_1.3.1-1_amd64.deb
 cf2c79b7fa9bdca1671a33e606cb08481d1819081af12087115e631c5004a3e4 1120 
librust-regex+default-dev_1.3.1-1_amd64.deb
 26753bef47a7570bb1c7da37b5e07f6c9ea10f48c54fc9f2f8f91236060cfd8f 1124 
librust-regex+memchr-dev_1.3.1-1_amd64.deb
 9e7a95263dd9ba9184f90435c334a4a72fb7c47a1162e527163901d887462d3f 1192 
librust-regex+perf-cache-dev_1.3.1-1_amd64.deb
 c55d2c3511276a59a37b030f9652131009be94fdb7408cf7687e7589cf55c6e4 1116 
librust-regex+perf-dev_1.3.1-1_amd64.deb
 a3763554302df23e513b8815ba1445a58a11c6af852626363b6c61cde667a129 1156 
librust-regex+perf-literal-dev_1.3.1-1_amd64.deb
 e8662d053854714b019bd31eb1b0b7e1d5d2093c486859bddc0db3f853ead028 1132 
librust-regex+unicode-age-dev_1.3.1-1_amd64.deb
 0f20604f5dbb67bc82ba2e8be07cfd83f1a312dae6b6e0ac5a4b99a5030280e9 1132 
librust-regex+unicode-bool-dev_1.3.1-1_amd64.deb
 fc1cd4bf6d8ee30b0df1d83f16da1a636f06a0eed6f9a82a46cf1ce8d434693d 1132 
librust-regex+unicode-case-dev_1.3.1-1_amd64.deb
 88237694ee41ccc26ee61f1c1ed927519810a775edece94b6b94fbc917ea6181 1140 
librust-regex+unicode-dev_1.3.1-1_amd64.deb
 9d1ca66a8b527e7eda2f55bf090a8da91c3f02fbdda3a2565f407d893db103bc 1132 
librust-regex+unicode-gencat-dev_1.3.1-1_amd64.deb
 0fc60620959afc22a299e93c4a2d44f42de7068a3af790f7ffb7f468a04928cf 1132 
librust-regex+unicode-perl-dev_1.3.1-1_amd64.deb
 81f49121b9399e764cb0545e81d6aa6065a0a1bc00745fd1ff141833859a0be6 1132 
librust-regex+unicode-script-dev_1.3.1-1_amd64.deb
 3c967b5be2ee35d46e22a03b6c77b8759262422c082c3e55f029889f42512982 1136 
librust-regex+unicode-segment-dev_1.3.1-1_amd64.deb
 eb451d804385b7882a0e1d2174abe1f8a2a0784187afc60ee018d04da5d96c78 194100 
librust-regex-dev_1.3.1-1_amd64.deb
 858bf76033faab0f10d0af038263790a7237791d9a7cb102688ee9ee0bc5f7a1 11122 
rust-regex_1.3.1-1_amd64.buildinfo
 b51d22d826557f2b239402d0c96601f0daf98e2a6e748bb70f828ed10b2e10db 3676 
rust-regex_1.3.1-1.dsc
 dc220bd33bdce8f093101afe22a037b8eb0e5af33592e6a9caafff0d4cb81cbd 234662 
rust-regex_1.3.1.orig.tar.gz
 7059f59505a6ebb89fc33dae680b1fd9dd8526348a1ea2d76545352a791a54ff 3888 
rust-regex_1.3.1-1.debian.tar.xz
Checksums-Sha1: 
 dacdc0dc84024ff3d1940b88abdfac611ef37494 1132 
librust-regex+aho-corasick-dev_1.3.1-1_amd64.deb
 f2f5fc11a22703d934b91542973e30732a714026 1120 
librust-regex+default-dev_1.3.1-1_amd64.deb
 58f37c8a885fdd9867274680f2ac8025bd219729 1124 
librust-regex+memchr-dev_1.3.1-1_amd64.deb
 ed06310dc86833d6404a498aff543ac9b97a68de 1192 
librust-regex+perf-cache-dev_1.3.1-1_amd64.deb
 51c04d361dc71ede5548d2da77f2d2a8f05303ec 1116 
librust-regex+perf-dev_1.3.1-1_amd64.deb
 df113b668c625ea9f295615072bf94c6e2b2557d 1156 
librust-regex+perf-literal-dev_1.3.1-1_amd64.deb
 94289039cd845f402adce2949b3ea3e015810847 1132

Accepted augur 6.4.2-1 (source all) into unstable, unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 23 Mar 2020 15:03:35 +0100
Source: augur
Binary: augur
Architecture: source all
Version: 6.4.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Andreas Tille 
Description:
 augur  - pipeline components for real-time virus analysis
Closes: 954777
Changes:
 augur (6.4.2-1) unstable; urgency=medium
 .
   * Initial release (Closes: #954777)
Checksums-Sha1:
 1dc078e0a6df93bd526ae054f2001475c767cb2e 2131 augur_6.4.2-1.dsc
 bc62f947d9a4e5ac8c317dd51f429b631332d6ee 10947203 augur_6.4.2.orig.tar.gz
 ef75148f8ba88c00e42d98f22091713664e56960 13120 augur_6.4.2-1.debian.tar.xz
 48dd86cffc15a75046c1ffcc1a80e53cd8dfb4d6 129800 augur_6.4.2-1_all.deb
 c694bcfed7b25d2510b7ab13c66b89b4848ebdb9 7617 augur_6.4.2-1_amd64.buildinfo
Checksums-Sha256:
 7d3cb8c3ec46a3661df9858644844138cb85b2fd3d986a04b526de6b38629d43 2131 
augur_6.4.2-1.dsc
 c25b55d15dceba639b02b5ee088d73b1e10e1698d8348def59fcdf0524c90653 10947203 
augur_6.4.2.orig.tar.gz
 d9fb8c39017311dd74f41fe2b2cdc1ab9a34cbce399283970408100b226447fd 13120 
augur_6.4.2-1.debian.tar.xz
 21fd7f4c9f382c0598a522ce24b60b770b0f5dddcb81c674bf26b63b736134bd 129800 
augur_6.4.2-1_all.deb
 0cf207c52a73aa460fc9a563ad575d6b3d5216340a7c1cfb86e5badd0b154adb 7617 
augur_6.4.2-1_amd64.buildinfo
Files:
 18c3bbc1287e66992f43b68e9826b259 2131 science optional augur_6.4.2-1.dsc
 c404b11842e225434aa4bb70613e2a30 10947203 science optional 
augur_6.4.2.orig.tar.gz
 917a10b41b030f9f27cd7e0a4b0755b1 13120 science optional 
augur_6.4.2-1.debian.tar.xz
 13ddc158a341ee270a6313a0730b7474 129800 science optional augur_6.4.2-1_all.deb
 8111810be31bb20fbf33f91095d37332 7617 science optional 
augur_6.4.2-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAl55o3kRHHRpbGxlQGRl
Ymlhbi5vcmcACgkQV4oElNHGRtE8Ag//c+ecrewPgh5Xpi2rR4yyC2J0G2khX0X1
k14e1zt/nUPrdvxQqllWfivNS8sQHbkYejHbC/OJehzrg5ZSScDO5lOfWSxYxjlv
EcbiNcgmF2m2XFY+DkVQzaNKay4GHhC7gd3RJoMBISmXm2ZKjiPAMVlXptTDMYSa
HEBSc1n05h/XHKkDqKGoJJotJ0/wbSFJ56vQB/WgpSNWnO6gAVuAcx8uEo7bdvaj
qD5yDtSUvE0lzJHshshDEdPDAamFBwhP6kx3MNw4Wd/YTHSfaKG6VeHVXECBk90h
b+BvHhyBwloHi8IVnj2EzlgC529JgxQH6IPRMLprI/5aqT+1k1d4BC3FLIJWZFcX
vDnwqF18pmGj9x7/anvxB2CG1NU6ls/cJ40ZLYu1pTcUiwSea97UcISh+GqJWJDF
7zAkhLckOoc75NXw9wiLjVYT0Anl91QGNfDXq0P6YjpQmVgOrHV8n3Lvq8tS+xuL
o/w+SaeDV2k+cqOR/222Zd3A88UqK+eNHqysAualkadkZ2ly6SjBfiD3uxO5cJj9
mBRiMUqhzG+wY4Sl14c0n7JId76jkb/CVrEwgIN6wkfPNyCOh5XEkAEovDjyqIKO
foaVFFpzflePant7E0Gkg322tuwUW8VYy+df9p+l3k36qhEUvJrklAN1xFla/pnI
A+zf5ABHZFY=
=9Jyi
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Russ Allbery 
Jeremy Stanley  writes:

> If this represents the actual state of building Kubernetes, it's
> unclear to me why Debian would package it at all. I don't see the
> value to users in consuming Kubernetes from a Debian package if the
> result is compromising on Debian's vision and values so that they
> can get the exact same thing they'd have if they just used the
> Kubernetes community's recommended tooling to install it instead.

I have been very grateful over the past few months to have Kubernetes
available in Debian (and have been quite annoyed at the irritating things
I have to do get and update Helm, which at least has a snap, and Argo CD,
which doesn't have anything useful).

I have no opinion about the best solution to the huge vendoring problem.
(The Rust team is trying the package everything approach with some success
but is uncovering other limitations in our processes and tools.)  But
having these tools in Debian is hugely valuable for Debian users who need
them, which is sort of the point of Debian at the end of the day.

> I'm all for using the best tool for the job, and while I've been a
> die-hard Debian user for more than two decades I also don't install
> every last bit of software from its packages.

I do when I can because I otherwise have to remember to wire together N
different update mechanisms, which is remarkably not-fun and takes time
away from the actual work I'm trying to do.

-- 
Russ Allbery (r...@debian.org)

Re: email backend for fedmsg

2020-03-24 Thread Nicolas Dandrimont 
On Tue, Mar 24, 2020, at 21:51, clime wrote:
> On Tue, 24 Mar 2020 at 20:40, Nicolas Dandrimont  wrote:
> >
> > Hi!
> >
> > On Sun, Mar 22, 2020, at 13:06, clime wrote:
> > > Hello!
> > >
> > > Ad. https://lists.debian.org/debian-devel/2016/07/msg00377.html -
> > > fedmsg usage in Debian.
> > >
> > > There is a note: "it seems that people actually like parsing emails"
> >
> > This was just a way to say that fedmsg never got much of a user base in the 
> > services that run on Debian infra, and that even the new services 
> > introduced at the time kept parsing emails.
> 
> Hello Nicolas!
> 
> Do you remember some such service and how it used email parsing specifically?

I believe that tracker.debian.org was introduced around that time.

At the point it was created, tracker.d.o was mostly consuming emails from 
packages.debian.org to update its data. These days tracker.d.o has replaced 
packages.d.o as "email router", in that it receives all the mails from services 
(e.g. the BTS, the archive maintenance software, buildds, salsa webhooks, ...) 
and forwards them to the public.

> I am still a bit unclear how email parsing is used in Debian
> infrastructure, don't get me wrong, I find it elegant

Ha. I find that it's a big mess.

Here's the set of headers of a message I received today from tracker.d.o, which 
are supposed to make parsing these emails better:

X-PTS-Approved: yes
X-Distro-Tracker-Package: facter
X-Distro-Tracker-Keyword: derivatives
X-Remote-Delivered-To: dispa...@tracker.debian.org
X-Loop: dispa...@tracker.debian.org
X-Distro-Tracker-Keyword: derivatives
X-Distro-Tracker-Package: facter
List-Id: 
X-Debian: tracker.debian.org
X-Debian-Package: facter
X-PTS-Package: facter
X-PTS-Keyword: derivatives
Precedence: list
List-Unsubscribe: 

I'll leave you to judge whether this makes sense or not.

(and it turns out that the actual useful payload was just plaintext with no 
real chance of automated parsing)

> but from what I have found (e.g. reportbug), in the beginning there is an
> email being sent by some human which will then trigger some automatic
> action (e.g. putting the bug into db). So it's like you could do all
> your work simply by sending emails (some of them machine-parsable).
> 
> So do you have the opposite? I do some clicking action somewhere and
> it will send an email to a certain mailing list to inform human
> beings? Or let's not just clicking but e.g. `git push` (something that
> you can still do from command line).
> 
> Do you have: I do some clicking action somewhere and it will send an
> email to a certain mailing list where the email is afterward parsed by
> another service which will do an action (e.g. launch a build) based on
> it?

Both of these are somewhat true.

Some examples of email-based behaviors:
 - Our bug tracking system is fully controlled by email.
 - Closing a bug in reaction to an upload is done by an email from the archive 
maintenance system (dak) to the bug tracking system.
 - Salsa has a webhook service that react to UI clicks (e.g. "clicking the 
merge button") by sending an email to the BTS (e.g. to tag bugs as pending), or 
to tracker.d.o (for new commit notifications).
 - Some of our IRC bots are triggered by procmail rules.
 - At some point mentors.debian.net depended on a NNTP gateway to the 
debian-devel-changes mailing list to trigger removal of superseded packages 
(...)
 - etc. etc.

I'm still not sure where your trail of questions is going? fedmsg in Debian has 
been dead for years at this point, and there still doesn't seem to be much 
interest to implement anything beyond email parsing in some of our core 
systems. 

Bye,
-- 
Nicolas Dandrimont

Accepted ruby-fakefs 1.2.0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 18:15:57 -0300
Source: ruby-fakefs
Architecture: source
Version: 1.2.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team 

Changed-By: Antonio Terceiro 
Changes:
 ruby-fakefs (1.2.0-1) unstable; urgency=medium
 .
   * Team upload
   * debian/ruby-tests.rake: use an UTF-8 locale
   * New upstream version 1.2.0
   * Refresh patches and drop unnecessary patch
   * debian/ruby-tests.rake: remove workaround for failures; fixed upstream
Checksums-Sha1:
 e8affb2f431b0e22dc9b92d8ea7997dbaa4613d9 2114 ruby-fakefs_1.2.0-1.dsc
 cf043ed973c0ec12d35f3b806a1deca8f9b065ca 53920 ruby-fakefs_1.2.0.orig.tar.gz
 8451b21792f61778ab456bd8ed8c29b503850925 5292 ruby-fakefs_1.2.0-1.debian.tar.xz
 a4d3b2fcdf0298d4b29def167b75302b6da568bd 12843 
ruby-fakefs_1.2.0-1_source.buildinfo
Checksums-Sha256:
 94189d5552ce5666f8dd91580304190fec156469308cf8e742c7f5855991a857 2114 
ruby-fakefs_1.2.0-1.dsc
 4de60c91342044316f5dd7c005f380d1dcd467ac621845f776a183e4825a1eae 53920 
ruby-fakefs_1.2.0.orig.tar.gz
 a07a4954024e6580a411b0a84e8b4b1e881b13f94e093594eea40ed2c06fee1e 5292 
ruby-fakefs_1.2.0-1.debian.tar.xz
 b2994dae9b0860fd4d99f1c7c3eb531ad8eef3d395e373b837c6ac5ac3e47166 12843 
ruby-fakefs_1.2.0-1_source.buildinfo
Files:
 286f21c5f2eb89aaa39d41ca458a6160 2114 ruby optional ruby-fakefs_1.2.0-1.dsc
 5f594a6ddf5b6e71912bc25ae8cf602e 53920 ruby optional 
ruby-fakefs_1.2.0.orig.tar.gz
 df3e1094aac1c0a0f19835e2feee1a2c 5292 ruby optional 
ruby-fakefs_1.2.0-1.debian.tar.xz
 c685c9b514101fe507a30acf34f79d41 12843 ruby optional 
ruby-fakefs_1.2.0-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEst7mYDbECCn80PEM/A2xu81GC94FAl56ejMACgkQ/A2xu81G
C96HSA/+K6uXxQQAIbq8P0oUokvxxcPuVnE1gCG+aRUlDqpm9s0MvKaGxWU/Y23t
WZpqImeD+HwmOleEKBkX6xf0WDXdrnryfCai5caWcIyUYmM+dqGlJDSlPatcyScv
bIUAkcxEEjwRilCWNuLwgxnbRhR8GpozjuD7rm4rXVUxnCixPokZb6zgKgJYSO/T
MM3Y1RVSbi/vDceDLFVbYntwZpJ/OHHbVLp7cK0AcLyD8hgDMwYb+HFDA/c2EuWI
SiukZZqFD20WVXvDu0Oy/7pc3jBk39ug9CDA0I9X2+Jxho8ApGJ5v4d+PCY2tc9T
p0sibCml76LOyylQngvSfgK3E2p/oedxxl7t2ohScAVayq+FAy5U6ZNqb9SxOIOx
ZSfN+r4Be//cYmg4jbSMSr2W78r1c3WVK8gWshDjNUOKPsPwhMr6g/M3vip9w5lw
6PeFFx0YELYHjJD7ID/a6JY5AcOZ+7WA0lXNodSKlSgDkT3jVBrbktW1CXfFuS6j
4nmRE0eryR5xFsYtaKbrV0pGY6aGycOCUe2iCWpN6YkxOrRNoIHfJfjGXqMeR284
sdTusQlbW5V2xyGcdFADZe8TRjywognGx65FuiaGm+4Ke5qkFL2+kN3+trOyPtDJ
HkI9fK0e2yyDX2DkPHKRFHhxH/kx/2FMQ0VQXmZ2DPAp0CJQVRs=
=6Qvk
-END PGP SIGNATURE-

Accepted puppet-module-aodh 15.4.0-4 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 22:09:59 +0100
Source: puppet-module-aodh
Architecture: source
Version: 15.4.0-4
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack 
Changed-By: Thomas Goirand 
Changes:
 puppet-module-aodh (15.4.0-4) unstable; urgency=medium
 .
   * Really Depends on puppet, not puppet-common.
   * debhelper-compat (= 11).
   * Standards-Version: 4.5.0.
Checksums-Sha1:
 029ed5a253bc8f466eadf6f2016d620a4bffb4d6 2104 puppet-module-aodh_15.4.0-4.dsc
 5306d144b4dd013057f84bbeb7bbccc7ed8bf211 2780 
puppet-module-aodh_15.4.0-4.debian.tar.xz
 291fc6facd68f4b23d637dd5628f9ba85da34888 6373 
puppet-module-aodh_15.4.0-4_amd64.buildinfo
Checksums-Sha256:
 76cfc302ce7c07098cce5284876b2f1e7357428108c28261b82a2de7ca0ce483 2104 
puppet-module-aodh_15.4.0-4.dsc
 4ec51f1e3a446d6a416f41743a1089a4344af351329952396e8ece53e4c97b80 2780 
puppet-module-aodh_15.4.0-4.debian.tar.xz
 951f3ed1d977796cd4034413c4d69f409e97ca270c302784007d872280de4d79 6373 
puppet-module-aodh_15.4.0-4_amd64.buildinfo
Files:
 097ef3338bf5b1a582308c7e934975d7 2104 admin optional 
puppet-module-aodh_15.4.0-4.dsc
 d96af052dab3b02cb7a32a1b69f184e8 2780 admin optional 
puppet-module-aodh_15.4.0-4.debian.tar.xz
 07c690e9535ead0d00e1a1569217f302 6373 admin optional 
puppet-module-aodh_15.4.0-4_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAl56d6EACgkQ1BatFaxr
Q/7uLQ/8DpeTBS/j0umaqWYXStpi592d16Sf9Yv4TIVycPuk/YIghoQ9yVhZ8CWR
N8lG1NLTjPRPJjg+F1bIlM1vwuQOamsc7bp0SyowJft3lgXAWk5mbyjBUUIWb5j+
gNbNQPKVfiZVhyFPE/B3cyo8fjC7W+JxecGC63/ROkm7FjR4L2v1PcNiIfA4cnxd
ysyVeEnx+v2csi90DtwLMrOZLNXtO9YMbzMpzsNBsMAgnH0duggWdd8Z6dSoPdQJ
MpnP9pHQhJ5Ads2s9dwG8C+Lv/hP6Om6+zM4cBpFEiJl3CO0y3KBGAZcigw+wfYV
oYYlF57ffC+o/CUUxBD9unoYSENrJKXMfchs9IrgSqWprn3G91lOOBXjFQMpX2yA
O90LxvIAKHjG3LuimbmfKjrr8TnWtY4Ptmy5vu3RiXaR9uT2NrpzRg77v5eGga64
rgsUWMiyKD/9n/TyRUT0pFfDMJMjK10bqojbJVQkrIXHi2ErplQ6Sjt8Iajbfnr/
4y6KkFP5UIv195PH3U/7EvsIBiavIJdafDTPUhre4BjlMm79r88/kqx42+zwderd
MJZ3DE/ctBtNjzZ4mz+Xp7IBSJU/ihg5lvBv6O0d8Wcraavz0Modj+lk231SPII6
cJbfDiyw6SU48WHyiivog4JrXpjep30VqkYDxImdL+ZXnjU7/8w=
=gv10
-END PGP SIGNATURE-

