Re: Clarification for broken packages in IPv6-only environments

[Paul Tagliamonte]

On Thu, Nov 30, 2023 at 08:24:18PM +0100, Thomas Braun wrote:
> Now I would like to know if being able to run in an IPv6-only environment is
> a must have feature for any debian package?

I run an IPv6 only LAN on my home network, where I use `jool`, and
`dns64-prefix`+`unbound` to interoperate with legacy IP space. There's
no assigned IPv4 addresses for hosts on that LAN.

Most packages work fine IPv6 only -- but some things break once in a
while. Show-stopping breakage is rare and usually results in me filing a bug
report.

I have no idea what the project's stance is, but I don't regard this as
a particularly high bar, it tends to take some pretty heavy and gnarly usage
of legacy api surface to render programs show stoppingly broken.

  paultag

-- 
  ⢀⣴⠾⠻⢶⣦⠀   Paul Tagliamonte 
  ⣾⠁⢠⠒⠀⣿⡁  https://people.debian.org/~paultag | https://pault.ag/
  ⢿⡄⠘⠷⠚⠋Debian, the universal operating system.
  ⠈⠳⣄⠀⠀  4096R / FEF2 EB20 16E6 A856 B98C  E820 2DCD 6B5D E858 ADF3


signature.asc
Description: PGP signature

Re: armhf NEON exception for chromium

[Paul Tagliamonte]

On Fri, Sep 15, 2023 at 12:18 PM Andres Salomon  wrote:
> So my proposal for chromium is this:
> a) Enable NEON for chromium's armhf build.
> b) Add a check in debian/rules for 'neon' in /proc/cpuinfo's Features: line, 
> and fail to build if NEON is not present. This should ensure that any buildds 
> or downstream builders don't waste resources configuring/building chromium on 
> a non-NEON board only to have it fail somewhere in the middle.
> c) Using the current shell script wrapper for chromium (which already checks 
> for things like SSE3 cpu instructions on x86), check for NEON support at 
> startup by also looking for the string 'neon' in /proc/cpuinfo; if NEON is 
> not supported, print an error message and exit before launching the chromium 
> binary.
> d) Ask the buildd admins to restrict building of chromium from any Armada XP 
> buildds, which appear to be the only armhf buildds left in rotation that lack 
> NEON support. If they are unwilling/unable to do this, then I'll have to play 
> the giveback game for armhf (step right up! everyone's a winner!), which I 
> often end up having to do currently because the 2-3 day armhf builds will 
> sometimes hang/crash halfway through.

This seems like a very good idea to me. I doubt anyone running
chromium on an armhf at this point would try to do so on anything that
doesn't support NEON. As a user (and developer targeting armhf) this
seems like a win for users, IMVHO.

  paultag

-- 
:wq

History doesn't repeat itself, but it often rhymes

[Paul Tagliamonte]

Hello, Debianites,

Allow me, if you will, to talk a bit about something that's been on my mind
a bit over the last handful of years in Debian. It's something that's pretty
widely circulated in particular circles, but I don't think I've seen it on
a Debian list before, so here's some words that I've decided to put together.


I've intentionally not drawn lines to the 'discussions' going on (or the
'discussions' in the past I could point to) to avoid getting dragged into more
thrash, so if you reply, please do try to keep this clear of any specific
argument that you feel this may or may not apply to. This is a more general
note that I think could use some thought from anyone who's interested.


During World War II, the OSS (Office of Strategic Services)[1] distributed a
manual[2] (the Simple Sabotage Field Manual), which was used to train
"citizen-saboteur" resistance fighters, some of whom were told, not to pick up
arms, but to confound the bureaucracy by tying it up with an unmanageable
tangle of "innocent" behavior.

While no one is working within the Debian community member attempting to
subvert us sent from the shady conglomerate of nonfree operating systems by
following this playbook, this playbook is an outstanding illustration of how
some innocent behavior can destroy the effectiveness of an organization.  It's
effective, precisely *because* it's not overly malicious, and these behaviors
-- while harmful -- are explainable or innocent. Section (3) covers this in
detail.

Most of the OSS Simple Sabotage Field Manual covers things like breaking
equipment or destroying tanks, but section (11) is "General Interference with
Organizations and Production". I'm just going to focus here.

Let's take a look at section (11):

> (1) Insist on doing everything through "channels." Never permit short-cuts
> to be taken in order to expedite decisions.
>
> (2) Make "speeches." Talk as frequently as possible and at great length.
> Illustrate your "points" by long anecdotes and accounts of personal
> experiences. Never hesitate to make a few appropriate "patriotic" 
> comments.
>
> (3) When possible, refer all matters to committees for "further study and
> consideration." Attempt to make committees as large as possible -- never
> less than five.
>
> (4) Bring up irrelevant issues as frequently as possible.
>
> (5) Haggle over precise wordings of communications, minutes, resolutions.
>
> (6) Refer back to matters decided upon at the last meeting and attempt to
> re-open the advisability of that decision.
>
> (7) Advocate "caution." Be "reasonable" and urge your fellow co-conferees to
> be "reasonable" and avoid haste which might result in embarrassments or
> difficulties later on.
>
> (8) Be worried about the propriety of any decision - raise the question of
> whether such action as is contemplated lies within the jurisdiction of
> the group or whether it might conflict with the policy of some higher
> echelon.

I won't go through each of these point-by-point since everyone reading this is
likely sharp enough to see how this relates to Debian (although I will point
out I find it particularly interesting to replace "patrotic" here with the
Debian-specific-patriotism -- Debianism? -- and re-read some of the more
heated threads)



I have a theory of large organizations I've been thinking a lot about that came
from conversations with a colleague, which is to think about an organization's
"metabolic overhead" -- i.e., the amount of energy that an organization
devotes to intra-organization communication. If you think about a car
manufacturing plant, the "metabolic overhead" is all the time spent on things
like paperwork, communication, planning. It's not possible (or desirable!) for
an organization to have 0% overhead, nor is it desirable (although this one *is*
possible) to spend 100% time on overhead. I think it *may* be possible to get
to above 100% overhead, if workplace contention spills out into drinks after
work.

All of the points in the OSS Simple Sabotage Manual are things designed to
increase the metabolic overhead of an organization, and to force organization
members to spend time *not* doing their core function (like making cars,
running trash pickup or ensuring the city has electricity), but rather, spend
their time litigating amongst themselves as the core function begins to
become harder and harder to maintain. This has the effect of degrading the
output/core function of an organization, without any specific cause
(like a power loss, etc).

I'd ask those who are reading this to consider how this relates to their time
spent in Debian. Is what you find something you're happy about with a hobby
project you're choosing to spend your free time on? Are you taking actions to
be a good participant?



To do a bit of grandstanding myself, do remember that it's not just your time
here -- when we spend significant resources litigating and playing bureaucracy
games, we spend 

Re: Debian package manager privilege escalation attack

[Paul Tagliamonte]

> The focus of the article is "sudo access *only* to apt". When we talk
> about unrestricted sudo access it doesn't even make sense to talk about
> privilege escalation because unrestricted sudo is by design a privilege
> escalation.

Similarly, sudo access *only* to bash enables execution of loads of things.

Hand-installing a user-provided deb could do things like put suid root
binaries on the filesystem, too.


  Paul

--
:wq

Re: Modern best practice packaging tutorial?

[Paul Tagliamonte]

On Tue, Nov 19, 2019 at 11:14 AM Xavier  wrote:
>
> Hi,
>
> Here is a JS tuto. Some things are available for other teams: 
> https://wiki.debian.org/Javascript/Tutorial

Very useful, thank you! Do you know how representative the JavaScript
team is of Debian writ large
these days? I understand each team has their quirks, but is the
average collab-maint style
package maintained this way?

Thanks, Xavier!
  paultag

>
> Cheers,
> Xavier
>
> Le 19 novembre 2019 15:57:59 GMT+01:00, Paul Tagliamonte  
> a écrit :
>>
>> Hey -devel!
>>
>> I've been less active on the packaging side for a while; has anyone
>> written up a modern packaging guide covering salsa best practices,
>> gbp best practices, and the commonly accepted strategy for tracking
>> upstreams (still uscan or are we doing something fancy with branches?)
>> for new packages?
>>
>> Much love to everyone!
>>   paultag
>
>
> --
> Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma 
> brièveté.



-- 
:wq

Re: Modern best practice packaging tutorial?

[Paul Tagliamonte]

On Tue, Nov 19, 2019 at 10:53 AM  wrote:
>
> Hi Paul,
>
> I gave a talk on this as the SE Linux Fest in Charlotte earlier this
> year.  My presentation, notes, and sample project are here, in case
> that's helpful:
> https://bitbucket.org/elimtaft/debian-packaging-from-scratch-demo-project/src/master/.
> Good luck!

Thanks, Eli!

I've been doing things this way for about 10 years or so, I'm very happy to
do the dget/dput dance, or package something using a debian directory
I build locally - do you happen to have any talk materials about
specifically the
modern Debian way to use salsa, gbp best practices, and the commonly accepted
strategy for tracking upstreams on those git repos?

I don't want to package something in line with best practices from 2015 by
mistake :)

I've been out of the game so long that I'd be tempted to fall back on my
workflow from years ago.

Thank you!
  Paul


>
>
> Sincerely
>
> Eli
>
> --
>
> Eli Taft
>
> Partner, Senior Software Engineer
>
> Quoin, Inc.
>
> www.quoininc.com
>
>


-- 
:wq

Modern best practice packaging tutorial?

[Paul Tagliamonte]

Hey -devel!

I've been less active on the packaging side for a while; has anyone
written up a modern packaging guide covering salsa best practices,
gbp best practices, and the commonly accepted strategy for tracking
upstreams (still uscan or are we doing something fancy with branches?)
for new packages?