Accepted libmodule-corelist-perl 5.20200320-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 21:37:26 +0100
Source: libmodule-corelist-perl
Architecture: source
Version: 5.20200320-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group 
Changed-By: Salvatore Bonaccorso 
Changes:
 libmodule-corelist-perl (5.20200320-1) unstable; urgency=medium
 .
   * New upstream version 5.20200320
Checksums-Sha1: 
 f4e19b3d8ceb530a51672575be6aa09da35ddb33 2519 
libmodule-corelist-perl_5.20200320-1.dsc
 39e0e11911c1ff7b99aeb573bcdf73846dde6412 65480 
libmodule-corelist-perl_5.20200320.orig.tar.xz
 8507a735a6e05e0cdf65910489c5c061cdfc1e1b 7516 
libmodule-corelist-perl_5.20200320-1.debian.tar.xz
Checksums-Sha256: 
 9b8204e497a0885ce2b65b8ebdb71a7977d830a2ac48b44550bceefbd12fa2f5 2519 
libmodule-corelist-perl_5.20200320-1.dsc
 ad32d592e6fe8b0a22d07e56c4041ff7c46b53d689297c6fb2cf92fe666d8cf9 65480 
libmodule-corelist-perl_5.20200320.orig.tar.xz
 a9473e6ab0cf5921feb52771851ea790bf1f2199e751390a8fb982a86fc82b5f 7516 
libmodule-corelist-perl_5.20200320-1.debian.tar.xz
Files: 
 70ce4622ebd613de08559673eda5bf0d 2519 perl optional 
libmodule-corelist-perl_5.20200320-1.dsc
 0806cfbdcb585cd28bb6c2fd02fce02d 65480 perl optional 
libmodule-corelist-perl_5.20200320.orig.tar.xz
 42f16c546572376dc1e4b181cf79718a 7516 perl optional 
libmodule-corelist-perl_5.20200320-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl56eHJfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EstUP/3LA0VJ/jgY3nDxajMIT8QJuo2cc0BGn
fYQyeMq+Kmpdm9xR6pyudEp20b4a3EJMGAX9BIgqmGJ/ZOvsIyifqlmaX8nkkHx5
k1rDsDA3qJSCX86Khug1gnOqHbvX1FfiAwL3eQmE8kG+VUKLmWUr+1z1dQPdfu3w
bqaC77t7pFJPSVN8Llf2OBQpx9klxkNqZddg7N7iXPOl03dYt95cFuyD7FfEh9uC
0iWZSeB1P+AdO2KsChrV3bZU3wxOW0iUj2U0kSakVww8pvTv5xi44cWkJKr+e1C7
EDWRkO2RmoDLWcLL47MVIC9icXFzN57m8Osg6jEwKXesKajVopD6Pmwib6WlJUwZ
tllsSL/le+R3YGeYmLi4zFG235YBx+KddXhV+t9SVt4IrXG22C34iyxWf00vxeQ0
aslHyF7o/7ayUCFzWxtDC+6825RsRnmqEcMWleQ/5wDsR3Dvc8sw0coHR4Jw+/O/
c2YEFGZnV1X6WXKtien/t3lfKzzrjm2EWMyrb1VU8OkPKo3w/8LsnCYgSkVcjlBQ
Opn6nwbF9Gat6vdFwB2EEsNr91+it8UwJOID94PAuJblkmKB5Lg9PsUrVbNfP5ln
ZRcZZYOhFxWf5QWKjofCnKc9DxprsBVW2dG5kTKbuBFNI2K0ArTzsc7OGL5okhPy
GL9Cx4R3o4si
=Huzc
-END PGP SIGNATURE-

Accepted puppet-module-barbican 15.4.0-4 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 22:12:24 +0100
Source: puppet-module-barbican
Architecture: source
Version: 15.4.0-4
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack 
Changed-By: Thomas Goirand 
Changes:
 puppet-module-barbican (15.4.0-4) unstable; urgency=medium
 .
   * Really Depends on puppet, not puppet-common.
   * Standards-Version: 4.5.0.
Checksums-Sha1:
 db336d04091a842f0a96986cf8db1a6e6311a73a 2152 
puppet-module-barbican_15.4.0-4.dsc
 4f28638e76dc5a5504bdcbb0306673c15fd9fdac 4980 
puppet-module-barbican_15.4.0-4.debian.tar.xz
 7f6744bc3bd5693f0ecf34ebb354120068b81efe 6413 
puppet-module-barbican_15.4.0-4_amd64.buildinfo
Checksums-Sha256:
 63fb11c41fa89dc845e162f9b5edf086d48fad2295658837ff7444c385479512 2152 
puppet-module-barbican_15.4.0-4.dsc
 efac09400f3213b63d2463608b259a241cd159b083e640641d87689cacef7376 4980 
puppet-module-barbican_15.4.0-4.debian.tar.xz
 86debe125a98f71b202badca699022a32f9cc9507ad0c2e62cda128c869d8314 6413 
puppet-module-barbican_15.4.0-4_amd64.buildinfo
Files:
 15be895f9d1dbd5e75dc720496d787a3 2152 admin optional 
puppet-module-barbican_15.4.0-4.dsc
 126d73fb28a928d2804a595ff7778a86 4980 admin optional 
puppet-module-barbican_15.4.0-4.debian.tar.xz
 3310142cdff2a92d453d989822f5a369 6413 admin optional 
puppet-module-barbican_15.4.0-4_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAl56d/wACgkQ1BatFaxr
Q/4Bmw/9Fr9Izrr1pI6I19wDlYQYY1DH/Fmk1b3o0yFjksXMv+xPHOL6IBvCNZHn
3T3iBj9vrzUlFYzH1c3WFUdV4+elSdF9QalluPTtKvXlAoj7HpeYNy8SuXfsDbZ6
xk5kZlOEuoHA2r3HzWu861R7WXFwKun9OVRdNSVHKdrzFP2C+sYQs9VX6mYE5zIj
X+1TtWG3eDZQuF7kVIQ35IoZjgIt6u4HA4/2JZ3cnjneR2uUpn0FQUQD1PG+wSBj
cWKuDxsraMgrUY1CndWqxXRR4Spi4vKjglilZLI7f6GguLNaUcFL6oNUDGEtNem4
zf8PAWcchZ3oOhhMoN0g0HTvAOWjfKatw5GHwDFEU8i/qTv1+l9UC1aWVUcxH1N7
WD8XsqdfE61vUH0aQSZ2CFJA0reUN6WpM++xrn/wa5X319CBVIsWYkO5QjaJDVqw
NMGSvKMmoOn2ljfloreUPbDU9091DhnlCh6HDtIKCAR/CEXeQ6jNg3yKkuW07tdQ
H0VW0fLOjNSItQZM6AAgUUzcE0VJKU2vxfUBmPfAfv0XvF9nbcGIp7kA9lA4fDj+
+dJCFpB66R2uVR7WImAKVdz6xc64ZksN0rQdmUqrxaDkP02UHZeS6tKlI42xU813
NVtzerdafGtlgOMiGvsHmGKZcmezyhA9AXptI1TMRaL08Q1JHz8=
=+WWJ
-END PGP SIGNATURE-

Accepted xstarfish 1.1+ds-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 22 Mar 2020 02:57:33 +0100
Source: xstarfish
Architecture: source
Version: 1.1+ds-1
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group 
Changed-By: Adam Borowski 
Closes: 392396 810078 885953
Changes:
 xstarfish (1.1+ds-1) unstable; urgency=medium
 .
   * Orphan the package.
   * Repack the .orig tarball to remove binaries from a proprietary MacOS
 tool which cause errors on QA (bad filenames, masquerading as .gz),
 precompiled source, old Debian packaging.  Closes: #392396, #885953
   * Drop pre-cretaceous Provides/Replaces.
   * Ack NMU.  Closes: #810078
Checksums-Sha1:
 3de9926b1adcd7d652b9a2f762a8d835716b3975 1716 xstarfish_1.1+ds-1.dsc
 bc21a7a90074c3eb04c751d7ad77d847a45ed9dd 44964 xstarfish_1.1+ds.orig.tar.xz
 8e12fb12ac0d4bbc35793e1d8c77783b740eca13 9784 xstarfish_1.1+ds-1.debian.tar.xz
 b08b83bf00d7f2c43a39a1ab7c1b0d00e35139a1 5795 
xstarfish_1.1+ds-1_source.buildinfo
Checksums-Sha256:
 23b36139ed45266cf1608829b31464dd0e0cfa68531e31b016f8a2a0ed8cdec6 1716 
xstarfish_1.1+ds-1.dsc
 c5ef6aef3757b2c70179d6ecaa19cf14fcbcd2c04c55b9e3970e7f3e0c03d3ad 44964 
xstarfish_1.1+ds.orig.tar.xz
 d4e9c2e9161799643d48c486d496606a455f750c49140741124c14af6574ff18 9784 
xstarfish_1.1+ds-1.debian.tar.xz
 647c81d95ffd413ed290b582211aa7f295d7c71147a662ad8bc426fe7be24782 5795 
xstarfish_1.1+ds-1_source.buildinfo
Files:
 1ff5a996f262a6b1826a5b3474421d72 1716 utils optional xstarfish_1.1+ds-1.dsc
 3374d3a4ceeb6d0b3382c35eebf0dbfe 44964 utils optional 
xstarfish_1.1+ds.orig.tar.xz
 a308fc2bab7267dde7cdfaad357cbfe0 9784 utils optional 
xstarfish_1.1+ds-1.debian.tar.xz
 724f128516cc01e143f809b498068b4f 5795 utils optional 
xstarfish_1.1+ds-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAl53zLIACgkQweDZLphv
fH61Fg/+Iy6hbIhVw4k3JucXFNB1fh5Hkjf+wNW6nJfhNoN2fjU4FRDZSR221DQ1
krRPUogyTJTsWUzv74HybeYcwveqSKuhdbeiMTxws9e/8WXllUXj7rG2IY3AbLXN
HHIlML1KFSGqPDo9gR8CpzKZEYSL/1bifQiYOSQHF1cnnQJstFzIM/JZfFLwVjJY
sRpeZl7QUaCTMOhddpQmsvu98TOfLOjrRZC1ZeClcICyy3F8yLaJo/BwiDrwu20n
M3wwC/9oCyVcPkas1eGBsVdT0FMkl9hVXwbBzCaa0WYgam7D7Wmu7eFb7BWZQcGf
kgLqbky9mYYhpNM49ZcLcT+cYvo/PJWwJQaqYEUeRO8psGR8GjXUBQfGnmdkv6uk
rcGAoEDM6HzQeUKhXFLy6IHshGD6+ufscoPN6Ah2kbUGCPCMZ8qIGmyoog+qqEsG
DIshP/JdXCgXId4eSzg5RCuBzJZjLKf+KHt8vQRbWUTcpVuAWlbsLhxsgX40n6ZB
C+4rcnJjuUHAXoJlXlqQ8Vf5zNL41Rtv+/Lbwo3znhovZd2CfDrf549BKjUzcLfA
3diTW4q4hfkPK1gO+htsVSp8EtI5YxOFaPUdwHS9dkAw+GvkYhgyMzIzT8tVz9/P
mkM+qpXlRPYYWs298qT5zqDQPGN9/2RUYXKlg5WZ5VUhh+4Uk/A=
=bmAx
-END PGP SIGNATURE-

Accepted libbusiness-issn-perl 1.004-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 21:27:21 +0100
Source: libbusiness-issn-perl
Architecture: source
Version: 1.004-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group 
Changed-By: gregor herrmann 
Changes:
 libbusiness-issn-perl (1.004-1) unstable; urgency=medium
 .
   * debian/copyright: replace tabs with spaces / remove trailing
 whitespace.
   * debian/watch: use uscan version 4.
   * Import upstream version 1.004.
   * Update years of packaging copyright.
   * Declare compliance with Debian Policy 4.5.0.
   * Set Rules-Requires-Root: no.
   * Annotate test-only build dependencies with .
   * Bump debhelper-compat to 12.
   * Set upstream metadata fields: Bug-Submit.
   * Remove obsolete fields Contact, Name from debian/upstream/metadata.
Checksums-Sha1:
 7d143f32464a3db90d17dce1b6f26ec2884c60ef 2506 libbusiness-issn-perl_1.004-1.dsc
 cdca934835a921bbf9f6fb2dc0f78b80c44c82af 10175 
libbusiness-issn-perl_1.004.orig.tar.gz
 050629ae92afbee79c4e0151009f4cdcbdc51b39 5316 
libbusiness-issn-perl_1.004-1.debian.tar.xz
Checksums-Sha256:
 25ed587de889d8695c067ea5dc34e33c8ef138d377c1ecad11ec59b17e7efc52 2506 
libbusiness-issn-perl_1.004-1.dsc
 97ecab15d24d11e2852bf0b28f84c8798bd38402a0a69e17be0e6689b272715e 10175 
libbusiness-issn-perl_1.004.orig.tar.gz
 4474fa69146a2f193062d42dbafdc8f26e56a8cb4c98413a9c2a568c454987b4 5316 
libbusiness-issn-perl_1.004-1.debian.tar.xz
Files:
 9d6d4f50cfbfeca1dc2056a75ad054bb 2506 perl optional 
libbusiness-issn-perl_1.004-1.dsc
 4d638d72f22e2d3cc677eab6e07d15f2 10175 perl optional 
libbusiness-issn-perl_1.004.orig.tar.gz
 b3ada8681226a8c80bfccad11c0e00f4 5316 perl optional 
libbusiness-issn-perl_1.004-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAl56bcxfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx
RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ
qga6WA//RzMHh8CJELdEP8muX4jEOQalPGCHi9epRdM/TtL4E9WIcbQKA/uwybEp
bfYYb8fRxXndXx2FsfIySeQwzyjAbVWS9QizJiHpRQDSXytZqP3BfRgKmU6wI8jz
pkVvVTfj65NELx/mmIZI/A0rawC6ag2Y/O9SSXcFr21/v1rxda9fKNAYV7V1YA13
C043eCi6Q/Z0BwLEXpo7XRSjKuRYMFJEqoD+RHkwLgkB0j10izw+jFZ7hTmrUfJX
6qa0HYeIHmRVpt/BZ1gS+7+sFVkauwMHvEUdcUgb46K3Zbihj7RHZxM+azRwy01C
jq/u2GfTtmAO4cg4mxfJCgjD5SFo0BbyZGjC7Sf6r4nKV81NUrl+Mo7jhmlWk0HX
O5wTSUZsL1sWEM8K1f77F1PF27/mnuJcBxBhyLPkmSLGFmW2PgPkb+FtDINfy3J/
ZrqwJpA2H/cFZ4bogOT58bOMbwD7IB/76XRb8TDeGSKMzJAeFgpPpG5pE2KrpNW+
n1TQxVNy6icQZLd0TyZEl7iDAYxJktnv0QS2tb1sDc68dwvLQGBBHmqnKZAoqPSD
Y2maEGMYu0VOV+M6JhBr3Uzu/ZyfoF/YhY3UhOjkXocTjauyrnNGk3vmSi8KRJoD
5li3g4YkiyjUr/wSgKtiUiS7IWmASTcYZC4Rkd/hcCKoI4fMsNM=
=UV5F
-END PGP SIGNATURE-

Accepted libbusiness-tax-vat-validation-perl 1.12-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 21:33:27 +0100
Source: libbusiness-tax-vat-validation-perl
Architecture: source
Version: 1.12-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group 
Changed-By: gregor herrmann 
Changes:
 libbusiness-tax-vat-validation-perl (1.12-1) unstable; urgency=medium
 .
   [ Damyan Ivanov ]
   * declare conformance with Policy 4.1.3 (no changes needed)
 .
   [ Salvatore Bonaccorso ]
   * Update Vcs-* headers for switch to salsa.debian.org
 .
   [ Xavier Guimard ]
   * Email change: Xavier Guimard -> y...@debian.org
 .
   [ gregor herrmann ]
   * debian/watch: use uscan version 4.
   * Import upstream version 1.12.
   * Update years of packaging copyright.
   * Declare compliance with Debian Policy 4.5.0.
   * Set Rules-Requires-Root: no.
   * Annotate test-only build dependencies with .
   * Bump debhelper-compat to 12.
   * Set upstream metadata fields: Bug-Submit, Repository, Repository-
 Browse.
   * Remove obsolete fields Contact, Name from debian/upstream/metadata.
Checksums-Sha1:
 2bb411e8fd4c0c3c69da06913f0a7a209824b923 2781 
libbusiness-tax-vat-validation-perl_1.12-1.dsc
 cdb149576cdf38c227578ecfcddee1557ea4c151 24732 
libbusiness-tax-vat-validation-perl_1.12.orig.tar.gz
 86fd21e9d8e6968f092151297c4f8ee1307bacc2 2852 
libbusiness-tax-vat-validation-perl_1.12-1.debian.tar.xz
Checksums-Sha256:
 22824e38d446137b78af1a3e98249a75439d49ec0934a54da1a22c83fcb1671f 2781 
libbusiness-tax-vat-validation-perl_1.12-1.dsc
 5ee43c280c33c155da6ef1f9d218063e9e3e9526fe92114bac6913bf88b003d4 24732 
libbusiness-tax-vat-validation-perl_1.12.orig.tar.gz
 eb957618453d3e97e36d44db450c457ae519d14b9d66ebb574221b8772735eb6 2852 
libbusiness-tax-vat-validation-perl_1.12-1.debian.tar.xz
Files:
 3e765d7267209b9b38e53a6c27ad1c80 2781 perl optional 
libbusiness-tax-vat-validation-perl_1.12-1.dsc
 9af793628dab20b1d19b37e8f7da55cd 24732 perl optional 
libbusiness-tax-vat-validation-perl_1.12.orig.tar.gz
 dba7c237f53406369801e26242343c65 2852 perl optional 
libbusiness-tax-vat-validation-perl_1.12-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAl56bzRfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx
RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ
qgZ2tg/+P103ucDM3mKAoFz2MXEVDBPWTIyQN6J2V3H62EghacvfPknQ4INK/0r3
ozBiCf8iR+5vskIVbntSVPngLO0AfZ/spmeew2c4ayEzlNvjayDA8KzVlB0ciee5
LxkA9lvygk3YdAFcq4w2KSz5mSRC/i/bVSEx2kzazsIBu127S5FU0U8OEGzpR3PL
zp/xfnOm8ZBc/aOyK7ehE2b7K0/F2s8nM4ZoSHEcCeFfc8YIKqoMXw8uiUUT2Pwc
sSK1QfChaqc/ioVFW9cujmk7cHQs0038HSYlmSGiPS9x+ENDMABwEaLiTYfz+aqK
jS6zecTsk1X9TP4fZXMIOrd4mz73ANq+dtZOUZCz9Jgu1/ZkvJiVOCjTK6reFI99
hDFUq1+iOXxXxu+y3TaQVIqY05LNNbZiFUBLT2QlP/dQGhiX0pwB+SAN8AyXNyUR
bTahxKl4lcH4MH9Da7zgCyju6Q2A0XAxD17B+1BvHzjJXT7tW1OaqAAqyFNoWXtS
JKfvXAOqPNOBR968FyYryl5W4w/FOa2Yozh2L54MAcumpszieidbFY9nekruzzkx
sl5QSBGGOISZls/Ez80DJM6SzVuVm7+3XtbqpEZwbAEag8D7NiSpcAYnxvSYLOqy
Arzd+P9hCtl9H6Ptn4sKy3NCOt8qvX39wYpeXZCuFsR2ijB8Yp8=
=RQRF
-END PGP SIGNATURE-

Re: email backend for fedmsg

2020-03-24 Thread Paul Gevers 
Hi Clime,

On 24-03-2020 21:51, clime wrote:
> So do you have the opposite? I do some clicking action somewhere and
> it will send an email to a certain mailing list to inform human
> beings? Or let's not just clicking but e.g. `git push` (something that
> you can still do from command line).
> 
> Do you have: I do some clicking action somewhere and it will send an
> email to a certain mailing list where the email is afterward parsed by
> another service which will do an action (e.g. launch a build) based on
> it?

git push to most salsa based repos with "Closes: #" in the commit
message will trigger a message to the bts which update the bug meta data
to mark the bug as pending and informs the submitter of that bug that
the bug is about to be fixed.

Paul



signature.asc
Description: OpenPGP digital signature

Re: email backend for fedmsg

2020-03-24 Thread clime 
On Tue, 24 Mar 2020 at 20:40, Nicolas Dandrimont  wrote:
>
> Hi!
>
> On Sun, Mar 22, 2020, at 13:06, clime wrote:
> > Hello!
> >
> > Ad. https://lists.debian.org/debian-devel/2016/07/msg00377.html -
> > fedmsg usage in Debian.
> >
> > There is a note: "it seems that people actually like parsing emails"
>
> This was just a way to say that fedmsg never got much of a user base in the 
> services that run on Debian infra, and that even the new services introduced 
> at the time kept parsing emails.

Hello Nicolas!

Do you remember some such service and how it used email parsing specifically?