Much love to everyone!
  paultag

-- 
:wq

Accepted golang-pault-go-macchanger 0.0~git20170902.0.0252df5-1 (source all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 03 Sep 2017 22:09:53 -0700
Source: golang-pault-go-macchanger
Binary: golang-pault-go-macchanger-dev
Architecture: source all
Version: 0.0~git20170902.0.0252df5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-pault-go-macchanger-dev - library to change MAC addresses on Linux 
systems
Changes:
 golang-pault-go-macchanger (0.0~git20170902.0.0252df5-1) unstable; 
urgency=medium
 .
   * Initial release
Checksums-Sha1:
 467530533be5793417408431b69df3fc7bc26582 2366 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1.dsc
 db19b97841d27129a347d61d45d528131ca58da5 1556 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5.orig.tar.xz
 58cea077bfccff13ce6d438cacd29496c025ec68 1864 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1.debian.tar.xz
 a9fd54d0086834a40dca0c53407659ac89f33595 2768 
golang-pault-go-macchanger-dev_0.0~git20170902.0.0252df5-1_all.deb
 7f6d7149c893c36c06d2f77736e5f4bdceeb7324 5757 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1_amd64.buildinfo
Checksums-Sha256:
 460645e2e89c3e41eb69904961cece09c6dd1b14decc58226f9732ef253026f9 2366 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1.dsc
 ee6ba7174b2d6d5b8e2fa66db9ffdbeb3ef0b1a53694c200f42a030b02b38ca5 1556 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5.orig.tar.xz
 7e7aa83ce65c7e378840903b8911709d4a0ec44ef5e79a6e9411450227fae0cf 1864 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1.debian.tar.xz
 769b9db8991aafd277740e6922cbc484b8d6570d9e4efeee59ed3902256a3124 2768 
golang-pault-go-macchanger-dev_0.0~git20170902.0.0252df5-1_all.deb
 1d3cbcb2de869090e07c5d8059fdd81dfb7ce190684932677a88fbcb68ea0966 5757 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1_amd64.buildinfo
Files:
 ab7bb959b5bc74c4905871ac2665a51e 2366 devel extra 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1.dsc
 01a32f644759495d1bfdd6ea6ecfc6bd 1556 devel extra 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5.orig.tar.xz
 2314b30f50a705a5a474ab19353e456b 1864 devel extra 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1.debian.tar.xz
 d62a63af4efb219e894d82e60976dcaa 2768 devel extra 
golang-pault-go-macchanger-dev_0.0~git20170902.0.0252df5-1_all.deb
 2bf1ea33c6d0862beb1854e43161bd6a 5757 devel extra 
golang-pault-go-macchanger_0.0~git20170902.0.0252df5-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAlms4nMSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3U8ZcP/2Z/ORxfzhx5piVSOoy5PSo3fUNDThVM
4MbiAJClQXaLi0fDqMMGe8WCr7DXGCJ9Je6dc37iQRtv6EL/rAzXYoXszllZ7Jhv
wvUjcLp/9jnFvHGkiqzTPa/31zQZGpjFxNvwgZvifbi12gzD2VrDw0DAl5ENZny+
zaevZ9Nbum9MreX9wu5/uWE6/AllfZGovPgFwSw3FqNpzboloA4ZB3/ajM1GxEoA
UV8DGUEhoCyHqgpFHxMencYgt2XtkkNetaW5q32Ugq2O/pPuFng78rAuOPzdpDPb
cOvXNZRT9awFPvKy14OjdGTyzWUAg9bDYUfw2/r9bFt2Q3SlYH+Q/8YQplmHU51Z
NP8jkH2Pwo5N3JAVFkcpHtBPKO7RwWQHA5IGGcizIczTcHRxWAqv8IOnSqUdQx9E
lNGHcC2tMYNTHiNSqiDaUsQKUMgGdnEmLTWOCqnnXnLxeacAuJiYBh7Ge2QgZB5e
j+/rmjqTCkjnAa+esgrcHqb66YrSSdyIzTB7/iUfjmYFbYjD8IVKBgtnYn2g550r
zPsfVnijD/Y8G+fbwGd/RqeE/+DvB6ahmGRZf6KJlcvdFaJUfR9PBXGJR3dV9v2s
nOFMxyLUxYIpWWsLXwKvBGbcCDyx4ITn2xraMiGyvUKV12KjY/+N28lWa3SMTiwQ
yib/fnA7Sc0A
=5Fa9
-END PGP SIGNATURE-

Accepted golang-dbus 3-2 (source) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 08 Aug 2017 20:16:48 -0700
Source: golang-dbus
Binary: golang-dbus-dev
Architecture: source
Version: 3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-dbus-dev - Go client bindings for D-Bus
Changes:
 golang-dbus (3-2) unstable; urgency=medium
 .
   [ Paul Tagliamonte ]
   * Team upload.
   * Use a secure transport for the Vcs-Git and Vcs-Browser URL
 .
   [ Tianon Gravi ]
   * Update Maintainer to be the pkg-go team proper
   * Remove Built-Using from -dev package
   * Update Build-Depends to use golang-any instead of golang-go
Checksums-Sha1:
 9a19d6245aafa3740c2b7de0fd2260503bd0ac43 1991 golang-dbus_3-2.dsc
 aa0658fa36a14f6690b0b06b45db1230030fe9d4 43672 golang-dbus_3.orig.tar.gz
 56708231742e84eb7020096c734762c3b35a9c2a 3552 golang-dbus_3-2.debian.tar.xz
 0752c681b6a5551ebd2870789445af56dbe17620 5684 golang-dbus_3-2_source.buildinfo
Checksums-Sha256:
 db6a6cee0a6896ebeb44d315201234f9cb74888538bd39717c2e00b1404df682 1991 
golang-dbus_3-2.dsc
 c08fea6ad70c14a55088533865dfc7680c4d1cb9c1b0f48a3e3b8630bcf484f4 43672 
golang-dbus_3.orig.tar.gz
 a8836fb1168d4dc5be4b752fd602c830bcf706e8ceb2704a3b5eca8bc91b5c8f 3552 
golang-dbus_3-2.debian.tar.xz
 e3651cb0a4dabbd73ed4a2a623c5c2cacae66a7cef0e67ae4cb939ef904a93ce 5684 
golang-dbus_3-2_source.buildinfo
Files:
 6514af0ba560cf627d362258c136f55f 1991 devel extra golang-dbus_3-2.dsc
 65437268cb4303ecf75632a8947456a1 43672 devel extra golang-dbus_3.orig.tar.gz
 c48e6b7361171cc2af4d9b2f602a2167 3552 devel extra golang-dbus_3-2.debian.tar.xz
 e3f419ab43e2acb7615731861380a5ee 5684 devel extra 
golang-dbus_3-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAlmKf0MSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UQqAP/3N7iwy7cluuJPlsycMqFGl+GrOJuSUE
lSFs1Yu9ZNgyvyqtqB8iAHtr6JvUOBWW3CbuT41pZdUg3vGoyiKKp89pfGL42rAr
WDx8OVGYs2VLfo4NDw/k38tbIIWre2rJ8mfReM3NNFxGKEVXEEqUhtv3hCOz7er5
vtwk4xihtt+IjgujCY/omgYGxay6aTEEsTffJTFHo3akJ/F8QH8w2grOhbV4CVfj
8Wh2HAjdY0GzTQhiJK6iX/rknny9cjEyV6RLWTjZGk/ptRTm0JNs3deZ8ix7KyXJ
cxv350S4eylcZjAwI8+++kuDImVCjdw/4yXW5DTIv2SFjNLqiRyVdugW/dWzbXy/
pdv/G9Ji0DgW2zXeO4mNokgfggNwgo4UhSs8U8OLYObpeqD1OL7e3SrBk2y0fsoD
3M2cmaIRoXfGA8UJ+2Uf0YueT3fTmu4bp0sZSbp4zwtQZNVU727/Khzazu8DDoXB
c3xKqwtnatPH6ez9Gn5JwRQmWZ7e9quxKg8ueDgHQ8zjRCb0/VpU5vTXY6QUCYrt
Ur6Tn46KXRUMOfvRPIGvgZ38zOsc3b8Zqn4TLPZ9jJ1/BkO/Wx8NDaPBSJflii3V
lnl6jGKtmMdvaZUNQaCFcwZS/ptNw7tR2J3PA9BgxHG4U4RH3Qj/mOZkNjiXXSy/
iaUkMsNT7o07
=iqnK
-END PGP SIGNATURE-

Accepted golang-context 1.1-2 (source) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 08 Aug 2017 20:04:45 -0700
Source: golang-context
Binary: golang-github-gorilla-context-dev golang-context-dev
Architecture: source
Version: 1.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-context-dev - Transitional package for golang-github-gorilla-context-dev
 golang-github-gorilla-context-dev - General purpose registry for global 
request variables
Changes:
 golang-context (1.1-2) unstable; urgency=medium
 .
   [ Paul Tagliamonte ]
   * Team upload.
   * Use a secure transport for the Vcs-Git and Vcs-Browser URL
 .
   [ Tianon Gravi ]
   * Update Maintainer to be the pkg-go team proper
   * Update Build-Depends to use golang-any instead of golang-go
Checksums-Sha1:
 02d684b67d4861ee0de5a1ef664a470f3c9d227b 2160 golang-context_1.1-2.dsc
 465d465c9546d81b81b87302bf771e646b61c6ae 4368 golang-context_1.1.orig.tar.gz
 3e40d195bb14ace60a5bc4effad8677943263247 5020 
golang-context_1.1-2.debian.tar.xz
 ec2778b47e234edcea45df1091ea24c88bea3c6e 5276 
golang-context_1.1-2_source.buildinfo
Checksums-Sha256:
 b02019351c2e4cace8fdd1288acf080bcfd22b60fab8701078a364e5d1028928 2160 
golang-context_1.1-2.dsc
 12a849b4e9a08619233d4490a281aa2d34a69f9eaf85c2295f5357927e4d1763 4368 
golang-context_1.1.orig.tar.gz
 0a6c901fcefbe49efa02cdc867d7b40a21564fc909a43518666863b2f2f75c74 5020 
golang-context_1.1-2.debian.tar.xz
 cef0aeb5e8809e418ea5231b23baada6fcf9db0c566e69567b40e29cb2f9127e 5276 
golang-context_1.1-2_source.buildinfo
Files:
 c39bfe3f9941cc66ba3112f954d75437 2160 devel extra golang-context_1.1-2.dsc
 990183c4f2d317c0bee3c6a54d7d9704 4368 devel extra 
golang-context_1.1.orig.tar.gz
 1d6448fb7f012b7b63259f2d9b9f5e51 5020 devel extra 
golang-context_1.1-2.debian.tar.xz
 5c836b78236c30e83338bdd93128d9af 5276 devel extra 
golang-context_1.1-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAlmKfIwSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3U8aAP/Rv47rNs+jwSNy91E2g8Hh71dgQRD0Zs
b9MbHd5TKAU+cwTUrmqoUIlo0xmHybS38jPLKx14IKJ4OgcfBpgtanbsJc8CJOXa
DkbOvN/Nd9eeHtieyca3UKRtmk/bGume5ricf05oG5jOuvXs1x3Z/rj4paCDMMr0
fSTFm0crB3wwLRNR2Svwjs0+UF4ndpfhKF17UeSXP8Ga9F8W8d68w+1P/B17mOss
Qki5V0AmGougvKCYAF/pwIuvWITagy1rFHqLpK1TSB7iC82X9ZFM5qH67J5gIuVQ
1VU2M9XV+iTg59m0Om0JVtSdKhjUgUXxuZ0JlGdTXxeQUG8mpkxffKLYo0qNL5Gk
POrjng1eWrrQ953jDSQggAjfnzuR69TbBRWrlVvrL0eOBREFuvXilU4UYowQ6DEN
X91PKIJR45z4NxCHNB96RjmgFvKTZfuM5v1peoVooll9TJzrl2MV7QxtLGKfdJZ1
s7KS42EYaYHaT9UVX7C+cDeBF0JW66ViflyDpezNccl9sMYReQEs8MbXQumEMf/N
tmcLWntkQ0aJZj3sGYlbS2zMhz7PXy2wUHnV2l8YwLBXZTXHu4YtOaqjBqYdMlLm
YYugDenKevGgzY7UiVfEDADTF8uAjWYnHzTDHAyqP5ecLhKCQK1S4gS9kyKUlLtk
77xVRg5gLoVk
=DwaT
-END PGP SIGNATURE-