I am still a bit unclear how email parsing is used in Debian
infrastructure, don't get me wrong, I find it elegant but from what I
have found (e.g. reportbug), in the beginning there is an
email being sent by some human which will then trigger some automatic
action (e.g. putting the bug into db). So it's like you could do all
your work simply by sending emails (some of them machine-parsable).

So do you have the opposite? I do some clicking action somewhere and
it will send an email to a certain mailing list to inform human
beings? Or let's not just clicking but e.g. `git push` (something that
you can still do from command line).

Do you have: I do some clicking action somewhere and it will send an
email to a certain mailing list where the email is afterward parsed by
another service which will do an action (e.g. launch a build) based on
it?

Thanks
clime

>
> > [...]
> >
> > So fedmsg would become a tiny wrapper over email that would just
> > serialize and parse json data to and from email messages and check
> > signatures.
>
> The only native fedmsg producer in Debian was mentors.debian.net. Other 
> events were generated by various email parsers connected to mailing lists 
> (debian-devel-announce, debian-bugs-announce).
>
> > I am asking because I like the idea of distribution-independent
> > infrastructure message bus that this project had.
>
> Yes, it was a nice idea.
>
> > [...]
>
> Cheers,
> --
> Nicolas Dandrimont

Accepted gcc-9 9.3.0-8 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 23 Mar 2020 18:41:59 +0100
Source: gcc-9
Architecture: source
Version: 9.3.0-8
Distribution: unstable
Urgency: medium
Maintainer: Debian GCC Maintainers 
Changed-By: Matthias Klose 
Closes: 954750
Changes:
 gcc-9 (9.3.0-8) unstable; urgency=medium
 .
   * Update to git 20200324 from the gcc-9 branch.
 - Fix PR tree-optimization/94125, PR target/90763 (PPC).
   * libgcc-N-dev: Include sanitizer headers again. Closes: #954750.
   * gm2: Define lang_register_spec_functions for jit. Addresses: #954438.
   * Generate dependencies on libgcc-sN if not building the common packages.
Checksums-Sha1:
 6ce74a2bb6216d0187e654fc1bf94fb2cd1318d1 22427 gcc-9_9.3.0-8.dsc
 13f6cf28f51175b786efc7798240f118b9eca053 584896 gcc-9_9.3.0-8.debian.tar.xz
 4213983c8b2180ae004808bb35308d60803d4b97 10146 gcc-9_9.3.0-8_source.buildinfo
Checksums-Sha256:
 34e2aefd2df0862cfb5ba2872eefca24867107a4b14f042c07da2eced1b679b5 22427 
gcc-9_9.3.0-8.dsc
 69dc0f53f2f67f2a773a7a36520bdbb2decd5ad94ed9af55317e15723b4c2c13 584896 
gcc-9_9.3.0-8.debian.tar.xz
 c0668ceed98ab4968c2a28d22cb1c5991cbe3b22bc5f9ade161f81c497c6e251 10146 
gcc-9_9.3.0-8_source.buildinfo
Files:
 85f697e4bf88fe1123107bab74ecc5af 22427 devel optional gcc-9_9.3.0-8.dsc
 46bdd8c8a4fb311c369fc70baa23395e 584896 devel optional 
gcc-9_9.3.0-8.debian.tar.xz
 8abe7bfa72bb87da5b1e140f5bd15cda 10146 devel optional 
gcc-9_9.3.0-8_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAl56ZEQQHGRva29AZGVi
aWFuLm9yZwAKCRC9fqpgd4+m9ZhMEADLErA/FbXr+ZU9r3fPervAoIb53ychn22W
oVm6xaiCrJYVI5mMYEYuSl1Gqs65uGh6ZYnnyrN9/SFYtKcVJ5mI6PaXKzgvDBDv
FRKDirARG99NTgHQukxfp/ZaZhqMv0KF3nmFPAjDsS27QsRinw0hR3dMMpeS1IrI
3ufqzMKsl2YCiuU3oLUeHIBvca+Y+bgPfUAjfqgzYQlcf+eb2sjJGVr8/UG+C5qu
XhV6ezcE+g/LzfpMdH2ur1sR5ohwaP0J9PVrcrt6zkZlMO/uy07t7K7+CfKPXs5f
iU+d+Wr+bhZsWNctA/LFS/FiNzICRS49PwfNLsbUIdHajM2GHd5G7Y2pas2qsQCc
o32SS2eXRxxlxdzPHYpi+hzPzmf09mqJIllzEuTXa03arlzKVrkjNNHqvW30eyFn
0CS/efODE4oC7+HpRevl5rY4FNC/POxu3zWxbt5Z1/zd8Dmcf4vwlqDLYgU/6cog
hcnfJZWETSLWafUuErTFkaD8dU4hd6rS0NniG/cS4EvweESIcx/miOQC9Zje6J5m
68brvb0srpUbMurMVTNhYJLoNCG+I9SSHRzStW+XPxNdZNN/vhuZp5KRJ+4fP/+n
WJ3oAmjNWCT1akpYhmuu/FUi/89cSmaMnuOPusnPD09WpMv6f8jmtheTHL7oDU7u
DPkM0tTW2g==
=/hIh
-END PGP SIGNATURE-

Accepted golang-github-influxdata-influxql 1.1.0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 21 Mar 2020 15:51:23 +0530
Source: golang-github-influxdata-influxql
Architecture: source
Version: 1.1.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 

Changed-By: Nilesh Patra 
Closes: 940369
Changes:
 golang-github-influxdata-influxql (1.1.0-1) unstable; urgency=medium
 .
   [ Nilesh Patra ]
   * New upstream version 1.1.0
   * Drop compat, switch to debhelper-compat version 12
   * Add upstream/metadata
   * Add myself to uploaders (Closes: #940369)
 + Remove Alexandre from uploaders
 + Thank you Alexandre for your work so far
   * Bump standards version to 4.5.0
   * Fix copyright
   * Fix control with cme
 .
   [ Utkarsh Gupta ]
   * Remove needless Files-Excluded section from d/copyright
Checksums-Sha1:
 e07e8de72f1e660a0db795410783ef5743e6f9f9 2341 
golang-github-influxdata-influxql_1.1.0-1.dsc
 39b3bc4a1320b8436f45f399d447a087f6e87732 95012 
golang-github-influxdata-influxql_1.1.0.orig.tar.gz
 21446d9a6d2b4617eb37c9abfc11c93209bbd34b 3040 
golang-github-influxdata-influxql_1.1.0-1.debian.tar.xz
 ed8ab24ece4f9407debbc0be586f893feabb9af3 6162 
golang-github-influxdata-influxql_1.1.0-1_amd64.buildinfo
Checksums-Sha256:
 616fd9bd0ff4e332306a3f3d5a9d65ae0b87fc97f0574f4c4850282f3a2d11cb 2341 
golang-github-influxdata-influxql_1.1.0-1.dsc
 400cab3a640af99fc658d39be4d862b51973dd0d9f0ca274474c91c45b14e1a2 95012 
golang-github-influxdata-influxql_1.1.0.orig.tar.gz
 9ffdcf2dbdd14a76667f18cdd3971f09224b6674007b388d96b3d7175aa32bf6 3040 
golang-github-influxdata-influxql_1.1.0-1.debian.tar.xz
 03a4d168be5a5c52d8420d1a14cfacfcab3d9414ab41ca98b1aa99ded9f674a7 6162 
golang-github-influxdata-influxql_1.1.0-1_amd64.buildinfo
Files:
 abb06c7b9aff517219bb5c8a98c63998 2341 devel optional 
golang-github-influxdata-influxql_1.1.0-1.dsc
 986d50d6d934d1cf60864923ee54a3a8 95012 devel optional 
golang-github-influxdata-influxql_1.1.0.orig.tar.gz
 043e20b6d65ca78197a9feabc6e469d3 3040 devel optional 
golang-github-influxdata-influxql_1.1.0-1.debian.tar.xz
 280c81c2e3734e6569beefc9aa4b4b83 6162 devel optional 
golang-github-influxdata-influxql_1.1.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl56aOoACgkQgj6WdgbD
S5bRXBAAk0PcSfnTWn8KG7CvtRgas5L1SjzeB/3Vjrf3mIKFXlaNxcVj31bQqlWi
PNrYTyNhnMPha7TMJCtkKejqJpaMuG4AboNiZneKRGfPA55pE/ySSL6jsyXjyQuH
GQULkkynHRRz+WELQOAEup92NzMKhKKLP29xuP7HzUN4raUiSzQSvO5E5OZSXJoG
1rzgSEC8jBWHj8t4eFILOsWKMiaORaMRJXrc0ORSeQYriWux5aHit6Xs75E9LTqY
Ts+I9ApTPNwzLcmfcf08dpfx4G2NZJ05GixmqnRXyScMx2WTtoXeAMM3hergwx25
icZ0WzUEwH4kVJt8AvPDBqK8p0LsQY2C4ttGvJQo+0W3iNKJ3cDlZojhvLFScoYe
vcvCgw69P+v2YVoJKnN1wAls4FOltdidv0ocBWE7XX+i65sStXYhr9ZXo3aUTnDu
XXf2lX3fNIufTgS8TTMuJ86q+gpHzBt3kzgcPLst8GBVfFz8Z6i0mV4EflK4pGBN
wLZYGHG+kZh5/LEgy52vtwEug6sKHlNdmURpuIGnVYa7vxOjjerTrvSYDqNcA8c5
5xs2IOvV/lN/Rs0aiMbe0+zNA8o9oQcT9dVQN7p+0DrAoGGsMh/G4tRi1ztmT/xC
ldkpuHxuJdvu6D4LFsXOQGKV8snWHVshj3XJYTQRbG0rxP0SGPE=
=up7a
-END PGP SIGNATURE-

Accepted gnome-disk-utility 3.36.1-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 20:52:12 +0100
Source: gnome-disk-utility
Binary: gnome-disk-utility
Architecture: source
Version: 3.36.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers 

Changed-By: Sebastien Bacher 
Description:
 gnome-disk-utility - manage and configure disk drives and media
Changes:
 gnome-disk-utility (3.36.1-1) unstable; urgency=medium
 .
   * New upstream release
Checksums-Sha1:
 c235d50a48ec0ea2be515f2bc89b8f5a606f6b08 2489 gnome-disk-utility_3.36.1-1.dsc
 7e4a4bfc7f48abca5beb653e90e8ca8f3cd7e72b 1370848 
gnome-disk-utility_3.36.1.orig.tar.xz
 c009fc070cca9e08b0722aa52640d7f34dbcc192 14172 
gnome-disk-utility_3.36.1-1.debian.tar.xz
Checksums-Sha256:
 98bf1bb3849b4adde9e7718bf2349f569fd20f7cec225fec104e00b3cab4af60 2489 
gnome-disk-utility_3.36.1-1.dsc
 791b18f231bcbc6d941af3837ca5be14f2157e5ce3d32bdc5b9eb8947e12b414 1370848 
gnome-disk-utility_3.36.1.orig.tar.xz
 402b99b939db598c58f712700d9a68966c8c01d1c8e9ef0a94337900dd1b100b 14172 
gnome-disk-utility_3.36.1-1.debian.tar.xz
Files:
 88451c207e744d300fe201b6562bc349 2489 admin optional 
gnome-disk-utility_3.36.1-1.dsc
 0c35cb9758f2471c6941a0ec833972c4 1370848 admin optional 
gnome-disk-utility_3.36.1.orig.tar.xz
 9ac0465f113e11926befe2459cbca0d3 14172 admin optional 
gnome-disk-utility_3.36.1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJeemV1AAoJED69RJA+2wSWKJ8QAIiGRkZCHTxk0IR58qRYmH7b
ZRYtSYK0EvUUFIfnxUPKdFS15DgIDlamAPbmB23FYNaG/9NnIuksMnO5X0klYuR4
47Trfl/mbtdOIf3ThYMwWCA/hU888k+DjRSqXw0zOSvuDTOicckxuv3eA2wSb1aP
OOcKsQHp2A8WrJnaIeiZB7fMoSwlwHYA5OFQp9xDj+rbZZFlFi8tQIMcl1+zME4/
2epSAZk9s+loAe+8gK3QmSYdSOTb+I3VUPAxJ6ycc4VO2xTV52jLJKj90xI+3vCL
yj6lJHWUT+GADHS6h36fPd+wuy5C+5ocflz6IPJY9LkJAohUFaZa3CaVcOtpDUYl
NOoiLy9S8crGcOm2m66h7Tol6EUJakfkW9rQrmhkkwPgKSkgmdVXelj+SeXlFh/c
8jqyeegb78WnpRhjxFlI+pILGAzZZhS36Uhwbw4RRJQXOW8zC3YqHLEwplH5RUA9
VC0X0jIz4TyUNFnp9AtZNPIvhOf/n8bYUFsBHQJ/CxOY24qYE4mKMzQo4WLaZueK
m+eXaJn0Xdj3qptuEiXL1ybwPcCJ6G5iSFFP0K5CqYOirozHBw5yuuSV5IBQJ89c
sc7v2yI0qdYo6r37U+DQDhfLsNSsOc7rH0thd0Vr6YKina3vsKt0JQRNvWImLXA2
owVfrWzoeMyuATGWvCpj
=7Mos
-END PGP SIGNATURE-

Accepted golang-github-glycerine-go-unsnap-stream 0.0~git20190901.81cf024-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 21 Mar 2020 15:15:00 +0530
Source: golang-github-glycerine-go-unsnap-stream
Architecture: source
Version: 0.0~git20190901.81cf024-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 

Changed-By: Nilesh Patra 
Closes: 940359
Changes:
 golang-github-glycerine-go-unsnap-stream (0.0~git20190901.81cf024-1) unstable; 
urgency=medium
 .
   [ Nilesh Patra ]
   * New upstream version 0.0~git20190901.81cf024
   * Drop compat, switch to debhelper-compat version 12
   * Add upstream/metadata
   * Add "Rules-Requires-Root:no"
   * Bump standards version to 4.5.0
   * Add myself to uploaders (Closes: #940359)
 + Remove Alexandre from uploaders
 + Thank you Alexandre for your work so far
   * Fix copyright
 .
   [ Utkarsh Gupta ]
   * Remove needless Files-Excluded section from d/copyright
Checksums-Sha1:
 607894ecad4f3254a6af1596aafdacc308021a44 2547 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1.dsc
 06c6b8ca129834db9f59be23cb2b928758e8c1df 18032 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024.orig.tar.xz
 45c7e48dc5ba1f61ce855c843b0a22d533ff652d 2988 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1.debian.tar.xz
 f323e8f2e6ffece798423e19a710a8743b0bd861 6209 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1_amd64.buildinfo
Checksums-Sha256:
 4b627ea567b571958b45389c799a0c374871ac49cc1f71557c1ee9acc37bbc9f 2547 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1.dsc
 506ccf745937d954f2d57fa97f39efcedc60bf9ee2a3517c46ef35b80731ff1e 18032 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024.orig.tar.xz
 62b38e40a14b4a32d458ed29da7c696c4224fc9aee925941f02de7db877328f2 2988 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1.debian.tar.xz
 a8fd9080720739d11e0dd023e1b14a7e2c5f7d493f93df0b288dd0ec89259a36 6209 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1_amd64.buildinfo
Files:
 00515a2b674a9666d6ad59bb49c2f344 2547 devel optional 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1.dsc
 f210d3b73e5ab3f9f611fcd0d5310bb3 18032 devel optional 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024.orig.tar.xz
 e5699e85d5823f67f32541204654daae 2988 devel optional 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1.debian.tar.xz
 19d70ccee64f5e1370a5793fc145fdf1 6209 devel optional 
golang-github-glycerine-go-unsnap-stream_0.0~git20190901.81cf024-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl56ahUACgkQgj6WdgbD
S5anhA//e0zERzl6bzSZI/UyqveyiSewS9IqR9vOvIryc7q9ZMM7fGkdW8xVY48l
J1lz7Kox3wofP2ceUzcUdPbxkZehyK+ZqoYf/TOpaUg8lZh+iGWk0nWeG1iOB54i
4BxCUvTH+Sv2y2S8Opzqk4D/EpgwOfoPGJ4dKjL8GMWhm0dWU0Jx9n5lJBrXwiVh
hWzwau7ULHtZuzhLuUXOiQb6w/Wawtqp9/098sWACkoaAy0Q6oQjOB50nojKQm92
ycktCJi2FdeD/P7sADs+kg8swKrn20JI0j/xtVrSoktGhbMUblSHq5M64oX9RYtt
5QvXOOY4DG6miTzNYvlHD8GCIvW0paenbSt6Pg3yThnw4xWjLME5o4Gym9xzLjvd
7yvrUdwMNVQnET6Sk5JEN3Q2eSCCflwlR7Zk6eSXLMdqqQAVo+yxhzeouLQdCK5C
XySJvuFbX51s3RBMH/dN+91osQye+yLmS8PbJ4svzLvVq3jnXF1jIFhLgxQhpuTm
nPFWTJZIPwLz7apPPD7mtxLYn1lgw2DVyffZg7zBq21x5L8QStN0xKL3MuuATxTy
ugmOxfMx96C3l+sk5dLblfqPOBrYbirwvMyKy1pdPi+nT6fYetnoZuQgs6n1UFxX
HDNkkEXMvJlSQf6W6uOmhlWF8rowDNha5V8LoIDODNFciM5Lkb4=
=nIkM
-END PGP SIGNATURE-

Accepted deja-dup 40.6-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 21:19:59 +0100
Source: deja-dup
Binary: deja-dup
Architecture: source
Version: 40.6-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers 

Changed-By: Sebastien Bacher 
Description:
 deja-dup   - Backup utility
Changes:
 deja-dup (40.6-1) unstable; urgency=medium
 .
   * New upstream release
Checksums-Sha1:
 f8723f2f64cdc80876ccb576c55042d3b206689d 2348 deja-dup_40.6-1.dsc
 cabe024029a3194889874191934e4ad7044e4d9f 2325677 deja-dup_40.6.orig.tar.gz
 412f0f723bb15c27be936fe8da335d559a33aa97 8040 deja-dup_40.6-1.debian.tar.xz
Checksums-Sha256:
 f324086f2314dfbf4ea83444b53af82c18a21b0c9cee5b4b83a9f86e191cbdca 2348 
deja-dup_40.6-1.dsc
 989a130a592c2b68745e867d4be458ba0d1cb4eb48740cc793db47da2d30cafc 2325677 
deja-dup_40.6.orig.tar.gz
 21dc91f7c31a5d8542c3c53a37b7ecc314963b5576f26c0534bff167d2b12d55 8040 
deja-dup_40.6-1.debian.tar.xz
Files:
 c2b39f758d1a88ee8068c5247bec25c6 2348 utils optional deja-dup_40.6-1.dsc
 d7618a9623293b61530e54c82d4923bc 2325677 utils optional 
deja-dup_40.6.orig.tar.gz
 f70a5f2237f0a533586dd4551e47aa47 8040 utils optional 
deja-dup_40.6-1.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJeemwRAAoJED69RJA+2wSWKZgP/RGzpDDLSfaEFbn6CkZXhc2M
KGw30yL1+EPfwntIzkgeEDSoZA6P7bdvJDK68vFOxau2PSX/WjrpgMqL9T3u8U8P
WIPwNDZimXgqQmZx/EVZYc7rOM00XOuEaOaSLHsj+b5UxywpMrMHXd37VUQNpC/i
sxbRoYawJJutFJjtVGpheBcXf4CCm5gSwoJjGfAz3YqtMekOVN/jK5x161ryNf7C
24tAyTVTunSs/wzgXartfv4D5ty1A2hAxIBwcvKPx4kxdvsjBnhjk354ATkxgRsV
I+qng9dNeTlFKUYQa4XpOk+jRQoACdbuzg6SwSWJA7GIsrdvZxmKWhmY6kZQPq9W
UFPeGIpF6LGdfaSSlIzIJkujduya8Cp77hmSXVmN/IebpvGObajqOfwNZMxBoAWf
q5UuEO9VLri1YthfPdfzpnZ/q7icloLTfwD+I/pD/elWZB8Fh8dGukLxoZWtiP9A
SCaSWlaEEqmE19yzS3OU/NsO9qrwq+Z3sJsqogIMjD4U3tvy6Win3LKM1qg/SrCI
YhzJ7/HPGJFclALNQ40H+a7kD4Nl9WGhfznF5HGwsDUv1KI2AhpFlA8+f2mDIR2Q
A4+Oi0V0eQKxqCizkT4o+nNWButre+7NdhfxYts9dQ6z0BBBIrUuPKsEE3Od5PdH
6/+JKfBTqvQG169gpPSm
=BFJv
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Jeremy Stanley 
On 2020-03-24 19:08:23 + (+), Janos LENART wrote:
> I know Dimitry was fighting an uphill battle with kubernetes
> between 2016 and 2018 and he experienced first hand the problems
> posed by vendored code.
> 
> We see more and more software making excessive use of vendored
> code. Pretty much everything that is written in Go. Some of these
> are crucially important, like Docker or Kubernetes. So I
> understand the concern everyone has about how this fits with the
> Debian Policy.
[snip rationale for packaging Kubernetes while giving up on policy]

If this represents the actual state of building Kubernetes, it's
unclear to me why Debian would package it at all. I don't see the
value to users in consuming Kubernetes from a Debian package if the
result is compromising on Debian's vision and values so that they
can get the exact same thing they'd have if they just used the
Kubernetes community's recommended tooling to install it instead.
I'm all for using the best tool for the job, and while I've been a
die-hard Debian user for more than two decades I also don't install
every last bit of software from its packages. Some software
ecosystems have chosen to focus on tools and workflows which are
incompatible with Debian's, but that doesn't mean that either one is
inherently bad nor that they need to be integrated at all costs.
-- 
Jeremy Stanley


signature.asc
Description: PGP signature

Re: email backend for fedmsg

2020-03-24 Thread Nicolas Dandrimont 
Hi!