Accepted golang-github-chzyer-readline 1.4-1 (source all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 24 Jul 2017 14:42:07 -0700
Source: golang-github-chzyer-readline
Binary: golang-github-chzyer-readline-dev
Architecture: source all
Version: 1.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-github-chzyer-readline-dev - Readline is a pure go implementation for a 
GNU-Readline like libr
Changes:
 golang-github-chzyer-readline (1.4-1) unstable; urgency=medium
 .
   * Initial release
Checksums-Sha1:
 42ed1b70feea8073346b0b0cbde917cc8419587b 2285 
golang-github-chzyer-readline_1.4-1.dsc
 eac1e1cea9c8ab176b0fac2b6269f2ad3aa8d228 34261 
golang-github-chzyer-readline_1.4.orig.tar.gz
 faa0496102a7028d9f59181fd4b9ae335fabdf8e 3228 
golang-github-chzyer-readline_1.4-1.debian.tar.xz
 4ef6b29b39985dd382d59254342e84b1e2115d25 30594 
golang-github-chzyer-readline-dev_1.4-1_all.deb
 c16c138e093b1cca227a390e81cda6cabf1e2bbe 5914 
golang-github-chzyer-readline_1.4-1_amd64.buildinfo
Checksums-Sha256:
 3e1e0db4557e0c1d52439dbfdfc4b63d7d9703f35443088b795960c21024f332 2285 
golang-github-chzyer-readline_1.4-1.dsc
 35a66d31d8c91b6b908c40137adf75eac09bb7bd2dbb9dbb12ff74216ec6ba45 34261 
golang-github-chzyer-readline_1.4.orig.tar.gz
 0ef7a6b08d7f969f85d9879172dd00f15eef0a74210ffb3e13f62cf1d1a647a3 3228 
golang-github-chzyer-readline_1.4-1.debian.tar.xz
 7b96e40cd6c7448bf5039f3c6c6c37dfc4b4f3059f27f6f37a112c408198fb57 30594 
golang-github-chzyer-readline-dev_1.4-1_all.deb
 f9aa9644e68b178338765c82ab76f6906e7ecd27330377899f8c88702763ee44 5914 
golang-github-chzyer-readline_1.4-1_amd64.buildinfo
Files:
 1178fce41c3c9319b4dd75035d5c5c55 2285 devel extra 
golang-github-chzyer-readline_1.4-1.dsc
 81b965d3f8d6c6c886da0832e4508324 34261 devel extra 
golang-github-chzyer-readline_1.4.orig.tar.gz
 cbb2ea7797f7b8620551de9789c3bcb8 3228 devel extra 
golang-github-chzyer-readline_1.4-1.debian.tar.xz
 c8d6f79a4df3d04b1b00a0758528fc7f 30594 devel extra 
golang-github-chzyer-readline-dev_1.4-1_all.deb
 a0764accd22164f9f2036c99d715d14d 5914 devel extra 
golang-github-chzyer-readline_1.4-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAll2c/0SHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UVgMP/iGqB1kP9Xb/1KHYSjX/JHWCZeZz0kS2
deQs/L/luIE8zh2RkDkxlJ1KPGrmryQ0WNXVnvAxn6O56GzMyzdsSzvu73qAcy6y
ZNaFdks3RHFOLvHDSAb4x/cZnseE4z/P53D6F2ftRuZcSV5ICyKeQCwReNixBJ8O
1BC7EMB3OcUa7EzZfR4xn9Yh4mQGztbAvKD66J2gBJzo1lA4tYyrLVsn7qHnEPeF
DVNUpj1bhyg7axvIjjNiKU1bcQB0Lraaq62KnQw/VRwSHjh3Gu7W/gQ7soDLSVTh
AUCS+tcfHoqwGO4fp97qerlhJ70kxsCMmNqztgbUSGyyYA970WUxStRajN4mz33S
UXTwxYZXap6vko/EfnRcwmvUoaZzSjF5YH8mFlX/imSVoMg+6VihB+mlONDiMc2j
C8ZgNrSkyttw0Bie2w1pdSDN/PvkUyke0k2MFTln7uy45Vq+X2HJd50YG8lhmU/j
PCPtnMK6z2XU8Jtf6iKwuV2isjKCYcz4aUSlUtPWna76CY+90lTlpVpnQNE7DdyT
c6HDMvsHm5nb3PQtXLsWSk06RaKHrMhtDgt1Fbf1uX2iLlFGhtBWYYuDGE/dLMaC
be1Qoo1GsfwlSPpXVtHiJX8jbvNd/8lpquJEoo/yn6qbtm1dllObfSHX3U1R5ooL
uOavUy/P25nR
=2xFk
-END PGP SIGNATURE-

Accepted golang-github-jinzhu-inflection 0.0~git20170102.0.1c35d90-1 (source) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 26 Jul 2017 08:42:15 -0700
Source: golang-github-jinzhu-inflection
Binary: golang-github-jinzhu-inflection-dev
Architecture: source
Version: 0.0~git20170102.0.1c35d90-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-github-jinzhu-inflection-dev - pluralize and singularize English nouns
Changes:
 golang-github-jinzhu-inflection (0.0~git20170102.0.1c35d90-1) unstable; 
urgency=medium
 .
   * Update to newer upstream commit (1c35d90)
   * Adjust for updated pkg-go best practices
Checksums-Sha1:
 77398195b02645a0c49d9d10a4b69e51e3de2301 2490 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1.dsc
 b84b1c67f9ff6098015b440cc67de4ff6aa42908 4184 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90.orig.tar.xz
 a80f75c2049b0fcad225f005d115b6feb48f089c 2032 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1.debian.tar.xz
 2f09bb3d68c2fdfe01e855c03c6e88401bf18ae5 5417 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1_source.buildinfo
Checksums-Sha256:
 216dac322f8166696cdedd153eff4124cf5977f50710f6bf6ae9db4b9df67da5 2490 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1.dsc
 17952adb959b2a1afeb4d8794ed68c1cb1e9007f2fe5ad8324f2f2a3d773a8b8 4184 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90.orig.tar.xz
 18bdd4dfaea71ef99416603e10ac92460a097d8a225a3b370021c2ab126af6c2 2032 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1.debian.tar.xz
 690e4e4d32bd7c26efab68a2fc25596dc487fcc4d027252efbb0a978e41813ff 5417 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1_source.buildinfo
Files:
 4f62c5f113f3e23b6fa08ece4a8d8826 2490 devel extra 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1.dsc
 39f28e26f439e23c7f66cc88afd71615 4184 devel extra 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90.orig.tar.xz
 d2e49697e5aabe50635a20c6886894dd 2032 devel extra 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1.debian.tar.xz
 560435af2bc03544c44e56cd9310c2e1 5417 devel extra 
golang-github-jinzhu-inflection_0.0~git20170102.0.1c35d90-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAll4uSsSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UG5oP+wdvJWQ5F+cUQcX6xLwJ8v/OKPlrqPjb
WTIx73UKueka+O97gl0rzo73//Xk6OAFmPBYiyabXK14/EMGzAA109s69vMqT+cP
8rxvHYF+POfvxzBTiGmdZ1+e3Z82BPGfxhieP0rNiLtEflqNKuAqNKCYFFIn3VaV
ZiM1Lpm8AG8cZ5uG0VcgR4FxACB8DJzCce3pVyR7L4wsbjdD6MwI9ctsjdjnYQJe
LP9qucCnM/4akAHINXm1WseviMr6qaoEK5uabuvmMduaaVdMQY6CQ3Qcqo1jY+XE
dnzTQ0dx2kpEiRPAGFn6wxsa0f/jnDsQRKLYwY63XVwX2+t80onDmHqtPiJD+9TE
hPet82xcCodiJmzEQpz2WIpJQviDoWzwkk7DWUesS6m3eBGaY29X8qz8O4bvWfBc
5GduGGcJcZ9icbxiDVECYTfWe5CYW2MlGoQWuPsgIPt46iCiC2xAO7TYPtweIxB7
o+NVMjc8NHRiWkOCJ5f0XhIXjEzPYuwiGMa8qhNQ+hFHDrJZ7VbLuG108cbNuHaB
opdh6eColpEMh2FenEF26fWcKBbZepU3wrIKm7d3ag81x+li8QgIs5KinhcuUEYi
4oAO5FtNkg1w7peS7+WVsK/ZCryr4QjgWPvKae11WMAfhYKuovKFM25VNjkNjEkY
AjVm7ssy2jHe
=uVer
-END PGP SIGNATURE-

Accepted golang-pault-go-technicolor 0.1-1 (source all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 24 Jul 2017 14:09:23 -0700
Source: golang-pault-go-technicolor
Binary: golang-pault-go-technicolor-dev
Architecture: source all
Version: 0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-pault-go-technicolor-dev - implements a high level interface to write 
ANSI color sequences
Changes:
 golang-pault-go-technicolor (0.1-1) unstable; urgency=medium
 .
   * Update upstream to 0.1
   * Upstream LICENSE file, thanks ta
Checksums-Sha1:
 e7df178d5dba4e38a0814b6c4a49636584d61a29 2225 
golang-pault-go-technicolor_0.1-1.dsc
 c2d578b04c9e86fb645446b49d5bc9cb1f7518f5 3007 
golang-pault-go-technicolor_0.1.orig.tar.gz
 765986b958f8a6d6f3d89b35b03a64b12ec07e68 1868 
golang-pault-go-technicolor_0.1-1.debian.tar.xz
 9cab6890ca300e6165466f00c96106a2b193b3a3 4134 
golang-pault-go-technicolor-dev_0.1-1_all.deb
 3b7f874861d2d89ed1e5a1c5207fa252aa983f87 5579 
golang-pault-go-technicolor_0.1-1_amd64.buildinfo
Checksums-Sha256:
 9cc3303452f5be24c469d80c96f9a98dea08f5a3c1b498eba1af1ba23d8c963e 2225 
golang-pault-go-technicolor_0.1-1.dsc
 efa79b7f482ec4e41394f1e403c27277817a9e164a25844fb3f0236091370f66 3007 
golang-pault-go-technicolor_0.1.orig.tar.gz
 71cb5374580e105e74bae400cf5b2f2785b64d70e0d79cbd62a9795699b20e63 1868 
golang-pault-go-technicolor_0.1-1.debian.tar.xz
 2e8875abdc0d0f1d9917fb17fc3e2cd8f020e93a90b28cc660a8673108e9a0ab 4134 
golang-pault-go-technicolor-dev_0.1-1_all.deb
 c2528e5b76e4c8e81236c50680d597ab04bd1832b108eb41ec6f0f04387dc93c 5579 
golang-pault-go-technicolor_0.1-1_amd64.buildinfo
Files:
 cfe48749700a3d98333cbee44684a406 2225 devel extra 
golang-pault-go-technicolor_0.1-1.dsc
 4edefe3a30e8505e2e63e1a6dc0da448 3007 devel extra 
golang-pault-go-technicolor_0.1.orig.tar.gz
 5ff15890c9c1272655575bb35e2a83be 1868 devel extra 
golang-pault-go-technicolor_0.1-1.debian.tar.xz
 578df20608315e3c69d4c7da25ababc0 4134 devel extra 
golang-pault-go-technicolor-dev_0.1-1_all.deb
 96150e45f6c21f299a17990539919aae 5579 devel extra 
golang-pault-go-technicolor_0.1-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAll2Y1ASHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UKroP/2iHnaqWwIhvmYVd6+CJMVF8w0s1YJLx
Dv0QSo3xcYUUwruUEcZ2Bj+FC/5gS+3HWdu4i+eiXmOWcNXx6/fuMJdYx2ZHUPEZ
bn/ovK9nSsVM1SWw94z1IWJAzJdV9q6LHhgQk++PxOKRj9vY9fQAcvRwxGRSTos3
prOQ19rbqHYuy8VZyifz1zuKnwDMtaXHAnEmhb9PrpYwLuTkDEqpo522OKN/Vurk
NEcjcCWUeKXXErUJO3t6HODrwfhI+EUx5euNcb5HVSsY/lD4cRNs9P5wKbLQYPKj
p+YSi70GkaBaBy0YLLXY0EIPs4bNe+BT02CvOJivp3zSiYJNYHj8cmIUv8KAAnyj
ByzYxGHYqrx7haR/utFZWBi9hm0BrvkR6Z/JrEDn4zxC0jSzpqnI/2APziibTWqB
XByZnJiHFNIRo+30b1m8qy6y0B3QKsVrLv7qT5wgKgCfsTNqOBsKO85b8o7zHohW
+//kwMSNnQxa8Of3v+6hqbTrI023bN8tHLVEXPKM1JBubu9/Ut4/wbpgpXkvJ2UW
zYOmoY9AZIcHXNgGlLowU/pMeyBeo900AGN8uDv0N22rvnOEF6IcPtXuJh82T9PV
CYhbFsYU2+y96O1Hu0NysEPeUjhlNY1Rqpy2TTX7RTVYj+YcefHgud8RytW7NrRy
0cLY59wsprmh
=B2OU
-END PGP SIGNATURE-