On Sun, Mar 22, 2020, at 13:06, clime wrote:
> Hello!
> 
> Ad. https://lists.debian.org/debian-devel/2016/07/msg00377.html -
> fedmsg usage in Debian.
> 
> There is a note: "it seems that people actually like parsing emails"

This was just a way to say that fedmsg never got much of a user base in the 
services that run on Debian infra, and that even the new services introduced at 
the time kept parsing emails.

> [...]
>
> So fedmsg would become a tiny wrapper over email that would just
> serialize and parse json data to and from email messages and check
> signatures.

The only native fedmsg producer in Debian was mentors.debian.net. Other events 
were generated by various email parsers connected to mailing lists 
(debian-devel-announce, debian-bugs-announce).

> I am asking because I like the idea of distribution-independent
> infrastructure message bus that this project had.

Yes, it was a nice idea.

> [...]

Cheers,
-- 
Nicolas Dandrimont

Accepted pocketsphinx 0.8+5prealpha+1-11 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 20:07:04 +0100
Source: pocketsphinx
Binary: gstreamer1.0-pocketsphinx gstreamer1.0-pocketsphinx-dbgsym 
libpocketsphinx-dev libpocketsphinx3 libpocketsphinx3-dbgsym pocketsphinx 
pocketsphinx-dbgsym pocketsphinx-en-us pocketsphinx-testdata swig-pocketsphinx
Architecture: source
Version: 0.8+5prealpha+1-11
Distribution: unstable
Urgency: medium
Maintainer: Debian Accessibility Team 
Changed-By: Samuel Thibault 
Description:
 gstreamer1.0-pocketsphinx - Speech recognition tool - GStreamer plugin
 libpocketsphinx-dev - Speech recognition tool - front-end library development 
files
 libpocketsphinx3 - Speech recognition tool - front-end library
 pocketsphinx - Speech recognition tool
 pocketsphinx-en-us - Speech recognition tool - US English language model
 pocketsphinx-testdata - Speech recognition tool - test data for pocketsphinx
 swig-pocketsphinx - Speech recognition tool - pocketsphinx swig helpers
Changes:
 pocketsphinx (0.8+5prealpha+1-11) unstable; urgency=medium
 .
   * debian/tests/tests: Drop python support in autopkgtest too.
Checksums-Sha1:
 5f4fe169f5356d4baa30214ab94e058ff4db5021 2703 
pocketsphinx_0.8+5prealpha+1-11.dsc
 932725262e2a17e766d1a5cfd7afb490ea8c5d10 7312 
pocketsphinx_0.8+5prealpha+1-11.debian.tar.xz
Checksums-Sha256:
 5491a285b89ed122b322d67c7fb127b18d4e2585381145bb8e422801478345ab 2703 
pocketsphinx_0.8+5prealpha+1-11.dsc
 4c5d50270e9220cae67bcabc5fa8210c26eb62238c20b2a773ef1b57c23dafc8 7312 
pocketsphinx_0.8+5prealpha+1-11.debian.tar.xz
Files:
 8ee7f211b1b777cdfd2f3e894a30e706 2703 sound optional 
pocketsphinx_0.8+5prealpha+1-11.dsc
 81081e6e7c2e3230d0ea44602bc9d39e 7312 sound optional 
pocketsphinx_0.8+5prealpha+1-11.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEXtnoVvfWxur1EWehjTXDVXILuv0FAl56WwUACgkQjTXDVXIL
uv3dSw/+JTL4jhHOpesRW/jGA7yvicwzDsOdazSw3Z6Xk13YOPoklrDQyC15naUk
LvV97CqA7DflxTdrNAzOktqm1dEqqlDXkkONVtbcQbmIExsCmShJrV+yavC7DcIO
8vLLP9Yj1wDuASSEo4Vsjj/o9YynpX5OgDLXAmiZG14f0tVHpPpJc3TKJgipCMMS
xY564Og6k2YV+AgHvWWDLVQqgLm0VIkJkxgXtxvz4E6v5rxwEvKhXj6oyB/O0hhb
gZxqVdZ5KMg/iSjjaU0ugZAe8+bo9IRf7tOnxSTz8Q21WUwabZ4nkjIlfeVAc0xI
aT6zzQSt+LkdLQ6U5k2grbMsERVGbXHN2bbznks0RBK2VA5DAKYOUqDZdSytDLm3
PdIdonfuEDoFFytH33LqDDjN8COWwWFBD11ZY2o/fK6vWtLVr82VQBC108TfmSfM
5JxApTnvm5Qk0euuGjODgLBOR5KW+v+UywOFSc08ug6uO+86+4ZEphMEzcBkeBaZ
lxFKk6O+jvTSf8ncgkPUy0741ysfkv1YQ9Af4zDDdAwe3uHYFsYWaegKFuGFvbh/
indGXWq22yfXmwPeW73VG4sS8oNOpA+3UnyLzNW2b39grRvZkFs5oDrLcKMCTgcu
4AV6kgbkj0MutbA6h6z3H3q7svAQ/A68fnkOMZYMqPfgTw2ehDI=
=o/dy
-END PGP SIGNATURE-

Accepted golang-github-jackpal-gateway 1.0.4-5 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 21 Mar 2020 16:09:35 +0530
Source: golang-github-jackpal-gateway
Architecture: source
Version: 1.0.4-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 

Changed-By: Nilesh Patra 
Closes: 940374
Changes:
 golang-github-jackpal-gateway (1.0.4-5) unstable; urgency=medium
 .
   [ Michael Stapelberg ]
   * update debian/gitlab-ci.yml (using salsa.debian.org/go-team/ci/cmd/ci)
 .
   [ Nilesh Patra ]
   * Drop compat, switch to debhelper-compat
   * Add upstream/metadata
   * Use https
   * Bump standards version to 4.5.0
   * Add myself to uploaders (Closes: #940374)
 - Remove Alexandre from Uploaders field.
   - Thank you, Alexandre, for your work so far.
   * Fix control with cme
Checksums-Sha1:
 a3fea77d2084227f49aebb1da325d8f8736efc56 2273 
golang-github-jackpal-gateway_1.0.4-5.dsc
 155a32cef0f5bd04838f87ecfb0a2220d1972d50 3084 
golang-github-jackpal-gateway_1.0.4-5.debian.tar.xz
 badf8c7e37032c83a347a1cfd1d097089cacca4e 5977 
golang-github-jackpal-gateway_1.0.4-5_amd64.buildinfo
Checksums-Sha256:
 d8c79766c12e90c8166416b97d5618e0df3ef59c190d208240b3202a03a58364 2273 
golang-github-jackpal-gateway_1.0.4-5.dsc
 aecf0babe724bce5c61e175a3c6fde137bdfd31964e89a56990efa52ec14eac0 3084 
golang-github-jackpal-gateway_1.0.4-5.debian.tar.xz
 f99d05b90a7e1d479e671c6fa1bbe2e57c307670ff884acfb9396f87ebe7c5b3 5977 
golang-github-jackpal-gateway_1.0.4-5_amd64.buildinfo
Files:
 d17a4f5e999b9998fe81ebdeb2da46a0 2273 devel optional 
golang-github-jackpal-gateway_1.0.4-5.dsc
 d6bb439182c87daf16fa3e089345e11c 3084 devel optional 
golang-github-jackpal-gateway_1.0.4-5.debian.tar.xz
 c49200650e70c11963e89ef9c1fddf59 5977 devel optional 
golang-github-jackpal-gateway_1.0.4-5_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl56W6MACgkQgj6WdgbD
S5b0hg/8DhcRHXqjZVSlxQYN6O42l41lFUSZJuAVCyAm5Cb4i8WgY2vcwNtXpHRq
YTtkD3KBYz+CzzEtatCBIm2hy2mtEug+F311sX6I2TyC5MkNdCGMsDHj3zjM5P35
ZCULc+WF++AZ9SN3ulieqV3Yb0Vpbja1NB6Nq87cCS1rMWIeOSKEVdfYis9S+qA3
A3hl6j7bUfB7oBRlUwQ4AccyStTDeEgIMy/0pBcwDNynT8tLn4Aj6+oMtyw4MHDx
Z9ljuoCJduUKBhJge0TnK+cg4QuU6Q16c56D9ZbT9o4iMbntELssm296S+ZWlRw2
cISL6MHJ8fOkQRsbqmJdP3sw5zT+3YdvUDMiCwUPeP3M81rYAYvIV8LsFJOL/q5M
rO3op56XHxWM6Y3gFgVhVtb3laz+wwmjbmIOxeDfi0MqqeaM2ohmv5prMit4wBfk
0X8CHUUeV/Nn5EMAQWpbBoCOU9I0dpdqjOZ0apPLqiR2YaJpzxDV856w7pIfbbf0
VZL9SUTO/Gnqt3X3lTsrz3Dynu5UKDEFPg3auZlsHDES4N5UzjiUdyLBGSINW6yQ
dWyt+bUiPjA+4TvbUjRzCYcDNkFup6kBVKHY1VYS6i6sYDp6uv1yAQpurtJOzauv
4JEcOIpTLhM2ToueoMDnc5IVS82uu3izJ1D+zEyr2EfN9dYTiWo=
=Rmq0
-END PGP SIGNATURE-

Accepted gcc-10-cross-ports 4 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 19:58:45 +0100
Source: gcc-10-cross-ports
Architecture: source
Version: 4
Distribution: unstable
Urgency: medium
Maintainer: Debian GCC Maintainers 
Changed-By: Matthias Klose 
Changes:
 gcc-10-cross-ports (4) unstable; urgency=medium
 .
   * Build using gcc 10-20200324-1.
Checksums-Sha1:
 f39a5cc367463483bb5b153b32aac1c5d7a22294 35150 gcc-10-cross-ports_4.dsc
 7359097516b689db2071392e9a4eca24e4e56ab3 42236 gcc-10-cross-ports_4.tar.xz
 c3d1dd06f94fabe91bf18b8d2ffaecf3ca99b3c7 17022 
gcc-10-cross-ports_4_source.buildinfo
Checksums-Sha256:
 5489f1223fd8e858be4a920b45765a485d8b0aa5dd01300a3d935f7066dfd1ea 35150 
gcc-10-cross-ports_4.dsc
 f148f1949f30d116d4eb3f0f44b32f835eea29d9339918acdf7affba6dfcd485 42236 
gcc-10-cross-ports_4.tar.xz
 f32d5b78375925b31641b68c2dbd128d92fffc89190ce6d406c8ccfeb9c15eaf 17022 
gcc-10-cross-ports_4_source.buildinfo
Files:
 ffcc95d582f4f9d5293c001b7fc8cf7b 35150 devel optional gcc-10-cross-ports_4.dsc
 f3c329e9e7eb45cefc93a276965697b8 42236 devel optional 
gcc-10-cross-ports_4.tar.xz
 86781d3a5ffaaef6aafdc69f29a7c6d5 17022 devel optional 
gcc-10-cross-ports_4_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAl56W8oQHGRva29AZGVi
aWFuLm9yZwAKCRC9fqpgd4+m9Y+1D/9s8Bu+UNUg4ElQEzwDckOFhiWzA/JVaLS2
SjG2GOayNIcO7bNZn8B5a7qN2O1sWURTWrJ5S2Q4uHimwSK+1Zy4UW9OD488GZpC
avPf020kTq+B2/TklDWpy38wvOeLms9dmkbXGrhsyi21Q+3VItajZUOq/5G0E+L8
M3WAWFr9zqoBG6kdD5/c1MRI7N+/9Jhv20CYGqLw0ol0FkrNDq7jrq+Qs1WSj8TZ
BNHHAd0NlIJ76XdD+k3C++M1j0x8cJsvO2mKIVd6IIIbS7Sn3cNCqxYwhL3Yqs4P
D6lWOUv3yiMqhc/vC0u8r3bEQHpcBqN4OHnP97GOzI+Ks3SQjc9bGkR+U0p4RPHn
HOrHOdqaX4VQm0CvVC2LXHxKNCROzHQo1K2BGuzvAm3q27wURHNQSv1LeClz+8ZX
L4ZKDT1HyjO/R3DtKPLc5L/3LObkjWOv2M2wMzUdS/2l0BgNcDhd3XrSf9FZLJRI
C3EECB24cgbTVl56nljLzf2fili6DHJor1+roL/rjnDhMRFjttSiWlpJGYzY6jhq
5xYiKAix3J/KQkjqsKDYhW21jz+gex/V1SdHzoqBsZ951zkFoN7y8bn5mh8Gep0m
2z1NyEjD7ww930nkxU0wNk4FH52T2Gc28S52LyUqY/LWo1UgOVZu7vqszViShmQ2
q7uxkXAAYw==
=FQeW
-END PGP SIGNATURE-

Accepted todoman 3.7.0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 13:30:38 +0100
Source: todoman
Architecture: source
Version: 3.7.0-1
Distribution: unstable
Urgency: medium
Maintainer: Félix Sipma 
Changed-By: Félix Sipma 
Changes:
 todoman (3.7.0-1) unstable; urgency=medium
 .
   * New upstream version 3.7.0
   * avoid setting HYPOTHESIS_DATABASE_FILE in rules (not supported anymore)
Checksums-Sha1:
 c0f1a6f4188d36c2de533229c589dc46700f659f 1801 todoman_3.7.0-1.dsc
 a27852562fa1d19b18f250ba25690f64665cc967 60140 todoman_3.7.0.orig.tar.gz
 d3dc5e7d604c963a3e6b036c7287657f077b23ed 8792 todoman_3.7.0-1.debian.tar.xz
Checksums-Sha256:
 68f5ff6c0c1031748f5037ba04934e284ba0da863dc9d5c5f70c8c02a755cb28 1801 
todoman_3.7.0-1.dsc
 8a05c00f6c2cc08051add709f1b1857f1dcc0ab7fb22c8f43daaba467b489053 60140 
todoman_3.7.0.orig.tar.gz
 f292fdb488bc28537dc8597227a92b4839471c906604d35d921d594851c518ff 8792 
todoman_3.7.0-1.debian.tar.xz
Files:
 a492a82612dcd0782615bb4ff802a700 1801 utils optional todoman_3.7.0-1.dsc
 99b82154c3e38cdce82ed59cb26ad465 60140 utils optional todoman_3.7.0.orig.tar.gz
 ee4307b1557860b6d3d0fdc4ccea7acd 8792 utils optional 
todoman_3.7.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iHUEARYKAB0WIQR6zeIsS8L0XLQfqiQBpfxHUdFE8AUCXnn+OgAKCRABpfxHUdFE
8HfRAQC//YTp2JwPYws7Xe4xGYFl9vbOuEIUeVEYVB8rN+w+egEA0szEZvOVtnTC
rFNNpF41fJ9ReFlADpHV69QbiQ9YyAg=
=rU8g
-END PGP SIGNATURE-

Accepted budgie-extras 0.95.0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 22 Mar 2020 14:37:56 +
Source: budgie-extras
Binary: budgie-app-launcher-applet budgie-applications-menu-applet 
budgie-brightness-controller-applet budgie-clockworks-applet 
budgie-countdown-applet budgie-dropby-applet budgie-extras-common 
budgie-extras-daemon budgie-fuzzyclock-applet budgie-hotcorners-applet 
budgie-kangaroo-applet budgie-keyboard-autoswitch-applet 
budgie-network-manager-applet budgie-previews budgie-previews-applet 
budgie-quickchar budgie-quicknote-applet budgie-recentlyused-applet 
budgie-rotation-lock-applet budgie-showtime-applet budgie-takeabreak-applet 
budgie-trash-applet budgie-visualspace-applet budgie-wallstreet 
budgie-weathershow-applet budgie-window-mover-applet budgie-window-shuffler 
budgie-workspace-overview-applet budgie-workspace-stopwatch-applet 
budgie-workspace-wallpaper-applet
Architecture: source
Version: 0.95.0-1
Distribution: unstable
Urgency: medium
Maintainer: David Mohammed 
Changed-By: David Mohammed 
Description:
 budgie-app-launcher-applet - Applet to provide an alternative means to launch 
applications
 budgie-applications-menu-applet - Stylish Applications Menu for Budgie-Desktop
 budgie-brightness-controller-applet - Applet to control the brightness of the 
screen
 budgie-clockworks-applet - Applet to display clock across multiple time zones
 budgie-countdown-applet - Applet providing a countdown capability on the 
Budgie Desktop
 budgie-dropby-applet - Applet to popup when a USB device is connected
 budgie-extras-common - Shared component of budgie-extras applets
 budgie-extras-daemon - Extras daemon for budgie-extras capabilities
 budgie-fuzzyclock-applet - Show the time in a fuzzy way
 budgie-hotcorners-applet - Applet providing hotcorners capabilities for the 
Budgie Desktop
 budgie-kangaroo-applet - Applet to allow quick file-browsing
 budgie-keyboard-autoswitch-applet - Applet adding the ability to set a 
different keyboard layout per
 budgie-network-manager-applet - Network Manager Applet for the budgie-desktop
 budgie-previews - Provides window previews capabilities for the Budgie Desktop
 budgie-previews-applet - transitional package
 budgie-quickchar - GUI to find and choose locale characters
 budgie-quicknote-applet - Applet providing simple notes capability for the 
Budgie Desktop
 budgie-recentlyused-applet - Applet displays files recently accessed for the 
Budgie Desktop
 budgie-rotation-lock-applet - Applet to lock or unlock the screen rotation
 budgie-showtime-applet - Applet displaying date and time on the Budgie Desktop
 budgie-takeabreak-applet - Applet to prompt when to take-a-break for a set 
period of time
 budgie-trash-applet - Applet allows access to trash capabilities for the 
Budgie Desktop
 budgie-visualspace-applet - Show and manage windows in workspaces for the 
Budgie Desktop
 budgie-wallstreet - Change wallpaper from a folder on a schedule
 budgie-weathershow-applet - Applet to display the weather and forecast
 budgie-window-mover-applet - Applet allows moving windows between workspaces 
for the Budgie De
 budgie-window-shuffler - Keyboard and GUI friendly window-tiling capability
 budgie-workspace-overview-applet - Applet providing quick access to workspaces 
for the Budgie Deskto
 budgie-workspace-stopwatch-applet - Workspace usage tracker for the budgie 
desktop
 budgie-workspace-wallpaper-applet - Applet providing per workspace wallpaper
Launchpad-Bugs-Fixed: 1868400
Changes:
 budgie-extras (0.95.0-1) unstable; urgency=medium
 .
   * New release
 git tag v0.95.0 release candidate 2
 Translation updates
 Fix errors.ubuntu.com reports for takeabreak
 Fix category view sorting in applications menu (LP: #1868400)
 Fix launching pkexec based apps in the applications menu
 Tidy codebase for countdown applet
   * Packaging changes
 control: Add missing dependencies for applets (xdotool, zenity, wmctrl)
Checksums-Sha1:
 7c6e2405229f4ae02370746d0dd07fa2e79c3820 5060 budgie-extras_0.95.0-1.dsc
 6c776a0568c59123d0f184ad38bbf8f0f988330e 7497580 
budgie-extras_0.95.0.orig.tar.xz
 872dd4987e12cdccc70d0af2b45813510f72374e 833 
budgie-extras_0.95.0.orig.tar.xz.asc
 edc2e7766f50eed4a24784c27f713fde15f8b687 17568 
budgie-extras_0.95.0-1.debian.tar.xz
 9cc25504e9456a798bd1eef3f6b034a811b43cea 21375 
budgie-extras_0.95.0-1_source.buildinfo
Checksums-Sha256:
 86a2406d0469a71521d2d1b76a5b38249f6822d31d68da9f47ba0ba27cc1f482 5060 
budgie-extras_0.95.0-1.dsc
 3a47360f4009ec9174e89482b15c5dee07284e03a27263da2a68f6169c998906 7497580 
budgie-extras_0.95.0.orig.tar.xz
 5923402ecb96853be53922332cf72c462057324f5d1cac271688b650e0e0d4dc 833 
budgie-extras_0.95.0.orig.tar.xz.asc
 ff6471b4bbb866203aa6525e584336d48c5fab991c1325f9cb23fcb45320b330 17568 
budgie-extras_0.95.0-1.debian.tar.xz
 ed46ef97904059161488d4b5fdbd7ae24cad62ea57205135d27cde3124d146dd 21375 
budgie-extras_0.95.0-1_source.buildinfo
Files:
 757ef1625de332f52a1f1bce690a8b02 5060