Accepted golang-pault-go-gecos 1.0-1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 24 Jul 2017 15:32:09 -0700
Source: golang-pault-go-gecos
Binary: golang-pault-go-gecos-dev
Architecture: source all
Version: 1.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-pault-go-gecos-dev - read GECOS entries from /etc/passwd 
programmatically
Changes:
 golang-pault-go-gecos (1.0-1) unstable; urgency=medium
 .
   * Update to upstream 1.0
   * Bugfix that will cause an error if the other gecos field isn't populated.
Checksums-Sha1:
 a9e90648fe523c8f86ddeb95b79a123f1dd724c7 2147 golang-pault-go-gecos_1.0-1.dsc
 7a1d426d05cb3df42253e1cd00d6528c4c46d90f 1910 
golang-pault-go-gecos_1.0.orig.tar.gz
 88ebbf2fbae0852f3f998b03667c594ecf0efb57 1888 
golang-pault-go-gecos_1.0-1.debian.tar.xz
 24ff57570b6f5ab586d33d1d09c547a7fc37b7b1 2896 
golang-pault-go-gecos-dev_1.0-1_all.deb
 9b59cc675b1c875aa946aee66c9959197f74df4d 5519 
golang-pault-go-gecos_1.0-1_amd64.buildinfo
Checksums-Sha256:
 3092fc36a6992663e6c24593592475d618f6fe2c41bf9d5c7d7cca100c90b98c 2147 
golang-pault-go-gecos_1.0-1.dsc
 4b807b5b4a04fefa04cb5baf21df7df24ee8e6e278f60d5f7c43a84f4d36ae3a 1910 
golang-pault-go-gecos_1.0.orig.tar.gz
 83c3a5ae6595d3bd3c36a5f35235af513c53447c57a045f9682660706f8db01e 1888 
golang-pault-go-gecos_1.0-1.debian.tar.xz
 ebd41000826b338991e3fd40159b4a6f15ff481e37acf0177f877c36b4ca6407 2896 
golang-pault-go-gecos-dev_1.0-1_all.deb
 63e5c318e0e6e500b0c189a4ceeeb4f389ac7931f919f0915d747e65da7ae74b 5519 
golang-pault-go-gecos_1.0-1_amd64.buildinfo
Files:
 e1ec772c351b5e75b1b49703e46470a9 2147 devel extra 
golang-pault-go-gecos_1.0-1.dsc
 a71d994e651858d96a15241e6d05ea19 1910 devel extra 
golang-pault-go-gecos_1.0.orig.tar.gz
 ed5e2fab56d85a709f0c19607b78507c 1888 devel extra 
golang-pault-go-gecos_1.0-1.debian.tar.xz
 50dace94974c06a7814af713cf10169a 2896 devel extra 
golang-pault-go-gecos-dev_1.0-1_all.deb
 a48ad843cc81e200263657d6202c30d6 5519 devel extra 
golang-pault-go-gecos_1.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAll2disSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UMGMP/jiDJuPwzrmOLHPQDv6okMiNrsQUStHO
G6n9V2TOBVISnbLT4Zq2WFLnqy1qjRbaT9J7YRY9v21LXYjvApIkE0ZmDlAAjity
94Bwz/0p1ZUH92kUAdpXuUAq3L0ePl/gBLlpyzESaGNb9zy45YUPBMKiYyHwyY3R
fkkYotEfUDwGZ6tz33c+k1YH3Gztk4knUfXUfsgP7ULRngtlDM3lq0UKiU73zFQx
ZqIINil9OnEOpNRUxAvgzvfu2o8GSzuy8gZBkmvOxlmwgtTyXm4HdPg0hoNhIYBj
4bfS6pcLcO12WA47ilf+UpXBmhZdXyhdKtOMs7wukQQEGdDJir31Ysyfeb2W55y5
buGqLGB3USAIOIJfccKpCBO0PJOxWUXsLG5g7NIqWC9tJApkjV5ZQhg7BFFQy+Lu
mYt8OAXdHJXpE5TJCGpHI0lRgc1XMRgDNq3wqnD3e9GCsDo552YTsmd8PkjtJYos
XjCoMl/T3U70UsLBWSns8qQi2SoI5mnO19NLCihkw2wkQvrn4FFJUcv67VWtY37c
ziG43mJ3sumPLqeIFbnlk1/2buxoSTjNmUzprCwZ4UVu/R2pjGK77rNqvwyEDvtt
N2H7uu7G626DSX1sriLxLg1cfiZwx8GMzNIMPXjUPyAhiyuXmbO62EU3YoHKSbYs
LYOxD8QAF18v
=BGGO
-END PGP SIGNATURE-

Accepted golang-pault-go-ykpiv 1.1-1 (source all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jul 2017 07:06:12 -0700
Source: golang-pault-go-ykpiv
Binary: golang-pault-go-ykpiv-dev
Architecture: source all
Version: 1.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-pault-go-ykpiv-dev - high level cgo wrapper around libykpiv.so.1
Changes:
 golang-pault-go-ykpiv (1.1-1) unstable; urgency=medium
 .
   [ Paul Tagliamonte ]
   * Initial release
 .
   [ Tianon Gravi ]
   * Add debian/watch
Checksums-Sha1:
 04bda1be46b72acfcecd8e855e7cec4eb46d76a1 2023 golang-pault-go-ykpiv_1.1-1.dsc
 6c286a843160de9ad57b389ca24ec9d9bb9f999e 15327 
golang-pault-go-ykpiv_1.1.orig.tar.gz
 a3eaf08f3e315c65253f71ed22c11a730439 2032 
golang-pault-go-ykpiv_1.1-1.debian.tar.xz
 3efba67e112160273a45380d28ee8f37e0b72b75 13922 
golang-pault-go-ykpiv-dev_1.1-1_all.deb
 44edf64c1264174f073efe9f76642923ced61789 5948 
golang-pault-go-ykpiv_1.1-1_amd64.buildinfo
Checksums-Sha256:
 5cb5aacdaf89ed84800e357ebebd3643a7f4e5e177066cf9287776d5ac47bd3f 2023 
golang-pault-go-ykpiv_1.1-1.dsc
 55ad92213f8ce9b645cff73995589e365102308a8b26a1c66993f3f791f10a6a 15327 
golang-pault-go-ykpiv_1.1.orig.tar.gz
 66198b5b96c3003abcde5134914eb980606352de38b1f7513730c19db29e2858 2032 
golang-pault-go-ykpiv_1.1-1.debian.tar.xz
 e4312d1e1e097c34bfcd26bb0681fed6d0258b561e1a43fe0b667c60645f36a4 13922 
golang-pault-go-ykpiv-dev_1.1-1_all.deb
 9836a999eeef5e3ec2a7a546d50bbff2eca9b0ac9783d7b8ce03a9c0ef65c587 5948 
golang-pault-go-ykpiv_1.1-1_amd64.buildinfo
Files:
 c52b1dd2883c93c21edfeed47aa23d17 2023 devel extra 
golang-pault-go-ykpiv_1.1-1.dsc
 914a8c1e38e38073c185eb41e982d56c 15327 devel extra 
golang-pault-go-ykpiv_1.1.orig.tar.gz
 93d7cd1642aaeb2f5f1dd562bf588a72 2032 devel extra 
golang-pault-go-ykpiv_1.1-1.debian.tar.xz
 f2a3baf5b8368900100782c1cc95aced 13922 devel extra 
golang-pault-go-ykpiv-dev_1.1-1_all.deb
 1ad18fe73ad991d23e978e48fbcd6978 5948 devel extra 
golang-pault-go-ykpiv_1.1-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAllyDKASHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3U4eAP/0LM4Vb78WuElMjp8l3L0kQARGRmjh1G
cyPxuWiCpIV0Klt0tquAmATA51gU2dGQ0D2FFRT8wNVWIuT74aGZTkfuui7zKCFL
g41I8u7d+CQvjZl1sqa34TMb9defc6/3pVUijW7kMMBdWKadaKqWw/keqBpZgXFl
0MpDdKhgf1A/2mh6qqoKoz15HrEWsC2nbhnGrATdVYEwH0n1RLypCEUDoFlaIcas
2tfVf4tekE0W5goNF9Ej9RuVL0BhsglyGhJjXMHGvXDqTDRrpS4d38swGNUryNfG
i3IGl+7lVbNnF7kNPqGGfgUZGRUrsM8H+ij4Ht85iPKB5bypMFTZWlk3vZzNTbrf
CoYLc8p+dZWKFFtsWrCIhyWuCMNfeOMcKZdsDi+5X4fgJh3YczO27fGJsp9zIVKA
5uMYOCP6L6IAyekJZ+czZY/CphG+iHmcMn/w7or3KsCKVUpAbBNzbxQW5kuaRr7m
O+rs2e+oJfzB+MCM15Uu4DhG0xaWPePnzCCBPQRusokU5Ol1etbeLd/7bzU/ubmq
rtATLQ+OhuYu+IjfeXH+V+Np2Zyo5FK/XmjBaCxRslLrO/2TjZHeGvoVmzyMlWwC
RP0LmZ1RNNg24Nxe7qdN06W9pOhjgXZPUyNuBgg0mR1rDhfl36RL+nNKY4dcDqbn
dkWMlWhvHUqN
=5w68
-END PGP SIGNATURE-