Accepted fonttools 4.5.0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 22 Mar 2020 17:40:59 +0800
Source: fonttools
Architecture: source
Version: 4.5.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Fonts Task Force 
Changed-By: Yao Wei (魏銘廷) 
Closes: 954642
Changes:
 fonttools (4.5.0-1) unstable; urgency=medium
 .
   * New upstream version 4.5.0
   * debian/control: Update dependencies
   * Fix test failure caused by newer unicode-data used in build
 (Closes: #954642)
Checksums-Sha1:
 f04598fe4c40bb6bc3d11afe84402edc72f71734 2412 fonttools_4.5.0-1.dsc
 515cc68f1bdc11b22e0174d980369c8b5e280f06 1515820 fonttools_4.5.0.orig.tar.xz
 0fa1f4bc3dc498f98638aff53d219708fa3d1638 9716 fonttools_4.5.0-1.debian.tar.xz
 bf485199d12bc1417c0259a5cbe1e1c19899bf66 8732 fonttools_4.5.0-1_amd64.buildinfo
Checksums-Sha256:
 977213238eb935b041e13d8d1b5afd9648a86e96dc8d5c390ce6ce4db2adddad 2412 
fonttools_4.5.0-1.dsc
 2646c0df1113c8f02aff1c80b9bd0782872ae4fb9fd8d17b0656c165f5068f53 1515820 
fonttools_4.5.0.orig.tar.xz
 a073818bce4cbc5e9dffcc33465a9c740fb032f11e5302b5ec4d2080a92e7c06 9716 
fonttools_4.5.0-1.debian.tar.xz
 48f363474006c7dccd1c0e88a59bc0e2c4a495ce7b17eb2ca46480c977adca6e 8732 
fonttools_4.5.0-1_amd64.buildinfo
Files:
 7ef9a0952d31f92ec323a04af2cb6f2b 2412 devel optional fonttools_4.5.0-1.dsc
 c4bff38b4fcd6c41f1646952e94c67c6 1515820 devel optional 
fonttools_4.5.0.orig.tar.xz
 9e3055c111bbb2479428970e584f8865 9716 devel optional 
fonttools_4.5.0-1.debian.tar.xz
 afe8a5a77fe4b7856d1bedf9ba4b1a8f 8732 devel optional 
fonttools_4.5.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEE8htgli/cvAeDZWXRl1ewRNNETDMFAl53OQYACgkQl1ewRNNE
TDP1PhAAoK43Yc2xlc3YIWW3ztZxWboe7lfZMzN7RJeeXOvmnwlAzSz+oA3YbYbC
BNzXQhFKgaDI+wiYLSR+jNrJg5lc0E8+Zqw45muUvyF1xnwqVAi2yeBpYsOyuOtq
sIcYyrBKPd22DCXHyekluoLEKjlp+3GpHFR/15VTgCE8rdImODPv0QuarVEHGRVS
ZKYdk+Dy7Dg/g7kZOYwZMOI/Wv6xvGbyKvX5C+TnevtnxzrZNZQ9dSCrGoktsXqc
5whQnTU/+fW8Pblp1/8tH0wJd8r2vZOYulLKB+FcV2pHz82S9X8E7j3ivRZj1D/X
BeyyBt7C430N7ST3Exc5xfi54W7STd0ALfpYRZur9QsXkgLItRDxuLGul26R1L64
eQ45aefqgu3daXuBVz6lgraluX/zu6Px9ukgDQT0yMTyiz3jjjDiS6PpLHe7JB3H
6352AAszhM5kF4v0lrW9y3ndrQILNJ7SEAiSY0pUZVgEH2UWfbh5Q8RnE4TzcLiq
xrI3LN2EUE7fGHtQ0cnKAaWjXVKU+Xn8sopjn5SKiWk3zOQb9WgwadIK6pfpJUi/
JT6K21u1Z81pp+zEd9JAyNpFkHLc8TuwkCkhOWKv28Bk9eSLhheZJOwMQ3zXv0Pm
pZEwxe3ULMJmH+NxPzfpSXIWGBFGUZNfFPHmc5OR8oiau8AiXIU=
=8wPA
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Janos LENART 
Hi Dimitry, FTP masters and others,

I know Dimitry was fighting an uphill battle with kubernetes between 2016
and 2018 and he experienced first hand the problems posed by vendored code.

We see more and more software making excessive use of vendored code. Pretty
much everything that is written in Go. Some of these are crucially
important, like Docker or Kubernetes. So I understand the concern everyone
has about how this fits with the Debian Policy.

Debian Policy, paragraph 4.13 states:
(for your convenience I include it below :) )
https://www.debian.org/doc/debian-policy/ch-source.html#convenience-copies-of-code

=
4.13 Convenience copies of code

Some software packages include in their distribution convenience copies of
code from other software packages, generally so that users compiling from
source don’t have to download multiple packages. Debian packages should not
make use of these convenience copies unless the included package is
explicitly intended to be used in this way. [17] If the included code is
already in the Debian archive in the form of a library, the Debian
packaging should ensure that binary packages reference the libraries
already in Debian and the convenience copy is not used. If the included
code is not already in Debian, it should be packaged separately as a
prerequisite if possible. [18]

[18] Having multiple copies of the same code in Debian is inefficient,
often creates either static linking or shared library conflicts, and, most
importantly, increases the difficulty of handling security vulnerabilities
in the duplicated code.
=

I think this is the part that has the most bearing on the vendored code
problem, especially the footnote. I agree with this principle. But we
should apply it to the state of affairs in 2020, and to this specific
situation.

Keeping all that in mind, here are the reasons why I think it is acceptable
for now to package Kubernetes with the vendored code, and even the best
solution that is available currently:

1. OTHER EXAMPLES. If we take this paragraph completely literally and to
the extreme then other packages are also in violation of it. True, the
current packaging of kubernetes does this to a greater extent than its
predecessor for example, but perhaps this shows that this section was
always open for interpretation. Examples of some prominent packages in
Debian that bundle and use the vendored code (in parentheses is the number
of go packages bundled, estimate):
- docker.io (58, including some that are vendored more than once within the
same source package, but not including the fact that docker.io itself is
made up of 7 tarballs)
- kubernetes (20 for the previous version, 200 now)
- prometheus (4)
- golang (4)
None of these were REJECTed, and please don't sabotage these packages now
:-D The idea was only to show that, at least for now, vendoring is a fact
in Debian. There is an effort to improve the situation but in the meantime
we just go on. Not great, not terrible..

2. MAINTAINABILITY. Having every single vendored repo available as a
separate package in Debian is not feasible. It is true that some of them
are already packaged. But the expectation that all of them are (with the
exact version that is needed for Kubernetes), is not going to happen. Also,
the golang-* packages have a number of different maintainers. Hundreds of
such packages would be required to build Kubernetes. So one can be rest
assured that every future release in Debian will be blocked on waiting for
dozens of these packages to be updated. Dimitry and a few others worked
hard on trying to pull this off but even they could not do it. Since 2016 a
total of 3 Kubernetes releases made it into Debian/unstable, but there have
been 17 major and countless minor upstream releases of Kubernetes.
Thousands of issues were fixed upstream, including serious security flaws,
these never made it into Debian. Exactly because the packaging was too
difficult to maintain. So, how maintainable was that solution then, despite
the huge amount of effort put in? In my opinion this shows that the
reasoning on maintainability in DP does not apply here.

3. NO FORKS. Debian developers hacking Kubernetes source code, so it
compiles with a lucky enough version of a dependency that made it into
Debian, makes the Debian version of Kubernetes different from the standard
one that everyone expects. This is totally unwelcome by almost every user.
No sane cluster admin would dare to use this "fork", ever. There were some
attempts to get the Kubernetes contributors to update dependencies to a
specific version: https://github.com/kubernetes/kubernetes/issues/27543 .
Reading the whole thread helps to put some perspective on this. The
Kubernetes contributors were actually quite helpful throughout but they
have made it clear that they will not update dependencies for update's
sake. Maybe with some projects Debian would have the upper hand, but not
with Kubernetes.

4. TESTING. The Kubernetes

Accepted gcc-10-cross 5 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 19:44:16 +0100
Source: gcc-10-cross
Architecture: source
Version: 5
Distribution: unstable
Urgency: medium
Maintainer: Debian GCC Maintainers 
Changed-By: Matthias Klose 
Changes:
 gcc-10-cross (5) unstable; urgency=medium
 .
   * Build using gcc 10-20200324-1.
Checksums-Sha1:
 2b5d28c2f02539dac6a77545d2bc1075ff3051a5 34319 gcc-10-cross_5.dsc
 b1b9e523b03d0ef9c69180a6f8f776ed389c3c2d 41980 gcc-10-cross_5.tar.xz
 3b2970f0a2d849b8cea44d5836039d6bf683 18184 gcc-10-cross_5_source.buildinfo
Checksums-Sha256:
 ca6058c49b10fd7b5930da2c49b319f9fe54b4bc31232cd9b6b91118d6bc2088 34319 
gcc-10-cross_5.dsc
 b88047847a4135d51d4644ef220b24fcb36e6135acf4f5f79dec7cfd2c0c9547 41980 
gcc-10-cross_5.tar.xz
 dcfc6afceb681a5afcf47d482651e42bfd9cdfc35d166ab76f3a6e9943d9d8bb 18184 
gcc-10-cross_5_source.buildinfo
Files:
 9a81d134e4b37d9707cef5105d552a15 34319 devel optional gcc-10-cross_5.dsc
 fdf51d6c1da3369f46c0012f6ffcdaff 41980 devel optional gcc-10-cross_5.tar.xz
 9a16f045190af785e1b88caa58e4d856 18184 devel optional 
gcc-10-cross_5_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAl56VwIQHGRva29AZGVi
aWFuLm9yZwAKCRC9fqpgd4+m9dHdD/4lFRJnogRaHSHVgX9F7Ns/k1dCqaO7X5pX
qCx6GyoUZNvCqWcNUb1s5AI/vk3ccFEY7KNFZecwO5bLMBH2FspkGE0OUBIbnBmo
6DVLpYFSYRrEodoyK7dKtld2bLPcfP/M5c80kFTt00MjLmWAuNE3I7JY9K6hqxoX
geMfEF8Hmgc2/ouDY6ihOKQMFi2WU4ZTNPsaDPSB4z6QXJ3YxvdJHzI83tUlT2Q8
R9PcLW6uLwkJB6OJZDBKXHpBVtbV5VzaHaqatCiGhFG0M3c5sy5tlnbLj9SHjj8u
ZH9ATonE9R3wAdIpZFbZcWJ0jMMk+SqqXBnQNjFALPi0B54ZagPrk7DT4+7ZOfWa
PdIS3um8xHaoV/2w8kZ437xIbpj2NNdY93UZwn5gzZy6xagpK4QQSsNpqvfxaS7t
EDIFNRFo+UM+s2BniqurE2B/D+yJ3JJUpJwyDFy8lkwhdTZCzu8GbIlL8U51PsKb
57EOF6JYw7Jw8rM8mQUC/o15ODlPRepk7y30b5duM4hTVbcbbKgEeBiQNzwwO7Ty
bu+U94SjslkoCf8fKkIwpcuUs+ZII9tQnLHiDslJaMGBh/K8MOPyB0WsYeG0J9vt
KNbtdy+PRb3oC2W3JS7ihiSV/76EXLpmC75TI9tXrfhVwLn/oHAygQ0kSFtgsgZ6
0D8EyjR9Gg==
=AUH8
-END PGP SIGNATURE-

Accepted libgit-annex-perl 0.006-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 11:12:23 -0700
Source: libgit-annex-perl
Architecture: source
Version: 0.006-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group 
Changed-By: Sean Whitton 
Changes:
 libgit-annex-perl (0.006-1) unstable; urgency=medium
 .
   * New upstream release.
Checksums-Sha1:
 86e97dd33d8f083469b7e03739a7ee476514dab3 2647 libgit-annex-perl_0.006-1.dsc
 e655b2cab2456df418e2fbe605a6d041fce19f4b 28144 
libgit-annex-perl_0.006.orig.tar.xz
 a5a9f556a8fba7fda6a95611d9b3b0123b4b7be1 2004 
libgit-annex-perl_0.006-1.debian.tar.xz
Checksums-Sha256:
 c9711f2a9b1d72f64b163c8b9d2979a1c7388981487c1fc84e1f696d146b46e1 2647 
libgit-annex-perl_0.006-1.dsc
 8f5a916b9ab0b505a8bf9c13829dd627856a46384b6a0a13510367513d504fa7 28144 
libgit-annex-perl_0.006.orig.tar.xz
 7feeac026b95e836ca71fea290e398affb7ff487723573ee6fae2932da8bbae8 2004 
libgit-annex-perl_0.006-1.debian.tar.xz
Files:
 f0874cac36478f89d2f2e8b095eb4a8e 2647 perl optional 
libgit-annex-perl_0.006-1.dsc
 4c12d5b7430fc8e37048cd0d48d4406a 28144 perl optional 
libgit-annex-perl_0.006.orig.tar.xz
 d21444dcdcd7f21b9f03dce999df4bd2 2004 perl optional 
libgit-annex-perl_0.006-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAl56TZoACgkQaVt65L8G
YkCPEg//SCo47B2uytYtUajHWhJTv/tBHgij2a4z7xTirgHBVgIIYeBGUJDSG0Y4
RISdngzefN3INQ8tqj3ZjNEhFUqeWpBGeEE41D1xMt/z1Y8ssLV5CxHhM4tejUTF
sUu4ooRQoRNC7IBXCb79HizdnmNhk0xXis3osp8sYDYZhS6U07CwAb2O/tT4czZp
TT72GWMiubEiAbLa2EWjyAp6Nkc3nJWCKYxiIVf6AnGv9BGaOp3q6+VplzPxugyq
szELVYM39Wv11SZ0zKKL5IEwpw4jl5IAPEb0uVM4bypcgdNkfUeFCed8F3ooq2cq
KwY+g/1PPFJqOITY8jIcWmcRLYveBXsrtGpiPXtrCkxAfVtaAGkAV2ummJG0YJtn
ntrBvqaeIkbkJMMADLpfTD5Ex9h20E7/2nopZRjzAyWgLSs4BWF3WhJrfmPbw+Ce
VqaGqat2kbP/QNmBjzK3nd/LVm1c4ARHHjb9T7q7tFGtXu1zXkev5kCz05Ce1+i9
AJ00EUMRRk3j1g2AKKFIO+Oes3puEPMn6xTBzlYM1rtoUjMwC1YyL/XunXGdpic4
ipK1LwMaOaArOgZjxX0770nqg9qkgZOLArw2AL5sF5lcq5RdGCvx/FCwzqEPvG1z
NC7RiQx7lCsJognSiRAjG8isnk8NKplwqxAcjgZOeC+2wlkGjCw=
=vVjx
-END PGP SIGNATURE-

Accepted mftrace 1.2.20+git20191022.3b4bc2e-2 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 17:54:56 +
Source: mftrace
Architecture: source
Version: 1.2.20+git20191022.3b4bc2e-2
Distribution: unstable
Urgency: medium
Maintainer: Julian Gilbey 
Changed-By: Julian Gilbey 
Closes: 954726
Changes:
 mftrace (1.2.20+git20191022.3b4bc2e-2) unstable; urgency=medium
 .
   * Build-Depends on texlive-fonts-extra for cmr11 test (closes: #954726)
Checksums-Sha1:
 569dc752191a09d6589bbf23bf93d6ca036ed6e6 2010 
mftrace_1.2.20+git20191022.3b4bc2e-2.dsc
 75dfdd73cd1a74dc96505dff8ec2094b6afc8b74 5224 
mftrace_1.2.20+git20191022.3b4bc2e-2.debian.tar.xz
 0982436e5f19970b6c9b9fe888f9b9684cb7a57b 12325 
mftrace_1.2.20+git20191022.3b4bc2e-2_amd64.buildinfo
Checksums-Sha256:
 f152c63188c15d07cefaf1406e2a968f77e5d7d88b5cdb06ccbf264ee54d8696 2010 
mftrace_1.2.20+git20191022.3b4bc2e-2.dsc
 2666822d9b6832a9f6650bd116ea2ff4509360d5007200b5b4ddb751d70524a0 5224 
mftrace_1.2.20+git20191022.3b4bc2e-2.debian.tar.xz
 5a72094c51231377e4868ba8f7eebbe2fa9cbf72e5a78655857329cc089a4a65 12325 
mftrace_1.2.20+git20191022.3b4bc2e-2_amd64.buildinfo
Files:
 9dc12fdf26a15bdb3700602c548eb2dd 2010 tex optional 
mftrace_1.2.20+git20191022.3b4bc2e-2.dsc
 6abfe5a2efc997523d84215b8d5c6d8b 5224 tex optional 
mftrace_1.2.20+git20191022.3b4bc2e-2.debian.tar.xz
 70d8811d9afc7079a37a71f9fba4eb83 12325 tex optional 
mftrace_1.2.20+git20191022.3b4bc2e-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEfhrD+iemSShMMj72aVxCkxbAe/4FAl56SekACgkQaVxCkxbA
e/6FUA/8C9FjAs2X+NyVjeNvBo1P+oU4dH7RuJqMmNVoBDqDyrWcyv7xD5fBjshC
+g64zo+2oSUzqG1MyfTFpWd7GRR+KgqPga3P+gxRuvHtM/i/rn0JORDHYRZpxmY8
2VmA7Ol+hj/ywRfO4zv5KwviwP//KvXB2Q1vT31wzlfskKzySnPjfUxVb9zx8RS4
DajSr07wMcbin4RWoJcXO2UTu1/oiE9wsi31dfii+LzwEu4IBasdSTxweOnwE7tL
rrKB1KG6jgFxS5ArodFq3903IwFOMd0CzdjJ4vzgo9/CDe5fIUDDVvtxUp7FiC3u
YedLR3oxGeK9QDyUlMEsl51rCpStaogNNUnq3rYrK5c1gyMZAKiQ6GFFNms7/uXo
PDZJlfVSIQJ2/9ZiRobftbYqq9C8bbbxC4ViwWMBrE9fX2nOH0a5gxdA/Qn/7s38
+WndIXiREFiXzR+XL3fH9RD8ofOd0dlqKsNLWm9EApb7B9KAaUewt4M0DuQN674O
4eGj3fW+lQzndatzqSJPxACaEaIH2wFRuvL+hhycnhJvmetisW3ITnSv5gm4XeHh
DJNq7c5VQI/uhv+uqmN+IGaG9gfFhiY8li0VSW41QfuV4Hocwqa1IlFk0f/UPNMF
E4qKx2BhDMNX78FWBpXRNMrip5Sq2YSo/GIXnZHg+E1u0UTOWaY=
=MWVq
-END PGP SIGNATURE-