Accepted golang-pault-go-gecos 0.0~git20170524.0.13a7226-1 (source all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 20 Jul 2017 21:08:45 -0700
Source: golang-pault-go-gecos
Binary: golang-pault-go-gecos-dev
Architecture: source all
Version: 0.0~git20170524.0.13a7226-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-pault-go-gecos-dev - read GECOS entries from /etc/passwd 
programmatically
Changes:
 golang-pault-go-gecos (0.0~git20170524.0.13a7226-1) unstable; urgency=medium
 .
   * Initial release
Checksums-Sha1:
 460b8cc982e03b61b2ee5dd28230c4f27f1c1dd7 2301 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1.dsc
 2bcde4ab3341a22e4d7a74231a2bf0aa47f17a80 1732 
golang-pault-go-gecos_0.0~git20170524.0.13a7226.orig.tar.xz
 aff1597e7928d6a1401e49a177da86168e8cff70 1704 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1.debian.tar.xz
 894863f28e8e53897ce7c5dfa337b6b933467148 2790 
golang-pault-go-gecos-dev_0.0~git20170524.0.13a7226-1_all.deb
 a8029d2ca5079eb1e0278fe759196977159491d1 5712 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1_amd64.buildinfo
Checksums-Sha256:
 d3776e9b91049bbfc8910d450fd362a35e88a523c8675551f53caf67fcb7 2301 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1.dsc
 915e9bf9a1c1ca68b6e0a8006fa2dcbd29eba977020c20042978ed7c9d148c9c 1732 
golang-pault-go-gecos_0.0~git20170524.0.13a7226.orig.tar.xz
 0f335617c9fda896119d57c132e52a3d2b57f659d8e66d292e16b2cc508ec8ad 1704 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1.debian.tar.xz
 afae7c80e6b013e46e03646ffb2bc160902308c7c891880b49833e6b46e320a4 2790 
golang-pault-go-gecos-dev_0.0~git20170524.0.13a7226-1_all.deb
 508503b19d95983914d6e26f304660dedcb99ffc412be0ce06d274c79729a09f 5712 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1_amd64.buildinfo
Files:
 343997a7d4ff1d1acde0fffb21a62941 2301 devel extra 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1.dsc
 6f4c93b051297c33862150a87a9ee804 1732 devel extra 
golang-pault-go-gecos_0.0~git20170524.0.13a7226.orig.tar.xz
 ac394772315945030354c301cf4c263f 1704 devel extra 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1.debian.tar.xz
 d0a947c8e0c9bed084bc9c25fa133ac2 2790 devel extra 
golang-pault-go-gecos-dev_0.0~git20170524.0.13a7226-1_all.deb
 b745154d3a74071730ff2b335882aa3a 5712 devel extra 
golang-pault-go-gecos_0.0~git20170524.0.13a7226-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAllxf1QSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UruMQAIVd+3urrdjtX9UgEXBnM3qrGQI94eJ4
oJ6q48pwjKX/4dx8sl/QjOtZlTaDV+3WS3wGa+Hv2cUFO5lYo7tM6Jst+OXZzHZE
Q6iJRm0I9Xyjvbiv90vMNV1wdoQWPX3js9YnU6k6TIIdFRjg81PPK1wy/qiDLAa5
2yuIWHIY8Wjxw90oK3U38dwpDH3GnJ/BtNM4pjkpy2aJeLvAVafRX8zoVHIIbWx4
Lv1/1BCzfhA+r8MgIY1rVJ5HAND2WNZ0ngusdKDPvwbXvGgUhwZmfXQGBoJvFHkk
R4prpEOgvy6a5rY8Rq7SPcpAOkxtTPjcZ48AUuYLH4gFMQJBIRrBUV6eHDpFFscc
jVgO4FvC5F5W6Qo8cuNT4lW7Rj6PhomBiaOIS+uADE1nqDHzDN6xyuzfpe7PXdYa
/BzkoXHJeqsv7zUBiQ6MaNLHFoh05Qe+fZanqOiBuOh4mvHo27e8pBARlZ/lFAS5
yc3DFDpK03MzEhOts7GDjlP+AaaCQJEG2bCS42QJEcmJmPRnebVoFVa4/ya+E4HU
dfy2Zq5+4mfnMLqRcfMCqwKg2hqUdjlXeSThsGhB5zAmgsqnRtlHMqT319YgFmXf
WjgjiWBRxzo0dDbcGG7fG7Y7YLowAAaVAhPvnE4V+PShOYlTbd+tNtCAOPhB1Pcp
jlbKsrOQza8b
=Z0xc
-END PGP SIGNATURE-

Accepted golang-github-erikstmartin-go-testdb 0.0~git20160219.0.8d10e4a-1 (source all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 20 Jul 2017 22:13:26 -0700
Source: golang-github-erikstmartin-go-testdb
Binary: golang-github-erikstmartin-go-testdb-dev
Architecture: source all
Version: 0.0~git20160219.0.8d10e4a-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-github-erikstmartin-go-testdb-dev - Framework for stubbing responses 
from go's driver.Driver interfac
Changes:
 golang-github-erikstmartin-go-testdb (0.0~git20160219.0.8d10e4a-1) unstable; 
urgency=medium
 .
   * Initial release
Checksums-Sha1:
 b100d18124021fbd67403718e45cccf79d4364ec 2518 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1.dsc
 f45331e879cb3ebb345326fa9465ba86170de06f 7260 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a.orig.tar.xz
 3281a02528b0ddbeab4a456bd5d627a951f51749 2204 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1.debian.tar.xz
 71194fb8c90a3f681527e50b9449dfd43bd46120 7872 
golang-github-erikstmartin-go-testdb-dev_0.0~git20160219.0.8d10e4a-1_all.deb
 0214facc71cfdee6f34775222badd03318179532 5862 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1_amd64.buildinfo
Checksums-Sha256:
 cfa280127f3bbb3351256a8f97725bcc7ec374b286972ddb90d6d1cda75d2137 2518 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1.dsc
 f638f64f897a193501f62d8a73100aeabf55f2d43b2efb79d51720813e14722a 7260 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a.orig.tar.xz
 c29412688bed3fb96a16c2866eab26165acd5924abc7bed062b7fd355bfe3a04 2204 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1.debian.tar.xz
 2e393670c325dbea026c21880397baa1f3e33df49fe2d84f518f6005713f52b4 7872 
golang-github-erikstmartin-go-testdb-dev_0.0~git20160219.0.8d10e4a-1_all.deb
 0f61084bdd717fe554f4940638fff5c76f543153daa12746d97ccaa2919439b7 5862 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1_amd64.buildinfo
Files:
 099d900858b9f5e6e765556b7c05cc7f 2518 devel extra 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1.dsc
 da19a1cfad81bd7351241fc2a2e7ac6f 7260 devel extra 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a.orig.tar.xz
 272d7373a891fa132e65d6ee8a11033a 2204 devel extra 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1.debian.tar.xz
 7e01bb1e3e23d64d612cf7e55b650528 7872 devel extra 
golang-github-erikstmartin-go-testdb-dev_0.0~git20160219.0.8d10e4a-1_all.deb
 9123ae5fd4a27eb1065b725f1699e20f 5862 devel extra 
golang-github-erikstmartin-go-testdb_0.0~git20160219.0.8d10e4a-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAllxjkoSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UBH4QAJ+JJJQn6tNe2+YZmIddCgfLBQJEfoFr
yyIWaeVzohf/Vpm8eTc+2LwdkABD8mm3iTzEt7fQ3FbpEWDH+DKzv60J0ptbGdie
hF5G/i68/KjfSAH+oEJJRIX6/7o4aT7hg8numupefNe7OI3Pvu7Eceqvtshxjr+7
+YtvoEdwrIHlbdxnL4ieRnb15i5E6oxVkf8xClLu/Ufdcx9NcnPCiVY813MIyTMn
wG8IvR7L8K55rzUt2QPVZEJuZXlceFREPcQOzbogv8VFPDYKgwmQbBPmqPkLLkzE
u1L+cEH9TluMSBWMc8Xa7xoD8N0OysuPqSKt6rhC3qoXsCamCd5XFaxN5l7m2f70
TZKIAW9stn2CiQTk/GoSmtbeOmKP835TJnL30BfmOkUsWYqGtQQq5QzJii7Mnaa8
4LIQuirwzYFeYpGxnuNJq6akOanTcSG/Ah9UOXbiLkGc45DNCpP317kxN5G3XBAu
D5LeAsG/5iEUXbELVAfmX429LedEy/tsqAiUE9Cxam+fcDfoKft7jBbkqOnjbA+5
GVdPnrMLlRTUvKlS7vEljfPBzX2f6Xa0V76na6EjsZQphY6wKtOQKubc8Sqyj70I
06SZfTRn33gkY4FkquPsobv5996GaAOnXq6AJN4qCH2sD28sQvO4UFzDwdT4qZ7B
sWgjz2oeCEIQ
=QdUK
-END PGP SIGNATURE-

Re: When do we update the homepage to a modern design? (was Re: Moving away from (unsupportable) FusionForge on Alioth)

[Paul Tagliamonte]

[loads of bikeshedding and grandstanding]

So this thread is a shitshow.



Has anyone thought about taking the website (or really, anything we put
out), going and talking with **our users** and see what they have to
say? What they think of the site? Record them finding and creating an
install medium?


I, frankly, don't even pretend to care what our developer community
thinks of the site -- the site isn't just for you.


Until someone comes back with data on what things are easy, what things
are hard, and large enough sample sizes covering an *accurate* slice of
our userbase, I don't care about what anyone on this thread says.


   Paul


signature.asc
Description: PGP signature

Re: Archive no longer accepts uploads signed using SHA-1 or RIPE-MD/160

[Paul Tagliamonte]

On Fri, Feb 24, 2017 at 09:48:21AM -0500, Paul Tagliamonte wrote:
[stuff]

This is also just to say, I'm glad both algorithms have been removed,
and refused on new uploads, and thanks to ansgar for doing this.

Cheers,
  Paul

-- 


signature.asc
Description: PGP signature

Re: Archive no longer accepts uploads signed using SHA-1 or RIPE-MD/160

[Paul Tagliamonte]

On Fri, Feb 24, 2017 at 02:43:13PM +, Peter Palfrader wrote:
> On Fri, 24 Feb 2017, Wouter Verhelst wrote:
> 
> > > or RIPE-MD/160 algorithms.
> > 
> > Uhh? AFAIK, RIPEMD160 is not compromised at all, not even in a
> > theoretical attack. Why was this part of the decision taken?
> > 
> > (there is a theoretical attack against RIPEMD, but that is not the same
> > thing as RIPEMD160)
> 
> It's just as short as SHA1.  There appears to be little reason to use a
> digest this short in 2017.

This is a total side-track, but it's not the *length* that mattered in
breaking SHA1. The weakness was in a prefix attack, the brute force
attack on SHA1 is still out of reach. This was the *algorithm* being
weak, not the length of the hash, in this case.

Also, just use blake2.

Cheers,
   Paul


signature.asc
Description: PGP signature

Accepted golang-github-jacobsa-oglematchers 0.0~git20150320-2 (source) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 10 Jan 2017 09:57:25 -0800
Source: golang-github-jacobsa-oglematchers
Binary: golang-github-jacobsa-oglematchers-dev
Architecture: source
Version: 0.0~git20150320-2
Distribution: unstable
Urgency: medium
Maintainer: pkg-go <pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-github-jacobsa-oglematchers-dev - matchers for testing/mocking 
frameworks such as ogletest
Changes:
 golang-github-jacobsa-oglematchers (0.0~git20150320-2) unstable; urgency=medium
 .
   [ Paul Tagliamonte ]
   * Team upload.
   * Use a secure transport for the Vcs-Git and Vcs-Browser URL
 .
   [ Tianon Gravi ]
   * Replace "golang-go" with "golang-any" in Build-Depends and remove
 "golang-go" from -dev package Depends
Checksums-Sha1:
 81b48bd1419c37f834fb4901ef897e0e020990d4 2377 
golang-github-jacobsa-oglematchers_0.0~git20150320-2.dsc
 a24862b079877f516a5510b85c4bee1230bf3be0 1952 
golang-github-jacobsa-oglematchers_0.0~git20150320-2.debian.tar.xz
Checksums-Sha256:
 429fd7fb0cad6fdeaf4987ad8f01353d866f62d7861001c4a058f74d974536e9 2377 
golang-github-jacobsa-oglematchers_0.0~git20150320-2.dsc
 2a1fc0985c0291370a8e238a99a9935fb14a58758e51d5fc14529a896a5ec790 1952 
golang-github-jacobsa-oglematchers_0.0~git20150320-2.debian.tar.xz
Files:
 1101975c226c8586ad344758222ecfbd 2377 devel extra 
golang-github-jacobsa-oglematchers_0.0~git20150320-2.dsc
 9e4a7bd2ccc1f695c2d256ac35421fea 1952 devel extra 
golang-github-jacobsa-oglematchers_0.0~git20150320-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEtC9oGQB/APiONk/UA2qcJb81fdQFAlh1IKkSHHRpYW5vbkBk
ZWJpYW4ub3JnAAoJEANqnCW/NX3UUCQP/0DRKKaJ9o4V6PpPNj12UXIHeMsYlMCP
1GfqKoRLHII6xtAbbkIKYJ2abVgCbvYhjuEr1rss8RQ4d9N+iDT1XEdikJyyh9Hf
aoiEbXuUulBWkfXDKgz+s0cTbeRb6Zj8nij1wJUiljZGwHzjY+u9+PWMy8KFubIa
Ck2vlxQZ/bMrDhdv6OG2bqBEWAnWua5SxMLbsj2RpPP3NP1TEYFoeckMVh429dWr
LwivM5T/9uZVlOHKorg4F1UjO8ydnqvm7lAMeOkGRx0Hh5kNE5hn0KSKb1d5rAXE
ivCegRJGiPE7K+KpoRzZLnlsr42vp9aHkdVWB4TqZmB/Lt868oEmk2mJ+tdqf4aN
JeVlcs1/HiRSYvk9gM2tYcbPfAh78XnLFGfYUMOt/zS86GlvXtLyrjSeoZa0nFcg
o3/nHpSz3dtnNnGjAF6ZYc8nZpPHRlsCO+7gjzTib60XXKizJ3WiGY4IUqYhyJhz
/8FDmXk+MbCKP8gMmRLAq58/tkonCEUexKMF4OEyqOteQhUDG3BxWNquA648FHw9
WLKVCGpwa0B9CDFdcGvIarx0Ts6oqEOcBJzimiTm5FPvfmUWHe6KIjEhaCAz+/RT
dnDnUf426jBFwLG32fUXQwt3eCQ8Vh+spTEojZxWdOTEAMAVhjHIOZ24w0jtbxuf
Ah0GPf4jXLFW
=Ytah
-END PGP SIGNATURE-

Accepted golang-pault-go-debian 0.5-1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 29 Oct 2016 18:29:16 -0400
Source: golang-pault-go-debian
Binary: golang-pault-go-debian-dev
Architecture: source all
Version: 0.5-1
Distribution: unstable
Urgency: medium
Maintainer: pkg-go <pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-pault-go-debian-dev - library to parse and handle common Debian file 
formats
Changes:
 golang-pault-go-debian (0.5-1) unstable; urgency=medium
 .
   * Upstream release.
Checksums-Sha1:
 c2ad227648442f5481e94285b9349070b77a6c13 2167 golang-pault-go-debian_0.5-1.dsc
 09846f012edb9d77bd635633a6b7448f5d29e579 39408 
golang-pault-go-debian_0.5.orig.tar.gz
 3a1f221afe1748d46f62d0cf7004538e9a5d4d96 2508 
golang-pault-go-debian_0.5-1.debian.tar.xz
 d853b7f423dabf0f4eadd36dba6069dbc4c3f619 34104 
golang-pault-go-debian-dev_0.5-1_all.deb
Checksums-Sha256:
 2aa69a31576aa548da9d89a56a2f0ceb384d6f6baff01245d17a66e6464d9ed4 2167 
golang-pault-go-debian_0.5-1.dsc
 e3afb411287c818e54a575af2ad80d7a9019aadaa19121ad59eddfc109ab89a7 39408 
golang-pault-go-debian_0.5.orig.tar.gz
 79b8f1c769003d450b262fb1705a67e35080cb1eb142102528639b04296aa66c 2508 
golang-pault-go-debian_0.5-1.debian.tar.xz
 e0bfe073cf6b9ec7f2824a97094f08e68c3cc4370cbf840f7c29c669ffce5b64 34104 
golang-pault-go-debian-dev_0.5-1_all.deb
Files:
 5c9ec23c6632d02b4d337333e3e007bd 2167 devel extra 
golang-pault-go-debian_0.5-1.dsc
 9b3d9c8668998d0ecfb62757735e9b8d 39408 devel extra 
golang-pault-go-debian_0.5.orig.tar.gz
 40277c7c58256776f89a73ccca670a75 2508 devel extra 
golang-pault-go-debian_0.5-1.debian.tar.xz
 554881fb862956adf79cc8ecfa61d68b 34104 devel extra 
golang-pault-go-debian-dev_0.5-1_all.deb

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJYFSRLAAoJEHtYWzCAfCqHELQQAIDFFKQuZf5P//9bpB8nhuV4
U5mRygM12hSbz8kyTjWs7tSlqAJ0LnRMjEpirxV+4zO0e7i/8u1ol6nouvrCPQKj
PSFMXxdJJFPaFlj9Jtm2fek22ut8itjN5Z+Y9d+f8O3yjgE4m+UjnVbSgObumcIj
GJD5R1XaliDpUixdpytSJW/Ro2ADxPQvvaGR2wx+boLLj+Es1T7I5aRBD4gO1R1W
g8au7IHN50kY5ohIc+JdEARaP6ImtrQEBKXkv4FJ3kiv3IEptiO2eK2HCjb11RLl
vUBrp/LYzGRw6z0+7RCSE14BwZjOr9b3o8QeTeX1FsXqbfwTu7qWw1ny2A89MKlV
mDQWoKbjr4TGxPkV2vzyLIcql1/1QPAOlKlLTmQuAjJPY6w3MVCZZ6HCSkl0S31o
4wbrlnlnBJe5RXi1hneX39CFq+YhpFMHdNuborSjHxVV0Jgc+tL/VqGdXmMWV06z
mXl1pENr4bzteabrQ+3elgFquX2fPrNFQzI8gO3pkI4REkeRmUj9jVIFEVVy4q5R
Ey/n5CBY/kyE6zAD3+3CUdRUhglAk06WKr8H0XvMxTQPFeG5Hh04DG2K5vMlstLC
nUieRy1cpRzlUCXRB8seGOlzWVPGnk1ehBOris+W4cyYFxu2m3sJqRnQvggVyZqf
TH2VpYMaDKPfJW0ylNUw
=K4So
-END PGP SIGNATURE-

Re: When should we https our mirrors?

[Paul Tagliamonte]

On Mon, Oct 24, 2016 at 04:00:39PM +0100, Ian Jackson wrote:
> It is also evident that there are some challenges for deploying TLS on
> a mirror network and/or CDN.  I don't think anyone is suggesting
> tearing down our existing mirror network.

https://deb.debian.org/ is now set up (thanks, folks!), so my attention
is now shifted away from the push to https all the things (not everyone
will, so I just want a stable well-used domain that could be a sensable
default, and let those who don't want to move forward stay in the past)
and on to considering the apt https transport and thoughts on how this
could become part of the base install.

I'm trying to think up some arguments for and against a few good points
before I distract this thread with more about that.

Cheers,
  Paul


signature.asc
Description: PGP signature

Re: When should we https our mirrors?

[Paul Tagliamonte]

On Sun, Oct 16, 2016 at 09:11:42AM +0800, Paul Wise wrote:
> Exactly what actions do you mean by this?
>
> Debian does not control what mirror operators do, they are free to add
> https or not. Some do but most don't.

We do control the CDN. We can also start to move systems with a new apt
to a HTTP redirect-based mirror network using HTTPS only. This could
become the default, and new mirrors can add themselves when they're
ready, and as stable ages out, so does our use of HTTP. Or whatever.

> httpredir.d.o is not well maintained, but it could theoretically
> support https if someone cared about it.
>
> deb.d.o is backed by two commercial CDNs, see Tollef's mail about that.

Sounds like a great starting point :)

Cheers,
  Paul

When should we https our mirrors?

[Paul Tagliamonte]

Howdy -devel,

It's that time of the year again - that's right, another paultag rant
with some grand ideas about the state of the world.


It seems like every month or so, someone pops into a channel and asks
why we aren't using https on our mirrors. This well-meaning question is
usually met with hositility (We do integrety checks via out of band
OpenPGP signatures, and mirrors aren't assumed to be private so knowing
what you have installed is nbd, some exotic pet arches may take a few
more CPU cycles to handshake) and associated pushback.



I find most of these arguments pretty boring, and I don't think the
"costs" outweigh the benefits.


I see no reason why the argument that the mirror server may be
compromised means we have to open ourselves up to trivial MITM and
installed packages / versions disclosure to everyone between me and the
server.

I see no reason why just because we check signatures later that I put
random data from the internet into memory and on disk, and run a program
over it without making sure it's at least the server I think I'm talking
to.

I see no reason why exotic pet arches that already take huge cycles to
process data are a reason to keep back the vast majority of our install
base.


So, the real question:

So, when are we going to push this? If not now, what criteria need to be
met? Why can't we https-ify the default CDN mirror today?