Accepted telegram-desktop 1.9.21+ds-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 22 Mar 2020 08:57:48 +0300
Source: telegram-desktop
Architecture: source
Version: 1.9.21+ds-1
Distribution: unstable
Urgency: medium
Maintainer: Nicholas Guriev 
Changed-By: Nicholas Guriev 
Changes:
 telegram-desktop (1.9.21+ds-1) unstable; urgency=medium
 .
   * New upstream release.
 - Incremental reading of messages is available.
 - Spell-checker implementation remains the same via Enchant to make
   it easier for extension.
   * Add a script for reportbug that attaches user's log file.
Checksums-Sha1:
 b943fc32d49da18139ac91bed51cfbe3b7789caa 2784 telegram-desktop_1.9.21+ds-1.dsc
 5536f39a8b29bfcf2e1f027d154565643ead352e 12937512 
telegram-desktop_1.9.21+ds.orig.tar.xz
 dd3a7eeb6c8519ffd634d7977b27bdac2fb4692e 14864 
telegram-desktop_1.9.21+ds-1.debian.tar.xz
 ad83dcbd0791f1dedfdf08730ddac23508be69c4 16441 
telegram-desktop_1.9.21+ds-1_amd64.buildinfo
Checksums-Sha256:
 1478dd5631a5f8d8ce2113ee9aa820794655bcdfd9ef1c9efad3e442e21c7ec6 2784 
telegram-desktop_1.9.21+ds-1.dsc
 abf1f63023672cf0bda173d4d5c137499ad6d25beddd1b06a06a9c3a5d3a1d26 12937512 
telegram-desktop_1.9.21+ds.orig.tar.xz
 9a7498cecc824490c6f8e3013ec9fd1665b771bb06d2eb962ab008edaaeabed5 14864 
telegram-desktop_1.9.21+ds-1.debian.tar.xz
 d0ffd4cd7bc8590639e99a7fceb4fec7a37a9b6ab7cb90065026a0ded72b6784 16441 
telegram-desktop_1.9.21+ds-1_amd64.buildinfo
Files:
 c1ee1202ad33fe0bee950d806cfaf1fc 2784 net optional 
telegram-desktop_1.9.21+ds-1.dsc
 f96220ad702d700609669a557ec64cfb 12937512 net optional 
telegram-desktop_1.9.21+ds.orig.tar.xz
 d9fceed94b15e701acc79a29df00e84d 14864 net optional 
telegram-desktop_1.9.21+ds-1.debian.tar.xz
 ac579d24d34a42d9860812a197a6780a 16441 net optional 
telegram-desktop_1.9.21+ds-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAl56SvIACgkQCBa54Yx2
K60kdQ/7B9x43JKXIcq2zBURyNvC/LG261/tAm1M3b8MNQnrdwlyWkkPitsUu68X
Je8OEsknmlX1YwNBR83IQEIetjOt6OValIeDUnb2qrNYPVvtrmJ5iGRgvOK5xSKY
mC7JGhA24c0SUcBg9wbw6q3+3svcXuQO2Wv75AY2yIdipyVpGap+dnfq+hz/gvL4
NYhIAfB8lBStGoKT19a+zrWTpj6ozZlR9O+8pC2QHKlywaQE0wLY8GQ3QapKPXda
4BvPfAHcQZRtXXmhw7X4vVmXoWyyo+mLziegV5klL/tdQXaoL3d7w633KdwO2gyS
d9ptTfkSiLBvU3vfFc7Vz0iMENfxGjJypS6+FQtF2NoCCL678fXmuT6aw5QtspGx
aScoC/w7D9QpvYZBiuM3omyTwK4f7GoXq5oH8EFHkvo+twowB/u8akXD2nCeHLpw
8HknvuW1viYtSGXjfi0WduKCDJ9GXaDuLticmMKa1/AGmiQH7MmUPkT8TbV0WLve
Kq2jH0EItJ9ZvMUEAgOgAGSWysLYWmTx5AxzbE9gR/AIHDDKgYV1HULQcuJ8naM6
EXObw8NxYFFxs7WInmU0dcpUCFC6pJ/l00f9aeUSeo1Ja6anBW7rYe1C7xLKz7Dh
cjtFLyXBD38slg8pmbBDR0JRqIdeaxoEguOH6nEuss8u5+mOg6M=
=QObu
-END PGP SIGNATURE-

Accepted shim 15+1533136590.3beb971-8 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 16:51:10 +
Source: shim
Architecture: source
Version: 15+1533136590.3beb971-8
Distribution: unstable
Urgency: medium
Maintainer: Debian EFI team 
Changed-By: Steve McIntyre <93...@debian.org>
Closes: 925816
Changes:
 shim (15+1533136590.3beb971-8) unstable; urgency=medium
 .
   [ Steve McIntyre ]
   * Use --padding when calling pesign to generate hashes for the dbx
 list, as recommended by Peter Jones. No actual changes needed in
 our list of hashes at this point - they work out the same either
 way.
   * Switch to using gcc-9 for builds, tweaking a patch from upstream
 to fix a FTBFS. Closes: #925816
   * Update debhelper compat level to 11 for shim and the
 signing-template
Checksums-Sha1:
 0491b413a68de898f613964815fbbcb86e80792a 2391 shim_15+1533136590.3beb971-8.dsc
 1682991988ad60afb46bd4f8fa8b0d1b6f065f5d 15448 
shim_15+1533136590.3beb971-8.debian.tar.xz
 e48d54c1322d34bbdd98472aab157859d148ce05 6177 
shim_15+1533136590.3beb971-8_source.buildinfo
Checksums-Sha256:
 9d56ba0a77174bf33d1eab72400b7b5afedc33f300e80dc8452ed5df50d9c1a5 2391 
shim_15+1533136590.3beb971-8.dsc
 bea1be2dec23b5ca841fafacfe659ef5465f9ec3d4f280a8781b1ca93937 15448 
shim_15+1533136590.3beb971-8.debian.tar.xz
 2ae83e231ec7789bdfb5e2bba2e9c79200091e324cd836410c961ba0100c0278 6177 
shim_15+1533136590.3beb971-8_source.buildinfo
Files:
 fb4b941ba84d8bf1c187b081a6b9aa47 2391 admin optional 
shim_15+1533136590.3beb971-8.dsc
 9be2df11919a4fffb7b862dd94d37699 15448 admin optional 
shim_15+1533136590.3beb971-8.debian.tar.xz
 497250396ac9b3a99c88d9c94b8e316a 6177 admin optional 
shim_15+1533136590.3beb971-8_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJFBAEBCAAvFiEEzrtSMB1hfpEDkP4WWHl5VzRCaE4FAl56SlYRHDkzc2FtQGRl
Ymlhbi5vcmcACgkQWHl5VzRCaE5F1A/+Ib3rh2l8iSeep0YJCMGgKP/Ir3nFNCLZ
KtDkFkIrb2DGdTDvLc01CUxx59LWNyiUuuokN1Q0esrgK9bB75ygO/vT+mNVRHLC
TNUZKrljvKqfYuXchAEH9cCGaXkZM9mk7DjRvmBA/mP1G0oX1Rw/be/WhDTwhicL
nYXjx20iDKWnC0qH3ucRXRod1ElwIbgw8lOn6dNLr/jBg4h2ZWYCMRbgEZkdwGtw
1Y7nEaEvRlXy3TG/b4aBKw9XDICwym/WNyy1uw674+vz7YUjtLpHIAuV+hH/Erf8
yIHyxuPLnbuPwOX0nXTbTGkK7D+DKQyOwVQohgUJr1S9hKSZ8cp5Pp242Xue+c03
myn4lIDHGgagLHTYjgg38IchL4Q7jtiY2fdtoC2MNnI/Ptfa1Ly9nXcJzUoyXJOb
5oI5UbiHhmWPvH1af8jct8XV2i7abY18YELllzkuKBtb61nrP82+Xjyn8P9l1H0Y
I5lcE1ZuU3NTDVvxLtDqOMj1q+nxObL+0ttnh2jZr28SUdrjlLN7ax8hE6GYvTPP
xhWUkdCIivayWy2bGAbg+0s691/ZP3DAxDMVJYAvEr+jYz1vtk6bQv1ku99PM+Zm
Qn/lI6etR/g1P6Kd9Q16TUDPMwnj1N1cTYMN4bSam94cTDEzV2I133epjIVeoNa6
pY/nxM2LnoY=
=Fbac
-END PGP SIGNATURE-

Accepted gunicorn 20.0.4-4 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 18:08:15 +
Source: gunicorn
Architecture: source
Version: 20.0.4-4
Distribution: unstable
Urgency: medium
Maintainer: Chris Lamb 
Changed-By: Chris Lamb 
Changes:
 gunicorn (20.0.4-4) unstable; urgency=medium
 .
   * Mark that the [Python 3.x] gunicorn binary package replaces the legacy
 gunicorn3 one removed in 19.9.0-2. Thanks, Enrico. (Re: #953883)
   * Add Bug-Database and Bug-Submit to debian/upstream/metadata.
Checksums-Sha1:
 f5839e4d737921061d083ba2f131258faaba708e 2052 gunicorn_20.0.4-4.dsc
 6534141b8f3d9524d9acf4b3155f1c499e51678f 12320 gunicorn_20.0.4-4.debian.tar.xz
 c7e101685fffa0f2260f8ca3d4e6225ad6f3606d 6718 gunicorn_20.0.4-4_amd64.buildinfo
Checksums-Sha256:
 3faf1a3c790f4d34ca54016420042fa9b9fadf8729882626adb2f4e4d1fadf8c 2052 
gunicorn_20.0.4-4.dsc
 b5681f532bfe8f980934d797529f7c3c579dbb4b157f8ee4ee8308d3d77e76dd 12320 
gunicorn_20.0.4-4.debian.tar.xz
 6f1f797dc1340d6d599a2402c92819aaedd2ac864b7d3255ecd121d7e926bbfd 6718 
gunicorn_20.0.4-4_amd64.buildinfo
Files:
 0059264bba9b03332574e94ee6a9c62a 2052 httpd optional gunicorn_20.0.4-4.dsc
 41a89e8677278b54ca5c063884da89e8 12320 httpd optional 
gunicorn_20.0.4-4.debian.tar.xz
 2ffbaa27bcd6fff11c8ec5179686578a 6718 httpd optional 
gunicorn_20.0.4-4_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl56TboACgkQHpU+J9Qx
HljvshAAikAzLoSiyn3GGpWqwnd+E3ytrYbLPgu5J2BTElb65/9a2w1jIO9zfSZj
QEhFSXY0uziML60ece/Njs7qc5eT498n3BB5RxJnMv3F6efc7KV14KFkQfMeugJG
Xj/+QoUQ3G5Qz1LNHjGEIlskdfnklMmTFGMBqFoKmLtqcWXUeuZt9XW6E5ykcNqq
DDoMqIBOOyU1Ii+0EHZ6Ryca4r8VM0w/kHP3XWUO6zmIs/2D4K+3gcSXQd59ok3Y
Ct7/bfXpGoLC9izbkxBOTX82urYDG1rNG7S/G7UhKvUb0b2zNH5+d95EysH49yrT
SUlIAmYKe8xMrTUJWHzQ5RaTCuq+5OwrrmLeG7xNQgfYvKbbDyBVIBz21Rp7RGUg
xFlEV8mcUjv7wat4nkTvxfDDSNKN9VOxHBYUQ/mdjORJtWzwyS2OboBbZq649eXW
gn7DXwh4vj5WhVyLnxFL28Q9AQyWLi9sXeOAb6TrdZIUUIASg1KVm/i7AEmmskzS
rnre90BI5iqIWKsqdQDEQO8P3AJeVcd1QPnIyCXXlzwNMLQPpH1HwBqcDG9SSpfH
W572/JpWJS69e+gDix5yPogG0evTx1rRP4mQm/e9MKl+M7IcHEEsWWQ+FRrh
8fvjBzJAh5bFs6EJqKgecoWMoV/0tdXc0vRF5IQtr0zmJFcKE0Q=
=tInh
-END PGP SIGNATURE-

Accepted debhelper 12.10 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 15:55:09 +
Source: debhelper
Architecture: source
Version: 12.10
Distribution: unstable
Urgency: medium
Maintainer: Debhelper Maintainers 
Changed-By: Niels Thykier 
Closes: 939656 950723 951819 951917
Changes:
 debhelper (12.10) unstable; urgency=medium
 .
   [ Niels Thykier ]
   * dh_installsystemd.1: Improve documentation about tmpfiles that
 are now handled by dh_installtmpfiles in compat 13.
   * dh_installtmpfiles: Prefer debian/package.tmpfiles over
 debian/package.tmpfile, but accept the old path with a warning.
 Thanks to Michael Biebl for suggesting the change.
   * dh_strip: Automatically strip Link-Time Optimization (LTO)
 symbols from static archives.  The format is not stable between
 compiler versions.  Thanks to Matthias Klose for the
 suggestion and for providing the exact options.
 (Closes: #939656)
   * dh: Tweak the command-skipping optimization to skip commands
 in a few more cases when the command is known not to react to
 command line options.
   * dh,dh_installsytemd*: Work around broken NOOP promise caused by
 dh_installsystemd* using nonstandard "package@" prefix for
 pkgfiles.  Thanks to Badreddin Aboubakr and Andy Caldwell for
 reporting it.  (Closes: #950723, #951819)
 .
   [ Nicholas Guriev ]
   * cmake: Verbose autogen rules.
   * cmake: Skip install all dependency with compatibility level 13 and
 above.
 .
   [ Andy Caldwell ]
   * dh_installsystemduser: Fix bug that prevented dh_installsystemduser
 from installing parameterized services.  (Closes: #951819)
 .
   [ Translations ]
   * Update German translation (Chris Leick)  (Closes: #951917)
Checksums-Sha1:
 adef1db05ca8f20d5b93d1fec71524a7d5b0c885 1839 debhelper_12.10.dsc
 8171da063f17d95a74b23c87bb2bd1a98c4652b3 525416 debhelper_12.10.tar.xz
 75e0d34be7ca464dfdd9ba52182aa122a9763679 4606 debhelper_12.10_source.buildinfo
Checksums-Sha256:
 934871f9a113f24616d10dcfb3d3a39d916cb7a80e478b93656164f5d27995ab 1839 
debhelper_12.10.dsc
 74ef66f33d0a1ac8d854f9476b3ae8d08a65fadb6c7fa7e6155e62c52439676a 525416 
debhelper_12.10.tar.xz
 451b679c0d242580e656aceb7834dcffa8d5ad7101f43b67bc8308e332db8e25 4606 
debhelper_12.10_source.buildinfo
Files:
 3acd0bd939678b2c65986c4adc9eba70 1839 devel optional debhelper_12.10.dsc
 2e8b9ef9ed4a36b9b38cb3f453e900b7 525416 devel optional debhelper_12.10.tar.xz
 3e1de02e9214f38444b2cde00cceb2d3 4606 devel optional 
debhelper_12.10_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEE8f9dDX4ALfD+VfsMplt42+Z8eqwFAl56SwASHG5pZWxzQHRo
eWtpZXIubmV0AAoJEKZbeNvmfHqsrIwQAI2R1kd/ALP1tZCD/IoGACtDbjrakFtV
CPlNuUIA8jL4yan4P7u991LdkONvMKtnddH+U0siZtxydE3sGBvedkf97fL1kRUA
rruXcBCr45mSeeNwOd8sYJ8eDwqOK7q1vFKTHIV4pZ1jz00GRY5+xzQo3LFcmNUh
VdFVaO68PvRPCyBQ0e+6kOTLpLgMUsRkB5MBL7yDlb2Fprz77fN7THRycVicgWoN
iJwgimoVoChuQfoDQXHWRH9il3bxEwwg4VMOGMEh3IAUsTyGflT9x7YAn8G/hjVP
KbZE7tmXByKdI+EGPYxuFnQsfXHN6lV3MRTnnRa6qEK2MEIYkubFE48+B/72LiGe
DCsWewXwfzK2/hvBAg5ealgES5jRW8p1ucmiK8PP2J20VfoSN3dGNFRwQ1nVz4RP
jtWvSaCp0Ar4er8GpDmUpwp1ALZuus5f9sm/ISG5I5skqnjt8mV1wVZ594t+ScpR
UjWavoVIGEnMxfP17G2jIQA/ZqS2y1FX5ORHwxzkFvIyecRy8w7He3YJ8KiQrLzd
Yjx8yTa57ZnxFJKudJkCzc0ERqMo1yebYwa9b/cze8Lf6NsUmrc6dO1KilcRm5NH
NkACih+LuOxJoOTGajpXhw3V5easW6clNXutY90zxGzjd+5SXdh2+WnAP+GSTHVK
H0sqFzgPOso3
=AWYK
-END PGP SIGNATURE-

Accepted puppet-module-voxpupuli-corosync 6.0.1-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 12 Sep 2019 10:20:17 +0200
Source: puppet-module-voxpupuli-corosync
Architecture: source
Version: 6.0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack 
Changed-By: Thomas Goirand 
Changes:
 puppet-module-voxpupuli-corosync (6.0.1-1) unstable; urgency=medium
 .
   [ Ondřej Nový ]
   * Use debhelper-compat instead of debian/compat.
 .
   [ Thomas Goirand ]
   * New upstream release.
   * Refreshed and rebased patches.
   * Also packaging types.
   * Depends on puppet, not puppet-common.
   * Standards-Version: 4.5.0.
Checksums-Sha1:
 0562b0c0b021ca8d8d49d9797ccd13d0b57c6318 2209 
puppet-module-voxpupuli-corosync_6.0.1-1.dsc
 d1a2972612f7a19a3fffa5393d80ace3a4f00d01 62364 
puppet-module-voxpupuli-corosync_6.0.1.orig.tar.xz
 834a17782116d673d4aa752f6b0d3fc239675953 2688 
puppet-module-voxpupuli-corosync_6.0.1-1.debian.tar.xz
 e92ddfe4c21604c84f61cdd2807e294666bcdfef 5781 
puppet-module-voxpupuli-corosync_6.0.1-1_amd64.buildinfo
Checksums-Sha256:
 98f1a038be4a87c19a8b209e8235dfdbb1c851363ede204fab1aaa5bc9bf82fd 2209 
puppet-module-voxpupuli-corosync_6.0.1-1.dsc
 66f827185eb50aa2ac0f03035ff8cd283d286d2d3b2e0e87346ab677cd54c0ec 62364 
puppet-module-voxpupuli-corosync_6.0.1.orig.tar.xz
 092577f3d2a49858b58e5e785f4c1bc2983607b7d7c5a18957859d663a05db59 2688 
puppet-module-voxpupuli-corosync_6.0.1-1.debian.tar.xz
 45ed540efc2ecaf1e95c6c81ba0edf6889e91d6667f448ae551682d2a993e314 5781 
puppet-module-voxpupuli-corosync_6.0.1-1_amd64.buildinfo
Files:
 669dd95394851526bdf1a4b285ff75ac 2209 admin optional 
puppet-module-voxpupuli-corosync_6.0.1-1.dsc
 4503aeca694260af6220c9cd68606d9d 62364 admin optional 
puppet-module-voxpupuli-corosync_6.0.1.orig.tar.xz
 5086aa881303337e7f5593ff8344ab8c 2688 admin optional 
puppet-module-voxpupuli-corosync_6.0.1-1.debian.tar.xz
 de1b5d6e8a0fa7a9424452c0bc961425 5781 admin optional 
puppet-module-voxpupuli-corosync_6.0.1-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAl56SNoACgkQ1BatFaxr
Q/4rKQ//YYjAPDkjfYIcrWTrhJ1atg1YRSNCtSBrS8yXuMA3Zy4BdBFZXM+z0uMw
HbmzNjI8HJc0vAAI5nq3DNyoefNLXCijCi5sCLoor38r4FfwzdKUeLg54iRrcHuG
/Et6h+C2sdyZSmCMkKOQ9A0ZLIO5FKcrILNV62Wt3fDRTP0KqHsQtFcgLFZ9NP7w
xuDzWS6tfmJ3Nk5TVD1e7wj0j4tH0fMOHGnXi1ks7kRYenLMFGPfwzPqCrPrRNfg
Epw7Tc+dN/72PhxQiflgXytaND+c4Fm5fCYupQBkk4Q2bRunHGay8CGsEX8DG+Os
76RcmJgtqZqkJtARe2lThYwrfiPNYEb2irXQoSJppC5BKt0oukxezXa67s1elOUC
OzEChDB7xw9Ev7nWicCK1EkAalkpBGvd5dkjTdVOc+npL7MDFIyVlpwmTYrT3B/L
qeueJ0R6HdLFYVgiVsAgEgVPAYwhPy7+MF7D/xxpa5MyIv25xbMGgPt1NbgBcpZp
gUo3YdurQwd5SqrkWr/mC7po16R7dM00Hl7wkpXaKDP348CaqM7XJ391OE/LCHK9
OWPdOMV3sZM+LmK3zHC8GNW92WP+mnYbzC6GYnMzm7z7S4NZ2ILXuuV9qspJLey9
WkiJ+1MKF6etrcDnUoSFZ8q4czvJVqFa3wVJOVZ6cOIybBZGZ60=
=+7A5
-END PGP SIGNATURE-

Accepted mercurial-keyring 1.3.0-2 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 18:41:41 +0100
Source: mercurial-keyring
Architecture: source
Version: 1.3.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: Andrej Shadura 
Changes:
 mercurial-keyring (1.3.0-2) unstable; urgency=medium
 .
   [ Christoph Mathys ]
   * Use secure URI in Homepage field.
   * Change package maintainer to python-modules-team.
   * Update dates in d/copyright.
   * Update std version to 4.5.0.
 .
   [ Andrej Shadura ]
   * Wrap and sort.
Checksums-Sha1:
 9db3d9e1d1cea90ad2a25099401b2ed0139a9d16 1936 mercurial-keyring_1.3.0-2.dsc
 a33a1d9285fb1472cbbd44ef67d01041b701f336 2668 
mercurial-keyring_1.3.0-2.debian.tar.xz
Checksums-Sha256:
 80d8b3aacf1a46cadfe2f9c4542a836ea18411a32707539c33f598ecff8f1e4b 1936 
mercurial-keyring_1.3.0-2.dsc
 5109eaeae30e26bed1e6e05a29f6386f9c5ac6777bb0de41d7cac2830e07fb2b 2668 
mercurial-keyring_1.3.0-2.debian.tar.xz
Files:
 b13b3bb57909e3fe6e3d400f24451a66 1936 python optional 
mercurial-keyring_1.3.0-2.dsc
 b425469c9ee0cf7243dcc4c8c3b9a731 2668 python optional 
mercurial-keyring_1.3.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAl56RpMACgkQXkCM2RzY
OdL4Lgf+PdgTttaQBwnvj8p57zSWSf2XvISPXEkdRHVj/io5gI4vCMGbDi6fZhyj
gHnu/vvUvPBJ1j1xFeX78l6Fhgx0WSbxE1dqA806E4RNSQnOoz/4Y9UPs/hekiJd
hAvPBezMeG4XkAI9MsEI6oozyb5g+dQyqxDSj2dnCnOZ26OvKFmtQF29BqLL4KQi
pxr3J/rpW2UtK2NBabwK9sXHSr5rqepZnYrESNrGPFLuEBTIO+uzOhJ/gbZQNVeS
jEidLWF7ZqbZUpnaIOubOLmA7/z+SLNGC0K4e1eL7qmpulPZDlJMaRi3pV1BsrOb
FL+ynZOC9fpxRKDgaSWzkVrr0FyQew==
=YB/0
-END PGP SIGNATURE-

Re: What to do when DD considers policy to be optional? [kubernetes]

2020-03-24 Thread Florian Weimer 
* Paul Wise:

> On Tue, Mar 24, 2020 at 6:17 AM Vincent Bernat wrote:
>
>> Kubernetes is already using Go modules. They happen to have decided to
>> keep shipping a `vendor/` directory but this is not uncommon. It is
>> often considered as a protection against disappearing modules. So, there
>> is nothing to be done upstream. And BTW, there are currently 616
>> dependencies, pinned to a specific version.
>
> I wonder if the existence of Software Heritage could convince them
> disappearing modules aren't a problem, or if another service is
> needed.