(Sadly this means my trick to MITM the debian mirrors with my LAN mirror
breaks, but this strikes me as a feature not a bug)

Toodles,
   paultag


signature.asc
Description: PGP signature

Accepted golang-github-docker-go-connections 0.2.1-1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 29 Jun 2016 20:21:00 -0400
Source: golang-github-docker-go-connections
Binary: golang-github-docker-go-connections-dev
Architecture: source all
Version: 0.2.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
<pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-github-docker-go-connections-dev - Golang utility package to work with 
network connections
Changes:
 golang-github-docker-go-connections (0.2.1-1) unstable; urgency=medium
 .
   [ Paul Tagliamonte ]
   * Use a secure transport for the Vcs-Git and Vcs-Browser URL
 .
   [ Dmitry Smirnov ]
   * New upstream release.
   * Standards-Version: 3.9.8.
Checksums-Sha1:
 0d67f6e2085dbf8334836e0344573e236f94ba09 2403 
golang-github-docker-go-connections_0.2.1-1.dsc
 ff3aa32c1903a46f43b4a9a0b55cc35980666a1d 19972 
golang-github-docker-go-connections_0.2.1.orig.tar.xz
 ba4b3e3c51738cb02478a3e9e63972785e8e7522 1760 
golang-github-docker-go-connections_0.2.1-1.debian.tar.xz
 dcb90d3a4531509dc54d4e7db243d149b3d90d13 17624 
golang-github-docker-go-connections-dev_0.2.1-1_all.deb
Checksums-Sha256:
 0e1d19ddc76954ace7da7b0aa356429e68c49df63e2288bcf66e1fd7c2dde4ae 2403 
golang-github-docker-go-connections_0.2.1-1.dsc
 d37007947168232c4984bcf6f1e3b1bf482459bcf255ad980eb924dca0d6dd64 19972 
golang-github-docker-go-connections_0.2.1.orig.tar.xz
 ec29c73621e6dcac9064dca8d3c3e47e51303cceeb2011ed013393c7c63d4e65 1760 
golang-github-docker-go-connections_0.2.1-1.debian.tar.xz
 e3f5f83d9b128cccb78797c07ce981d5503e2ebf7a716897bf7a1ade87cd6130 17624 
golang-github-docker-go-connections-dev_0.2.1-1_all.deb
Files:
 1e595506522bc015774f05431009e8b5 2403 devel extra 
golang-github-docker-go-connections_0.2.1-1.dsc
 072e34a639c826eebe9a3ee7e877f85b 19972 devel extra 
golang-github-docker-go-connections_0.2.1.orig.tar.xz
 259daa33b65cfa76d50d7e7ab6989d04 1760 devel extra 
golang-github-docker-go-connections_0.2.1-1.debian.tar.xz
 8c94745e22e5a7099145108dbb0d11a5 17624 devel extra 
golang-github-docker-go-connections-dev_0.2.1-1_all.deb

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJX9rsMAAoJELJMpj9uu+hNK+4QALAEtjGfVH/1qU7zTbjm10XA
LMbPxJWCJeoDM/x4RNyRP9blnuFiepBOQ/5/KTEbfLttGLwMN8WHRbT6W0MradfV
KbNHIu5Ur6PGoCKP1Ijjv74b1sId3lI+WmJpk5AC+B2n+ib+uQpo07kyWvBO3RR3
TYKCI/FVrWpndVMq2ruWyNV35/iPgN1spf3N/URvymD44PSXHTDpFSVy4te/AHjR
aVcrGsD5pXMpvYFbHHoTjvlaCb3eR724dSoNVHBADN+3vPysPbe+uEsxCEF6aiHM
Uvbkdo/l7A6C53hcy6v1AIx9ljW5A475uXWNNIIySeONe5ffyiWW/EeqJCked98W
V96TgjTaiYC9pj8415NssnV9LBHoww8w63VjEdxJs/2HSJmKMWBehRuttwoukkiv
UgRf9wBqEIG5LYXNtv8/flCc2uuR6KaKErdWwUWBd+HvkQu3A5/JPmkdjckPCSsD
sHkN6BN+PRn/V/+ri/hWUFK7nHHneDmP6pD00xTG7LcHyeu+nJZazNVINT3wdLI2
JRDpkXuNJhlVtQlWwH/7plUuAD7s18Wke14G99YNTbyxhsawWkxTYKlf0J/twsey
yaDK6mXYlNkMK4DW/mfUjbWHO6/Rxs0B/Fb7fXAIZU9t1aeYQsTXtHksRtLmQEJa
gnszZDQvEkgfU+w5NDcd
=4CAX
-END PGP SIGNATURE-

Accepted golang-dns 0.0~git20160414.0.89d9c5e-2 (source) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 11 Jul 2016 21:48:13 -0700
Source: golang-dns
Binary: golang-dns-dev
Architecture: source
Version: 0.0~git20160414.0.89d9c5e-2
Distribution: unstable
Urgency: medium
Maintainer: pkg-go <pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-dns-dev - DNS protocol library for Go
Changes:
 golang-dns (0.0~git20160414.0.89d9c5e-2) unstable; urgency=medium
 .
   [ Paul Tagliamonte ]
   * Team upload.
   * Use a secure transport for the Vcs-Git and Vcs-Browser URL
 .
   [ Tianon Gravi ]
   * Remove "golang-go" from golang-dns-dev package Depends
Checksums-Sha1:
 f06e23f451e04991c1c5ff97e7108c3b45fbb063 2139 
golang-dns_0.0~git20160414.0.89d9c5e-2.dsc
 c6a39ebfc0a5f80a5b4c556555a1a78b04cf9faf 3300 
golang-dns_0.0~git20160414.0.89d9c5e-2.debian.tar.xz
Checksums-Sha256:
 f3ea6ef43e0b1c37f3a6071154ccd7a696c9b8ae9ee80ad42c4ff363512114ca 2139 
golang-dns_0.0~git20160414.0.89d9c5e-2.dsc
 898053f42e833f6df71369afd6182736bc4078c9548c74f91382f13153b66fea 3300 
golang-dns_0.0~git20160414.0.89d9c5e-2.debian.tar.xz
Files:
 0d50cf6dde396341da6d541de6be04e8 2139 devel extra 
golang-dns_0.0~git20160414.0.89d9c5e-2.dsc
 ad90424d6ca23921712cffb8784022dd 3300 devel extra 
golang-dns_0.0~git20160414.0.89d9c5e-2.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJXhHbPAAoJEANqnCW/NX3U/XEP/0k56WQeYsnwON2GaLsDT+fm
ae2atBoINUazbcLcJdplISFwn3J+0GcUJFQD2YPkuyYdg4if2QFksVddIf8fRGKo
pmXuriYVDHhVmmWYgqkZTyaLSR451T/33SMNigFhSekVm+T4fgwF+rpTgL3MxDwg
Rbn8Mmg/kEatoy1Y7LaRjGSzzdGie9vwcwxBlA1894625D8z3SOnb2aXgQcTCkZI
DAEkPbunWn6Nc/ME4duzlOjeGu9CBNXRknVcRsYASYP2GGI3RUPudryzzzo9SqNb
lIMMRAU6g2RktTAtIrQZjXF9ELmPcU7eGndd00PT6UEcDIWbrWACcj64jKvDgC7p
mChvR7XFT5p3LdpsUZ7BNHKOZx+FGuaaN/1JFVeEwYi1LkeDg+fIqqrMpagUG++t
DRvbhBhYcSK5D/EuUt3sIEm3yX4szZmgOTIiy7hesnc4G3glZy6JLQrEZFykp3Tj
yUqAeY+d2nmGcAgVcy93TJT5TkEfKiLtqHTTXNceV6P7U9vFbgv1GmcJ7n1jEWjc
94X/4A/ZwZjrzm38twK9sn5LpoRP99k126rAbYLOrPJOb3chmRVMZhO6tqQyaXRZ
NmgLFzDVrLFK1aUgUy9KHuaRWYdgwMXUKIWDXu/N6lcUyl+6VGymhoCOOmTVm/jv
VbHnuQVJ+paZrGpWYdnM
=oPlz
-END PGP SIGNATURE-

Accepted golang-github-jonboulle-clockwork 0.0~git20141217-4 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 04 Jul 2016 08:29:49 -0400
Source: golang-github-jonboulle-clockwork
Binary: golang-github-jonboulle-clockwork-dev
Architecture: source all
Version: 0.0~git20141217-4
Distribution: unstable
Urgency: medium
Maintainer: pkg-go <pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-github-jonboulle-clockwork-dev - Simple fake clock for Go
Changes:
 golang-github-jonboulle-clockwork (0.0~git20141217-4) unstable; urgency=medium
 .
   * Team upload.
   * Use a secure transport for the Vcs-Git and Vcs-Browser URL
Checksums-Sha1:
 a52dd55ccc2848ccd558f77b30791345fefefebc 2274 
golang-github-jonboulle-clockwork_0.0~git20141217-4.dsc
 792d9e3db2418a8e1dab6e494b1a734a38b71b8e 1444 
golang-github-jonboulle-clockwork_0.0~git20141217-4.debian.tar.xz
 b87ea08767651dfdd5bfab3afcab2e461e414f2d 4750 
golang-github-jonboulle-clockwork-dev_0.0~git20141217-4_all.deb
Checksums-Sha256:
 41b489331ca12cc90d7a782ba44b5f7253d9b4bcfb99ac038dd61aec6259aaa5 2274 
golang-github-jonboulle-clockwork_0.0~git20141217-4.dsc
 cae6085c4cff33b9cf7af1affb40eba0caca7c4bcd81be3d3ad34a71a48c0f3e 1444 
golang-github-jonboulle-clockwork_0.0~git20141217-4.debian.tar.xz
 922026fb1ae5b302f3a65e63e8e6030c84d158613243e9df70728c9aeac47734 4750 
golang-github-jonboulle-clockwork-dev_0.0~git20141217-4_all.deb
Files:
 06c4f51c4e386e740ce85a0c6c4dedbd 2274 devel extra 
golang-github-jonboulle-clockwork_0.0~git20141217-4.dsc
 270a3f0662d1e5ae0e6ea32512537667 1444 devel extra 
golang-github-jonboulle-clockwork_0.0~git20141217-4.debian.tar.xz
 b3673810264442492b8617fa8a0aafd8 4750 devel extra 
golang-github-jonboulle-clockwork-dev_0.0~git20141217-4_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJXelb0AAoJEHtYWzCAfCqHdVcP/iPFKNm4vHeQKOjNslaaYE/6
UG3qegaWVbTEdeGNdxLhsru5+752FuQ+Z+KXHSXvJE8wqe6ez5Qu4M0pbVgVw+ra
0/xa80ZZi/LnLreEdSsY/DJ3IArWAHlDIG9DSTy5zZPa9Wq0gQdaLZRkmwer5AAJ
lku8BQz2MVX1IbZ6MJ+DABRw+H3g/lXkR+QBHsnVrg3hcZGM8JTCnAenDPq2R837
EbaFLLqBGMkDlAEYzcGx7LkafXQ/w2oVNm3faHleEUue0oK2b0+sVDpFW+XFQRF2
3JFl6bXIyq7d3ZQN6+cFpvqYS1OI7T5TggfNa6/DIsEzdkTm86ouguPklDb70Q/k
PmU9KrvPYPor5kwZ+SdDD4zjVyp4eUw3GkNVQ0QVKyAzt6y5CzPjAjixf13vF9mC
IiXcwLvuvCmOpaarPq61199w6OivQLfLUBsoLSZoekJlsFxzBqeQ6h4r9Pn8dnKQ
+HA4KX3j5H1+dfZquo+bQR3o1tulCZBmSdxfUPRZnNMLmNgcNvGz7O9KlR3hMhV8
I7yF8uEOThYHp7z9v3SOpW0iQLfMIzq/GIazFWFqs4l5jaxE9xWpfarsz3jJrvl1
a0ShEnSddCv3bzgHRsOAx9MI9Es5tZlk9OGONOup6OilFdT1u3S6LGDZOMfat1nW
LZoTzO6bgDaAveA2cOhT
=q/sh
-END PGP SIGNATURE-

Re: Command line frontend for services that require single sign-on

[Paul Tagliamonte]

On Thu, Jun 16, 2016 at 11:43:05PM +0200, Enrico Zini wrote:
> Hello,
> 
> I have just prototyped this:
> https://github.com/spanezz/debsso-client
> 
> Who would like to give it a try and make it grow?

Hey, thanks, Enrico!

I've also documented steps to both export as a PKCS12 (which you can
easily split into an x509 cert and an RSA private key), which may help
avoid some of the work to extract it from a browser.