The required versions of the modules could disappear from Debian, though.
Services like Software Heritage will not help with that.

Accepted rjava 0.9-12-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 11:57:37 -0500
Source: rjava
Architecture: source
Version: 0.9-12-1
Distribution: unstable
Urgency: medium
Maintainer: Dirk Eddelbuettel 
Changed-By: Dirk Eddelbuettel 
Changes:
 rjava (0.9-12-1) unstable; urgency=medium
 .
   * New upstream release
 .
   * debian/control: Set Build-Depends: to current R version
   * debian/control: Set Standards-Version: to current version
Checksums-Sha1:
 9d2e1ddbc15d8e408ab9afc3317b20d0ec4ac63d 1961 rjava_0.9-12-1.dsc
 f013edb5a7f993ebfb17c84cf23895d906f0102d 1103629 rjava_0.9-12.orig.tar.gz
 dba1f68c9321887543077a60265d7bcea24f3aa3 3724 rjava_0.9-12-1.debian.tar.xz
 a5e40a42ed5e66bb1d2de24d00f001d90215478e 10081 rjava_0.9-12-1_amd64.buildinfo
Checksums-Sha256:
 f982dfecbf6f1c64681ed91bfffa01ce03b92e5d179cc340f4040acccbeedbf3 1961 
rjava_0.9-12-1.dsc
 2248a8c73cacfecf75445ad0ebda4960409ec3f21afb180a1bc02a6de4057b0f 1103629 
rjava_0.9-12.orig.tar.gz
 f128ba354650715b4047a71f0f04239e1d05ee1029bb3f9ca0ecefbed0fd38f5 3724 
rjava_0.9-12-1.debian.tar.xz
 d3573f13d107712663364675863b9accef5ca6bb5de137da835e738fb1de399d 10081 
rjava_0.9-12-1_amd64.buildinfo
Files:
 8840e214ec13bf3595ccb87b552998c8 1961 gnu-r optional rjava_0.9-12-1.dsc
 8d17e50cda6297a85254f7b9cd57db60 1103629 gnu-r optional 
rjava_0.9-12.orig.tar.gz
 acb3c60f5af9ba4139ee88bbc8816fda 3724 gnu-r optional 
rjava_0.9-12-1.debian.tar.xz
 62c7cfe11cc89a40fe13668794f8ed78 10081 gnu-r optional 
rjava_0.9-12-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIVAwUBXno+kaFIn+KrmaIaAQgOEA/+KKqI+/YvJ5wrGmlt1VcI0t7cfjP6WI1V
Z/gDWt9tclCGYxNwklSY7kAJnm+fX6+1hjIN59CHj5Ssu5oxmYoASsD1rcnsNBWs
eCT0yXe2mmKCfhAjr1we0Nqqw9vgXQeH/E7cAZjyB+41C+syaVVcuXBS5CCI82DK
7k3CV10QLpMtwX/XgK6MKzHd9rNrxq+COb3PZV5kIRNfm+IZjbsXQgytUVMXJAju
Epy7+8/zr5cFqfnOvsh1jg1UpaqRpAOAQMMS45of2JP9mwRQo4luz3XyCsvoJrlP
t+EB8gktYFN80IC98DmgQxPR7Hy3K2Fu2J2ZWjNjpdY/55t0BmXACal9qgN1CbAj
+wfTxtENFIiZGtD7fsBI/VJJRpBeAgwfRsTlaPkdaZsJy9WgNza20pCDtPZs6HTs
BwSuFp0XSnvxhszQPFTcYwAVwNr5/YMLJAofUrWu+/66uhJ8kb1eLK5MmZmsYaDB
WaMGOcIqgQEE5V5KBBw+wK+m+dHXNJntg6BsiSCaqVWeA2MmIHWmA4ErnXZYOXer
81lViJQopP5QwaEy7mRoauXYytkakmONOIQFgWWhcLsW/wgsd/llmPemiEogBboN
KPzpcK66c/xU19bOVsatUyibgDMSmzheWTb+vnQwvSwSTA6T4LiHC3fG5H0WcDp4
TEJdnQ4mqac=
=myZ1
-END PGP SIGNATURE-

Accepted rpy2 3.2.7-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 22 Mar 2020 12:52:00 -0500
Source: rpy2
Architecture: source
Version: 3.2.7-1
Distribution: unstable
Urgency: medium
Maintainer: Dirk Eddelbuettel 
Changed-By: Dirk Eddelbuettel 
Changes:
 rpy2 (3.2.7-1) unstable; urgency=medium
 .
   * New upstream release
 .
   * debian/control: Set Build-Depends: to current R version
Checksums-Sha1:
 def79232b3e0a8ab71a4bbdcecf8efe5eb66ae16 1878 rpy2_3.2.7-1.dsc
 05ad6e4a8c4912a5bc8b403f1772f5e04d4ec173 162921 rpy2_3.2.7.orig.tar.gz
 644527d2b9e74caef113cc829d52706a54fc1af1 13488 rpy2_3.2.7-1.debian.tar.xz
 1f8337392e701e3a144f0328d5bae361f69c7e7c 9683 rpy2_3.2.7-1_amd64.buildinfo
Checksums-Sha256:
 d3e03f52d5947740aae0b84bd30d6ede036f7dcf5370a5208d51897a447e08b4 1878 
rpy2_3.2.7-1.dsc
 db9c71eec3c91f44373839c24a1888a3999f2f342300e8e696e5dcc047d3df6d 162921 
rpy2_3.2.7.orig.tar.gz
 f93605ecdb87cf461033ae2917a7c1c5a8d14da870950ca84fe38a42361fde38 13488 
rpy2_3.2.7-1.debian.tar.xz
 5fe81b8999e736aced57b5bbffa1d2aa61cbbee811bb527926c775b466d66784 9683 
rpy2_3.2.7-1_amd64.buildinfo
Files:
 c25e7232e0e3c15c7b889e08c0d0fd45 1878 python optional rpy2_3.2.7-1.dsc
 eaa65c233eb2d60678dabe2b58894aa4 162921 python optional rpy2_3.2.7.orig.tar.gz
 271f1b934c6ebd2135de0c634bdbb368 13488 python optional 
rpy2_3.2.7-1.debian.tar.xz
 b5be5913ca83ddba178d7723adcfce29 9683 python optional 
rpy2_3.2.7-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIVAwUBXnemuqFIn+KrmaIaAQhh/xAAkMTK6yniZhHrwvM265+rRI15wWMab9Ik
IjAJ8VZG5/oQDHhrsD3MD8ET803XIJVNaSwzlFO2Zn1dna/0nQOIY/UneAzG7hlS
vw/7JPlsCNDH8+K980g23VyxBvKtO7JdngzUbYhKUu6VJg5CUXe37Q9ode+C2zCg
ECOtt64ZJopnys9TfyPbDLZv8I/qtL/URZ3zcTZ7dL3Z4+Xhqca+Dgz2ccut3F6t
T70birCCwG/9OwnlCsp4WuemMYbOW63T9L2BbgwG8qMxNUZpiiyy4YD3ZMwwaIP9
aiNib9biqYVoEAjXHkLAIrz2mnGmlFq94aOdUQOSM3xAyiqcvJCr+Jh1kxi/kzXU
FA6adduMa0kudP1W7WGAqK11FJ729JtST+ZvdsQ/V/G/3sEFrHIerXbw2HrwO7Q8
ewVVrPE/GCg1GAh0ZxTWQHc9srPBGZnBybKSB+0UMy1rkMbng8ipRG9SBAAmkvHY
ms2c/PpOTpGOjOoZ5o3Rwa/IAknh3PInX/sNjd9aWjdxpzemvNMyRBjeC2onWxXP
DnQAzMEAo/n+G+CrtvrI7zbeJZRhWr7m7EtRajqNolgCqPjmaFFa1FCT+fBk/rtM
6DSwjeGyf70rrmVSK8FqCyKYDPkyeQyRTwLJajNbATv0qz8drhcXcPIVL9IahpXz
5k0yxALoGUE=
=1ZU/
-END PGP SIGNATURE-

Accepted hgsubversion 1.9.3+git20190419+6a6ce-4 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 18:19:51 +0100
Source: hgsubversion
Architecture: source
Version: 1.9.3+git20190419+6a6ce-4
Distribution: unstable
Urgency: medium
Maintainer: Andrej Shadura 
Changed-By: Andrej Shadura 
Changes:
 hgsubversion (1.9.3+git20190419+6a6ce-4) unstable; urgency=medium
 .
   * Enable building with Python 3 only, alternatively depend on
 python3-mercurial.
Checksums-Sha1:
 5f6e77b7fe7dc5f478a6d0c7d5be89cd09fb0a5d 2016 
hgsubversion_1.9.3+git20190419+6a6ce-4.dsc
 b6faa1fe17534552acca6482612c6a925f8e29fa 4664 
hgsubversion_1.9.3+git20190419+6a6ce-4.debian.tar.xz
Checksums-Sha256:
 50a119ac8e0f2a2225a4cbeaeb2d02215d94934104f7927017eb481545108f49 2016 
hgsubversion_1.9.3+git20190419+6a6ce-4.dsc
 fa094ae2feceb5a5203bb43dcb532046700f5635c6ea5301faf756ce290d041c 4664 
hgsubversion_1.9.3+git20190419+6a6ce-4.debian.tar.xz
Files:
 00e8fc095670047115c991f2e98b427a 2016 vcs optional 
hgsubversion_1.9.3+git20190419+6a6ce-4.dsc
 822ffe139ec7a5b608675d8e34e9f6f2 4664 vcs optional 
hgsubversion_1.9.3+git20190419+6a6ce-4.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAl56QWkACgkQXkCM2RzY
OdKVSgf/S+wU3KiOIra0kPf2v551ABAIap2gUaTi03BMtIfdq993hsBOquYcNq4S
lcFJKKP8LdpTvtwXfzJ6If/DnBLytkyR2kGGrmygOJmsKzyiayQaSitaKFE7wQFT
Hk5oJiQOHRbrv4ladwc3fKa/8jRNPNX35c3O6bWpzBvOelwu9w+z23vMJO+cXPD+
w4cWO0WkorZDcoJabsV/ZivhuLtsVZmPaGXrIBioU7AfJhg8tDZchXFjrwNxZrG2
r5+Kz0zgL54ncT2Xolo04CR+s40e1GiWVON2q+K/tJGnDEAUIjxIcR7WAUOpkaxp
xbH4FB2JZzk09KogJ6xBg9UmVHGxYQ==
=gVYr
-END PGP SIGNATURE-

Accepted hmisc 4.4-0-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 12:01:04 -0500
Source: hmisc
Architecture: source
Version: 4.4-0-1
Distribution: unstable
Urgency: medium
Maintainer: Dirk Eddelbuettel 
Changed-By: Dirk Eddelbuettel 
Changes:
 hmisc (4.4-0-1) unstable; urgency=medium
 .
   * New upstream release
 .
   * debian/control: Set Build-Depends: to current R version
Checksums-Sha1:
 e065235f2c12c520a15f52fe054c283d2500b694 2109 hmisc_4.4-0-1.dsc
 adc446daef4838a465f118788bc21efc3fdd033a 744545 hmisc_4.4-0.orig.tar.gz
 28d3184f0481dfa490e846de076718fd59bbb517 5100 hmisc_4.4-0-1.debian.tar.xz
 b9a121562807fe2b6da052d0b371a5b219abace7 11265 hmisc_4.4-0-1_amd64.buildinfo
Checksums-Sha256:
 dc5101b265690faa53848f1a0d465bd9565bd451e0fc15fede71f5876e93ee80 2109 
hmisc_4.4-0-1.dsc
 f16ecf4c5ee2202d51f426282a54f8000ffa8b9747c3e910205f34f878556ec7 744545 
hmisc_4.4-0.orig.tar.gz
 52c314b5737932591c74c26bb89cf091231354089d294433d0de06d118b877b6 5100 
hmisc_4.4-0-1.debian.tar.xz
 78ed24c65946eb46d725cfbf5d14b723d78b11f8646ce87510c5e050c6650817 11265 
hmisc_4.4-0-1_amd64.buildinfo
Files:
 c7db70e50b083cebba8b9b008ba3d83a 2109 gnu-r optional hmisc_4.4-0-1.dsc
 c323fbc70a96c78be46aa13a79c48048 744545 gnu-r optional hmisc_4.4-0.orig.tar.gz
 7bd6110c5f2f45d6b799320347f9a6d2 5100 gnu-r optional 
hmisc_4.4-0-1.debian.tar.xz
 b5a5982ee3a4fa4f9d7650c1928e787c 11265 gnu-r optional 
hmisc_4.4-0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIVAwUBXno9iaFIn+KrmaIaAQi+Kw//SChqyVy6b2FspSCvOhh5q9+loFsd9EKG
o7oLMbBGu+kPGRgqY+8D/wxzjrv4wbkyLSUEydMcKGExJIfzpUlGHAJKhVukZ/Ux
1Yoe7gVk+Y3pwDe41/6dfGt7u9IXvqZ3gFHR+r9HOqU0EaRlr6mGTO9SFsOZnEdo
0DegJUr2kSNQJjpluBhkH6K1B2R9eIS52RPHHlCUXvu0C5eHo/AMXDIegc6EkE67
eRv8YS5QrdzE9ExoFyNIwkHYe4NYQayU3oRW8a5cCkdhJWQwIPaxSwf9pDXQ6jx0
tVXiEf4OzVauymrkniychV1GPlcO5CpUcUgyMDqR65zbwupB15yIaHq3GPHj2TcU
I3MSOjfOXflNpQDO9da6XHGHBOrYr/Pyh5mfA6LINbku0mOReTLT1MwkWEye2C3p
pxS07j1Y0b7k6l6+QXSXRiirtnObCaX1u5hNcKQNh209uOJfMbLjcfpIx4oLtZCO
n4kZwNKnjx+fgEOA+w6FisuEBe9ouYcsTzyIP90jZFbk8lRhztuf4m9+172kPeDt
U7F1bk2gPfAghHWKlWIsZyD9de+Q4+AuL4VGpHuoOxkvxi9hvxrHN0rX1N9AXih7
IciplfoEFBKVtR+wYXBA9gw6FBTHwAX5NT25nnVr4hc7p9Ygtfr0p4jkJPgJWczi
GAb/MGcPXUM=
=/t3v
-END PGP SIGNATURE-

Re: email backend for fedmsg

2020-03-24 Thread Peter Silva 
MQTT is the best thing going for interop purposes.

On Tue, Mar 24, 2020 at 1:20 PM Jeremy Stanley  wrote:

> On 2020-03-24 13:09:35 -0400 (-0400), Peter Silva wrote:
> [...]
> > We could talk about the merits of various protocols (I see fedmsg
> > uses ZeroMQ) but that is a deep rabbit hole... to me, fedmsg looks
> > like it is making a ZeroMQ version of a broker (which is a bit
> > ironic given the original point of that protocol) trying to build
> > a broker ecosystem is hard. Using an existing one is much easier.
> > so to me it makes sense that fedmsg is not really working out.
> [...]
>
> In the OpenDev collaboratory we added an event stream for our
> services some years ago using the MQTT protocol (a long-established
> ISO/OASIS standard). I gather there was some work done to make
> fedmsg support MQTT as a result of that, so it might be an
> alternative to relying on ZeroMQ at least.
> --
> Jeremy Stanley
>

Re: email backend for fedmsg

2020-03-24 Thread Jeremy Stanley 
On 2020-03-24 13:09:35 -0400 (-0400), Peter Silva wrote:
[...]
> We could talk about the merits of various protocols (I see fedmsg
> uses ZeroMQ) but that is a deep rabbit hole... to me, fedmsg looks
> like it is making a ZeroMQ version of a broker (which is a bit
> ironic given the original point of that protocol) trying to build
> a broker ecosystem is hard. Using an existing one is much easier.
> so to me it makes sense that fedmsg is not really working out.
[...]

In the OpenDev collaboratory we added an event stream for our
services some years ago using the MQTT protocol (a long-established
ISO/OASIS standard). I gather there was some work done to make
fedmsg support MQTT as a result of that, so it might be an
alternative to relying on ZeroMQ at least.
-- 
Jeremy Stanley


signature.asc
Description: PGP signature

Accepted ukui-control-center 2.0.1.1-2 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 25 Mar 2020 00:17:13 +0800
Source: ukui-control-center
Architecture: source
Version: 2.0.1.1-2
Distribution: unstable
Urgency: medium
Maintainer: Kylin Team 
Changed-By: handsome_feng 
Changes:
 ukui-control-center (2.0.1.1-2) unstable; urgency=medium
 .
   * debian: remove the useless  postinst files.
Checksums-Sha1:
 153af7801b9d0300abc627ba37d56cf511842448 2344 ukui-control-center_2.0.1.1-2.dsc
 2960451e30b480906d0be1cadc1a77e1dbbdd149 2425892 
ukui-control-center_2.0.1.1.orig.tar.gz
 3e3cd10dcf7a4103c1466227f63b9875a4b3c07e 3004 
ukui-control-center_2.0.1.1-2.debian.tar.xz
 f37f5103d86a8925aa660c742c44148539868dae 17348 
ukui-control-center_2.0.1.1-2_source.buildinfo
Checksums-Sha256:
 9e18e272e5e25fff87c3802dc892461346656611e481e9f94ffb24fd104f5078 2344 
ukui-control-center_2.0.1.1-2.dsc
 4fc9e53e4b7037607839b1b40420e3c54e022ea548483a95c168a726c0c86c2c 2425892 
ukui-control-center_2.0.1.1.orig.tar.gz
 c96260174354aac8c0aa40a2b853f59aa4323d0298d88fc49e132cd11f6eb3b1 3004 
ukui-control-center_2.0.1.1-2.debian.tar.xz
 b5da97b98f1c7d4d40a72ccc74b61a6b67079a6c5e864e3c109a4b2f88a16979 17348 
ukui-control-center_2.0.1.1-2_source.buildinfo
Files:
 f81fb188d87bb50287a1131da8a8585b 2344 x11 optional 
ukui-control-center_2.0.1.1-2.dsc
 d7871a80bce41e7bb59a626f4efa34cc 2425892 x11 optional 
ukui-control-center_2.0.1.1.orig.tar.gz
 2219033e168f466cf44ba69bf3607a98 3004 x11 optional 
ukui-control-center_2.0.1.1-2.debian.tar.xz
 a0c521c8ea71958b02b156c1fb18429f 17348 x11 optional 
ukui-control-center_2.0.1.1-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJPBAEBCAA5FiEEhsgAHpUwnacZWWSCm7hQwBMRHwwFAl56NFkbHGppYW5mZW5n
bGlAdWJ1bnR1a3lsaW4uY29tAAoJEJu4UMATER8M1OoP/icNL2IjZpvMSMLqGG84
tvXOElcUaOEYR9Nl9cBO6kVaJfw/QNjaQISqwFvqD2sH8OPfu3EfdaHchzKQuFOK
uXTRcj2NSfbZ4L/axvBN70FmplfE+RNrVLSeYI56mxZyAE1XKxGnHZZlOWt8JB6H
ywG5bjbybbOPhG3l5zSMZc3kBS88A8oI8tXqKUwuzTUZ4xwMGvDcxYGDrpTZK18f
bv/WvX5SxLVK2Q0JrEz7rP0IFt+O00NxmlgjWPg5UYfdKlYn3Z1ZPoS2O+B/mBVK
rbuWiVsR95nLmnA7JkCs7CoMF1rKgRrHa70srOB3Ph3I1EyUtd+0hl8rGt3/oy0o
CmVXgzUGURQD+ldek5WdVMbbqMvQCxrR0Ne2p9P/77sfdyf0gIBUyeQnD/kTdjqz
7FO00SsS/b5B1CKllYkio1CQkvPdZfIl/bTZnWtgQ0EODo21r7d9sGkjn2Ph8qm8
HP65wLLLniF+GPYiUyB7eaXSXX+XCDNaLE4hQ8HZswlHo8hGbrHhEeTYmV+nG9c9
xtaDA6L6jW7H3nZL9o1q8s9WRo9/cAkjU2vfKqvXU87O5GyUyZWXS2iPviWucYfl
HJjmegkJak2mfBTaUtozM7zigxrs3Z4KyxARcxRaXAUEKZ8rjjmeEYccWaWgm7CS
ubO94TEMOn0JKwHm0b7sh8UB
=Q+h/
-END PGP SIGNATURE-

Accepted osmosis 0.47.3-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 17:33:41 +0100
Source: osmosis
Architecture: source
Version: 0.47.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GIS Project 
Changed-By: Bas Couwenberg 
Changes:
 osmosis (0.47.3-1) unstable; urgency=medium
 .
   * New upstream release.
   * Drop protobuf.patch, applied upstream.
Checksums-Sha1:
 2de831b3d1911bcb0307135c78e55821b54b5669 2464 osmosis_0.47.3-1.dsc
 72d0fbfcb2954b8060493f430edbae69f6e5 602903 osmosis_0.47.3.orig.tar.gz
 710ca55a7e4d5ebc2c32527204c3c33830505029 11608 osmosis_0.47.3-1.debian.tar.xz
 211b321df6e12afec162f66754281c4dabd19fe4 13564 osmosis_0.47.3-1_amd64.buildinfo
Checksums-Sha256:
 77b96306daf2f598c7eadf4af27ec7400ab13d75ec1d1ab93d3940ef73341788 2464 
osmosis_0.47.3-1.dsc
 72ac83188ff71277ee28b4a8946b8c49134477e2b571b1fa2e19181ba0183211 602903 
osmosis_0.47.3.orig.tar.gz
 a25b469fa1f16fabf9d773e3af9c13d46a36b998bbcc6594c29f68587355e7f8 11608 
osmosis_0.47.3-1.debian.tar.xz
 7b9b32fa3a355ac75f2f31dfd9844a7af8563cff84ee17ff38c9797df610016f 13564 
osmosis_0.47.3-1_amd64.buildinfo
Files:
 90f6717680d90fdaab3fe445c92474f2 2464 utils optional osmosis_0.47.3-1.dsc
 6b5420a5097d98e801662b7f69c1d08a 602903 utils optional 
osmosis_0.47.3.orig.tar.gz
 2ea138d4f48f39a2f78ae2f2deb7cfb9 11608 utils optional 
osmosis_0.47.3-1.debian.tar.xz
 c7153cd47701a7665f4e3c7c040b329c 13564 utils optional 
osmosis_0.47.3-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAl56N/0ACgkQZ1DxCuiN
SvHo7w//UJ66nvvJgkRw/heZqsbgJr/8OK8Kc/b8DRwPYH7MmNGWlfHEuYBmCXbO
9iaQAAbAdpKIUKq83DbURFyq1e9ujabl8aPyKyza1w3DvXoFLFN1oUen7MPQUVQU
dcIjYqMaVClcsEiybca8bC47QaycsVyHZbB0xft8OZNtqM2ZTpKHye9YlSjYYWa6
0WWEJjJypWUSsK8Rl82ipVul9oyheksiN+woZb0tlKTrYlHsbxKLh/EIIepGZYF/
Y0tigU91u9j4bf1sry5d6hNGltXYf0LKCQYrxQL9ksl/X/90JVk9mtMnj3ynW0vI
Hx5VTW5O4iLBU1aM/uF3ryDZh/uu3fOfUIXCCxo6hJAAwaZUTvNu3PkBQ0s89SQ0
7e2VN+6SXTvKtx9DdrtT6ln0GDtjXqaNcOGVvwWKBmeBXKRDtQX5L/5iNuFHDq3r
hEOOAUjJ54rtqeb8cjOINogxx1gGx7XQhHpnNt4eygMsbShlXGMUjbbZX1SsTXPx
kWeQA6gIoA/Hai0grClYw9rkOtVqh1JKEgQDEF5LfIK15JYHanWHaFpFgJRHyzTX
DtMcXkzThInRqKJO58/jwAkqfgGR8bqmVVJaTDCdQo5T4tGMJBUozQ4zLb49lZeV
KruvI84fesTuonAEp8MRpfZy2R6gSFYZTUwUDmXhWbJw9iS4k+Y=
=KkCL
-END PGP SIGNATURE-

Accepted nagvis 1:1.9.18-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Mar 2020 17:48:25 +0100
Source: nagvis
Architecture: source
Version: 1:1.9.18-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Nagios Maintainer Group 

Changed-By: Markus Frosch 
Closes: 788187 949387
Changes:
 nagvis (1:1.9.18-1) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * Trim trailing whitespace.
   * Use secure copyright file specification URI.
   * Use secure URI in Homepage field.
   * Bump debhelper from old 9 to 12.
   * Set debhelper-compat version in Build-Depends.
   * Set upstream metadata fields: Repository, Repository-Browse.
   * Update standards version to 4.4.1, no changes needed.
 .
   [ Bas Couwenberg ]
   * Add Bug-* fields to upstream metadata.
   * Add gbp.conf to use pristine-tar & --source-only-changes by default.
   * Add icinga2 option to configure its livestatus path.
 (closes: #788187)
   * Bump Standards-Version to 4.5.0, no changes.
 .
   [ Adam Cecile ]
   * New upstream release (Closes: #949387).
   * Add myself to uploaders.
 .
   [ Markus Frosch ]
   * [23754f8] New upstream version 1.9.18
   * [4fb1411] Remove dependency on php-php-gettext.
 Upstream has a vulnerability with CVE-2016-6175
 NagVis uses a patched version, which works since NagVis does not use the
 vulnerable feature.
 Once upstream fixes this, and it gets uploaded to Debian, we should
 revert this.
   * [b5df31f] Update config patch
   * [eb70f60] Document source of ExtNicEdit
Checksums-Sha1:
 56a0b2cfb6d4e6c4c61038019aa602b00b6527e9 1743 nagvis_1.9.18-1.dsc
 05986b3de178c60c5d6bbd915f6aa1ec7b61aca4 1813073 nagvis_1.9.18.orig.tar.gz
 e35fb9133ce7cec347a2cdf415833d0f0baee183 173656 nagvis_1.9.18-1.debian.tar.xz
 1db7cc16d5f29391c44ee20cf5233832569b28de 5570 nagvis_1.9.18-1_amd64.buildinfo
Checksums-Sha256:
 e43d61d958073a24ac7b1f3a0996cf12383fe5c17bf3190eb490f96f93d18942 1743 
nagvis_1.9.18-1.dsc
 fedf92d7e13ecc709a86884efe34152fa473ade1b13a79e8678da3ae98a4616d 1813073 
nagvis_1.9.18.orig.tar.gz
 1b8128d04326ef6be960fbe2e40f5941d38f05f7a68cf7ce1c318a678f36f412 173656 
nagvis_1.9.18-1.debian.tar.xz
 663ed9e7014006519f5c473af3b8647e5fc189c5ecb22b748abbe8fa2f6c2a6a 5570 
nagvis_1.9.18-1_amd64.buildinfo
Files:
 aa5165bc539536aefc3d4271011ca4f9 1743 net optional nagvis_1.9.18-1.dsc
 3bcc79438abfcf84ee58608833e9f2aa 1813073 net optional nagvis_1.9.18.orig.tar.gz
 3e06200d5e181a33d63b7a62da4ea653 173656 net optional 
nagvis_1.9.18-1.debian.tar.xz
 4f83ccf0297e7ca40c63d72e05cedd34 5570 net optional 
nagvis_1.9.18-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQEzBAEBCgAdFiEE51PRnEwqQtexjRSC8mFdmquYe24FAl56Oj8ACgkQ8mFdmquY
e27yjQgA0NzSR+qgl2pxuSJj5twAzdApQM04qKvaDkWoG81bJmRRjqYcUxIogjm5
7XnByBy4Td/xfoq/2dhy6Pg7d9fcAItQ8zGRZsjhLRDh1k2/iK1+o/yOBxMdt2M2
rLGd28ia0RKdp6LLv24069bdL5j43Z8b9L36My3vRna5Oy80mf6iOtaOWpzedUPv
S59XkmGWkQAkAW3CttbUViEmJvNy/mGQ7+HGMzuspLmir46MtZp9JQ7CRZIayUJ5
jTy2egxU24J74LbRUF7W9RZvUEQQhPAf/AKL29xgfiOMHDYQYHbCak+8FYW1QD8z
U387+BDeXEc1oL1jNEYHAYdc3H7zwg==
=iINr
-END PGP SIGNATURE-

Re: email backend for fedmsg

2020-03-24 Thread Peter Silva 
hi, totally different take on this...

We could talk about the merits of various protocols (I see fedmsg uses
ZeroMQ) but that is a
deep rabbit hole... to me, fedmsg looks like it is making a ZeroMQ version
of a broker (which is a bit ironic given the original point of that
protocol) trying to build a broker ecosystem is hard. Using an existing one
is much easier.  so to me it makes sense that fedmsg is not really working
out.

However,



I work in telecom for meteorology, and we ended up with a general method
for file copying (catchphrase: rsync on steroids*.) ( *every catchphrase is
a distortion, no dis to rsync, but in certain cases we do work much faster,
it just communicates the idea.) Sarracenia (
https://github.com/MetPX/Sarracenia) is a GPL2 app (Python and C
implementations) that use mozilla public license rabbitmq broker, as well
as openssh and/or any web server to do fastish file synching, and/or
processing/orchestration. The app is just json messages with file metadata
sent through the broker. Then you daisy chain brokers through clients.  No
centralization (every entity installs their own broker), No federated
identity required (authentication is to each broker, but they can pass
files/messages to each other.)

A firstish thing to do with it would be to sync the debian mirrors in
real-time rather than periodically.  Each mirror has a broker, they get
advertisements (AMQP messages containing JSON file metadata) download the
corresponding file, and re-advertise (publish on the local broker with the
local file URL) for downstream clients. You can then make a mesh of
mirrors, where, if each mirror is subscribed to at least two others, then
it can withstand the failure of any node.  If you add more connections, you
increase redundancy.

Once you have that sort of anchor tenant for an AMQP message bus, people
might want to use it to provide other forms of automation, but way quicker
and in some ways much simpler than SMTP.  but yeah... SMTP is a lot more
well-known/common. RabbitMQ is the industry dominant open solution for AMQP
brokers. sounds like marketing bs, but if you look around it is what the
vast majority are using, and there are thousands upon thousands of
deployments. It's a much more viable starting point, for stability, and a
lot less assembly required to get something going. Sarracenia makes it a
bit easier again, but messages are kind of alien and different, so it takes
a while to get used to them.




On Sun, Mar 22, 2020 at 8:24 AM clime  wrote:

> Hello!
>
> Ad. https://lists.debian.org/debian-devel/2016/07/msg00377.html -
> fedmsg usage in Debian.
>
> There is a note: "it seems that people actually like parsing emails"
>
> What about adding email backend to fedmsg then. Wouldn't it be an
> interesting idea? It could basically rely on postfix for sending
> messages, hence providing decentralization as well as high
> reliability. I think that amount of events that happen in distribution
> (like package update, package build) is never so huge that email
> infrastructure wouldn't handle it and also the machine mailing
> infrastructure could be optionally be separated from the human one if
> needed.
>
> So fedmsg would become a tiny wrapper over email that would just
> serialize and parse json data to and from email messages and check
> signatures.
>
> I am asking because I like the idea of distribution-independent
> infrastructure message bus that this project had.
>
> Btw. instead of json, yaml could be used so it is nicer to human eyes.
>
> clime
>
>

Accepted shared-mime-info 1.15-1 (source) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Mar 2020 16:58:21 +0100
Source: shared-mime-info
Architecture: source
Version: 1.15-1
Distribution: unstable
Urgency: medium
Maintainer: Debian freedesktop.org maintainers 

Changed-By: Emilio Pozuelo Monfort 
Closes: 954669
Changes:
 shared-mime-info (1.15-1) unstable; urgency=medium
 .
   * New upstream release. Closes: #954669.
   * Update watch file for gitlab.freedesktop.org.
   * Update build-dependencies.
   * Remove ancient patches changing the magic database. Those should be
 reported upstream if they're still present.
   * Switch to debhelper-compat and bump compat to 12.
   * Don't hardcode full command path in postinst.
Checksums-Sha1:
 5ff6fc689125daec697f49c2d8e025ab7a40e4f7 2198 shared-mime-info_1.15-1.dsc
 2579f9763a6efb31c6343408874051ed93646e94 772708 
shared-mime-info_1.15.orig.tar.xz
 28acacfdd312ffaf4890218de7e55a48101c134c 9728 
shared-mime-info_1.15-1.debian.tar.xz
 25d8f03b56ff8e42a6ae6172119cdd06f7797e38 5257 
shared-mime-info_1.15-1_source.buildinfo
Checksums-Sha256:
 dca6ea0156110b4a2694dd96a721d34ad4f42b51f3d3a20d0d711b77bde5115d 2198 
shared-mime-info_1.15-1.dsc
 f482b027437c99e53b81037a9843fccd549243fd52145d016e9c7174a4f5db90 772708 
shared-mime-info_1.15.orig.tar.xz
 02c4fa8b2b3073c745287dd0e00c69c9f1ba028c7c6496105e3ecdcc02d9f1dd 9728 
shared-mime-info_1.15-1.debian.tar.xz
 d2e9c2fe064310165d49c9192b637fa21c32310461ad5f6a8c468701562f270c 5257 
shared-mime-info_1.15-1_source.buildinfo
Files:
 f21908be3e13dbb66709650fb9f2283c 2198 misc optional shared-mime-info_1.15-1.dsc
 5215f3d679a817de97eb8b0b911e9393 772708 misc optional 
shared-mime-info_1.15.orig.tar.xz
 e6e892479b2a42f69ee185d97d527603 9728 misc optional 
shared-mime-info_1.15-1.debian.tar.xz
 e4b1cd744dd7d4cb71e428b055ec2c78 5257 misc optional 
shared-mime-info_1.15-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAl56LjEACgkQnUbEiOQ2
gwLNNxAA0WWLActnDNsRBVTgn+zjqASCQHUnskEx8d6E/Iw7ZDtybexjeCa2X0SS
jjDsMqIzkPGav28l8b2mv2A6Pg6zPZgYAwgHZl2MkUKJK7zHo2d1KpTUCqMyLOp7
xFF8+0Nl26jFo49BPH7fB1UIDcJ/CUQmZD9u6UyXEJe00RqbqkegRm7Kd8neD64s
J1id7kgDp3kqpcL8sfnPrDiCVnfvEs0SVsO/ININJjRV/zgxxqXCLXEAa3sHV0vE
omktfkbdAOTLg8K/oW9svZjel3Ztqpk+1KPbIrj99CdEL8ovdBlnNFwRbNMpgaJ+
8pjVYs18cAl8pE6GXHH67x0H/6Un4SFHsswObCTlwbBMVvN/HSz/1Ji2zkYPtS8P
SZ4riHdKHf46k6gtY+IzDHhC4gHAT+kbWscHLp2ASW42pvYM5LbohLwE6R9rft9Z
aoCpAGQ1Yvpr/fbYOabABMLrLpyf1XqRrBRBLOA5yvC2s3INPnSPz6oty9AxJ6Bu
g53+dmOWOWnXZIY2LGS8RwUI7FeQaa1yfMF/JF1GVgZL+S+CdsNjBgqa0IIZgOvk
CbXYd7IP8graC+WL+ytPkLkZAtXXvu1xaw3675/CRO1eum8q4k5iJ4H7sBT4tQsJ
YfOipa/4vz0Rq+U6ZGhe0MwMt3r9arOFiHr5WEJHo65TLrHpEEM=
=ET1m
-END PGP SIGNATURE-

Accepted python-flask-jwt-extended 3.24.1-1 (source all) into unstable

2020-03-24 Thread Debian FTP Masters 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 23 Mar 2020 16:02:13 +
Source: python-flask-jwt-extended
Binary: python3-python-flask-jwt-extended
Architecture: source all
Version: 3.24.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: Manas Kashyap 
Description:
 python3-python-flask-jwt-extended - Open source Flask extension that provides 
JWT support (Python 3)
Changes:
 python-flask-jwt-extended (3.24.1-1) unstable; urgency=medium
 .
   * Team Upload
 .
   [ Ondřej Nový ]
   * Bump Standards-Version to 4.4.1.
   * d/changelog: Remove trailing whitespaces.
 .
   [ Manas Kashyap ]
   * New Upstream Release (3.24.1)
   * Bump Standards-Version to 4.5.0
 .
   [ Emmanuel Arias ]
   * d/gbp.conf: Set debian/master as default branch.
Checksums-Sha1:
 5f5db09e57675dd6a1bc333c468403e232cc6e99 2323 
python-flask-jwt-extended_3.24.1-1.dsc
 d6032978be2e556fa3463f775232b28584ae9d1d 59311 
python-flask-jwt-extended_3.24.1.orig.tar.gz
 42060a6e566c201a0cbf758fea94351bd61f449d 2212 
python-flask-jwt-extended_3.24.1-1.debian.tar.xz
 479b54aa4cb0d622bbc88621cf3f35bb8c50993a 7142 
python-flask-jwt-extended_3.24.1-1_amd64.buildinfo
 7f30206aeb8c5357caad81085d14c5a1af2e5051 17520 
python3-python-flask-jwt-extended_3.24.1-1_all.deb
Checksums-Sha256:
 e116cbf5323af3dc5b5ddd3f5010248662c51e8f2ccc7e895efc84dd89345db5 2323 
python-flask-jwt-extended_3.24.1-1.dsc
 20ee6be73611a9071c21fce43c9634b044fcb0565767c7d94865eecd8c291d93 59311 
python-flask-jwt-extended_3.24.1.orig.tar.gz
 b17fb5ef147ddc8da34b0c05dd6f8016890a36a5ab45ac1b6050ab06f97bdfe9 2212 
python-flask-jwt-extended_3.24.1-1.debian.tar.xz
 0d59946cbc164a2af30575dc9acdf4cd2d5c4ffc1e8579cb2884aa9fc8527ce2 7142 
python-flask-jwt-extended_3.24.1-1_amd64.buildinfo
 ed5eab6a0007125297fa689ae49a599e00c0b00f6550b21301a17680b5245f8f 17520 
python3-python-flask-jwt-extended_3.24.1-1_all.deb
Files:
 f4c284ad5b63e28b31bed249df747fdb 2323 python optional 
python-flask-jwt-extended_3.24.1-1.dsc
 68f089d4cc2c0f1448ccb518c37f3fe3 59311 python optional 
python-flask-jwt-extended_3.24.1.orig.tar.gz
 382aa028153f2f9de0499a17e5709afa 2212 python optional 
python-flask-jwt-extended_3.24.1-1.debian.tar.xz
 25dc413125254f02686a4e44b3b60c10 7142 python optional 
python-flask-jwt-extended_3.24.1-1_amd64.buildinfo
 47ccde6010b9fdf8b4b5522be32fd305 17520 python optional 
python3-python-flask-jwt-extended_3.24.1-1_all.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEE3lnVbvHK7ir4q61+p3sXeEcY/EFAl56MpUACgkQ+p3sXeEc
Y/G/6A/9HWzdX5cnuGU+3ugVlZGsxmraKiZHMj7az3s6nu2eHb4VzGdHRVQeBYsz
Cl0Poukkyn1LZzKueNF2znqR56M1ejWKU2Xt1UNYd3qv/wwIzc9d+9LpeC43uUaL
00j9xxM5eYaNfBF+qbWxb7eEOLt/zjg+NMVr+m3Pz+n1tRdZpNYjy3SL3PpGdB+w
UzY7ZiIOUkxKbUjcikjnhbilMuX5GwjeYg9XcAOAT/hwpm4xV9OoWQNdjhaOlsmI
f2acmpMdwHetEmRGLmFxrru9m9nCDjTPMYryXG87eQ0USiSmwibNp2JAMMLcFeAl
YSLQfsGMUWkUEoEe9q6DaEsRQYNWu01F122kNYursi17xzXL6WDM0HlGLVsy7Fcw
LPNC0Iz35AQXsh7Fle+9TUB23KOzKUny96fOY1BFUr5BwB0qcswVor3Lo8Kot1re
RwIcTVFAeORh3E7rhuYOExh1JTRRsBJo+EWI7zG2g4hrjBhIuIMEbIt3vtw5DiCZ
HOiMuqQo13uLu5HBj0j50LQse7tE6Ps8odak1+NNQlBS0Oqzrvx1nq1rOJqqxmOH
SkylEXgeRv65j3pIIKp0HetgrBKWSk03PIWx1QtXX6lD3O4IQGZsdtzOf3ut16+t
wmeO8pRhWergjfEyWfi2fxzc8aZ8lllbNDSWA8JYKIx0ACMj5WE=
=9oZ5
-END PGP SIGNATURE-

  1   2   3   >