(That same guide has instructions on taking that PKCS12 blob and burn
certs into a Yubikey[1]. Yubikeys also have a handy feature of being
able to be read from OpenSC's PKCS11[2] driver, and even act as a PIV
device!

This would allow neat things like using libpam-pkcs11[3] to let any DD
log into a laptop (in-person porterbox in the DebConf hacklab!), or add
it to nss[4], for Chrome, or even stuff like scripts above, so you don't
have to munge certs.

It's also worth noting you can add user certs to Android phones by
adding them as a user cert (Looks hidden as a VPN thing ISTR), which
means we can even do Debian work from our phones!

Anyway, I'd just like folks to know this is super exciting, and having a
sane PKI system that lets DDs client-auth to services is *huge*, and we
should totally be building up awesome infra around this stuff. Maybe
even send OpenPGP signed CSRs to an automated CA to issue new client
certs?

WHO ELSE IS STOKED? I AM!

Can't wait to build around this amazing work, Enrico!
  paultag


[1]: https://wiki.debian.org/DebianSingleSignOn#Use_with_a_Yubikey_in_PIV_mode
[2]: https://packages.debian.org/unstable/opensc-pkcs11
[3]: https://packages.debian.org/unstable/libpam-pkcs11
[4]: <

signature.asc
Description: PGP signature

Re: third-party packages adding apt sources

[Paul Tagliamonte]

[cc'ing devel, since this is a rant that involves technical topics, and
 god knows I only go on so many rants a year these days]

On Thu, May 19, 2016 at 05:18:28PM +0200, Daniel Pocock wrote:
> b) many upstreams appear frustrated about getting their package
> officially supported in Debian.

Yeah, I don't think that's it. "officially supported" is burrying a lot
of really important discussion we're not having.

> Sometimes there is good reason their
> package doesn't belong in Debian but sometimes it is more about inertia
> in Debian or the upstream isn't aware about backports and thinks their
> package will be stuck at a particular version forever

Frankly, I have a hell of a lot of sympathy for this.

Backports are a whole thing. People have to be actively aware of them.
Users have to be told to add a new thing in the sources by hand, and
install something explicitly. It's calories, and explaining a Debian
process to a user isn't fun. Why would upstreams want to do this?


My claim, as I'll outline below, is, if the upstream wants to give the
user an up-to-date software package, and they have to teach them how to
add a new archive, they'll give them an archive *they control*, because
they're now on the hook for delivering through that channel. Upstream
wants to spend as little time as they can with this, so they make it
easy - they make a deb.


Now, for the rant I promised.


Backports are present when a package is in testing, and backports are a
single channel. Backports are not for upstream's releases, whenever they
want to ship a thing.

We have zero procedure in place for the following:

  - Totally unsupported very old version of ${FOO} in stable, maintainer
isn't patching bugs, bugs are going to upstream, and upstream is
annoyed Debian has out of date, perhaps insecure thing X.

  - Leaf package ${BAR} has a robust upstream community, where releases
are very well tested, with a mature stable/unstable release cycle.
Our stable release freeze was off by a few months, so we've been
shipping their 'oldstable' in our 'stable' for years. The
maintainers are annoyed we don't use the latest stable in our
stable.


We can talk about what is an isn't right all day long, or about how PPAs
are going to solve all this one day, but I've become more and more
worried that we're failing to serve users in this way.

Largely, I think the first situation is a common one that our culture
has forced people to group-think "Well, that's bad and the system is
working as intended". We can't let software change on our stable
installs, so this situation is bad, but the intent of stable.

The second one is harder to say that with, since upstream is making
assertions (just as strong as us) on some things. Be it protocol
stability, API stability, or whatever.

We're mostly approximating #2 by stacking up patches from their next
stable, and applying them to our stable. We're basically shipping the
new version with the old version number, without as much testing as the
real version, and only confusing ourselves (patches are a bitch), users
(I have version 1.2), and upstreams (why doesn't Debian trust the
release process), causing tension everywhere. Look at OpenSSL, it's
nuts. (God bless the OpenSSL team for doing this, and finding a way to
keep DDs happy -- or rather -- merely quiet, as well as upstreams and
users).

So, your question, why do people try to make it easy to get the latest
stable software is answered simply with "because we're not". We are the
problem. No one wants to do this. Maintianing an archive sucks. No one
wants to maintain a Debian archive. It's just the least work to deliver
something supportable and maintainable to users.

Go to any mature project, they have a way to bypas the archive, and get
the latest stable from upstream. This is a huge failure. Upstreams
aren't becoming DDs and updating packages, dispite the fact they can
package and maintain things.

Hell, teams packaging Mozilla-soft and PostgreSQL are DDs maintaining
*external archives* because it's easier.

The issue is, we have a model of software delivery that's slowly growing
more and more distant from the realities of shipping software today. Why
is this? What can we do? What do our users want? What do our users
*expect*?

Making it hard to install a new archive will only lead to more
workarounds, more FAQs telling users to dismiss warnings, and more
upstreams hell-bent on working against us, because we keep making their
lives harder.


This is a 100% larger conversation, and it's not about a hacky deb, it's
about how our place in the software ecosystem has been evolving, and we
need to evolve with it, or we'll find ourselves part of the problem we
were trying to solve in the first place.


signature.asc
Description: PGP signature

Re: golang naming scheme (was: re Bug#819591: ITP: golang-github-peterbourgon-diskv)

[Paul Tagliamonte]

Also, I take issue with calling this "lazyness".

To imply the golang team hasn't put thought into a large section of the
archive is not very nice.

Thanks,
  Paul


On Thu, Mar 31, 2016 at 11:34 AM, Paul R. Tagliamonte 
wrote:

> That's correct.
>
> This is no different than saying the Python importable name is the package
> name. And why we see stuff like:
>
> python-foo.bar, since you import foo.bar.
>
> You import that URL. The package name is just the import name. No
> different than Python.
>
> Cheers,
>   Paul
>
> On Thu, Mar 31, 2016 at 11:28 AM, Simon McVittie  wrote:
>
>> On Thu, 31 Mar 2016 at 11:10:56 -0400, Holger Levsen wrote:
>> > As you might have noticed, golang packages seem to have an, aehm,
>> > interesting naming scheme, where they basically take the upstream URL
>> > and turn this into a package name.
>>
>> If I understand correctly, the URL of a Go package is ABI. For instance in
>> :
>>
>> > import (
>> >   "sync"
>> >
>> >   "github.com/google/btree"  <<---
>> > )
>>
>> I'm not defending that design decision, but given that it exists,
>> having Debian package names mechanically derived from what you "import"
>> (or "use" or whatever the language's idiom is) seems like A Good Thing.
>> See also: the way we encode SONAMEs into C binary package names, and
>> the name you "import" or "use" into Python and Perl binary package names
>> ("import dbus.mainloop.qt" -> python3-dbus.mainloop.qt,
>> "use Text::Markdown::Discount" -> libtext-markdown-discount-perl)
>>
>> S
>>
>>
>
>
> --
> :wq
>
> --
> :wq
>

Re: Death to git://! Long live git://!

[Paul Tagliamonte]

> I'd like to suggest we move all Vcs-Git entries to either `https` or
> `ssh`.
>

As mapreri points out - this is for anon clone, so only https - as I
pointed out in a blog post years ago, ssh is a bad idea :)

http://blog.pault.ag/post/27268910152/usage-of-vcs-git-in-the-debian-archive



-- 
:wq

Death to git://! Long live git://!

[Paul Tagliamonte]

Hey devel,

We still have `git://` all over the place, for instance, on Vcs-Git on
control files. That makes me sad. Boo insecure transports.

`git://` is plaintext, and plaintext transports are bad.

I'd like to suggest we move all Vcs-Git entries to either `https` or
`ssh`.

Signing tags is a good step, yes, but there will always be unsigned
contents at the head of the branch, and users won't always check them
when cloning a package locally. I'm sure some DDs out there will even
debcheckout and upload after checking a `git diff` rather than a
`debdiff`, because git never lies, right?

Not everyone pulls down the package and uses debdiff, and it only takes
one mistake to own systems.

`git://` provides no upside and really shouldn't exist anymore. GitHub
has even turned it off[1]

Are we going to let GitHub do best practices better than Debian? Hello
no! Let's do this.

There's no downside, and `git://` provides no value. Let's kill it from
the archive.

Plus, `git://` is super blocked by port in a bunch of places `https`
isn't. So there's that.

Cheers,
  Paul

[1]: 
https://github.com/blog/809-git-dumb-http-transport-to-be-turned-off-in-90-days


signature.asc
Description: PGP signature

Re: Death to git://! Long live git://!

[Paul Tagliamonte]

Good point, and I stand corrected. Thanks!

Let's beat GitHub!
  Paul

On Fri, Jan 8, 2016 at 10:47 AM, Andrew Shadura <and...@shadura.me> wrote:

> On 08/01/16 16:43, Paul Tagliamonte wrote:
> > `git://` provides no upside and really shouldn't exist anymore. GitHub
> > has even turned it off[1]
> >
> > Are we going to let GitHub do best practices better than Debian? Hello
> > no! Let's do this.
>
> > [1]:
> https://github.com/blog/809-git-dumb-http-transport-to-be-turned-off-in-90-days
>
> That's not true: git:// still works on GitHub, and the post you linked
> to actually says they're switching off http://, the dumb one.
>
> --
> Cheers,
>   Andrew
>
>


-- 
:wq

Accepted golang-pault-go-debian 0.4-1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 02 Sep 2015 16:16:31 -0400
Source: golang-pault-go-debian
Binary: golang-pault-go-debian-dev
Architecture: source all
Version: 0.4-1
Distribution: unstable
Urgency: medium
Maintainer: pkg-go <pkg-go-maintain...@lists.alioth.debian.org>
Changed-By: Paul Tagliamonte <paul...@debian.org>
Description:
 golang-pault-go-debian-dev - library to parse and handle common Debian file 
formats
Changes:
 golang-pault-go-debian (0.4-1) unstable; urgency=medium
 .
   * Upstream release.
Checksums-Sha1:
 28449785f8f62c78fd04533c209e4b496ba4dc2d 2162 golang-pault-go-debian_0.4-1.dsc
 e6c8c41f4531e3f4fc58c6b9876ca27b1304b6d4 26898 
golang-pault-go-debian_0.4.orig.tar.gz
 f8de21b6f4814d86684c966993ea4c8b1409 2476 
golang-pault-go-debian_0.4-1.debian.tar.xz
 18e3f7690d0a0fdc2067add41ef35c298fb48de8 24868 
golang-pault-go-debian-dev_0.4-1_all.deb
Checksums-Sha256:
 6d7aecc9f1e65da7cfa7ec7d0f88a2bb312c27baeec57bac5fbe655b2a177fa8 2162 
golang-pault-go-debian_0.4-1.dsc
 1e32efc1549063dd48cead111852589236eb28c52bc464072451e5cf6843e095 26898 
golang-pault-go-debian_0.4.orig.tar.gz
 7cfc8d3e340bd1c12bbaffd72e277d2457e29c6e6c954ce477380c27282f572a 2476 
golang-pault-go-debian_0.4-1.debian.tar.xz
 c4697da1057533e7dfa8b2fb72760912c70e029e7abf7773fcbef3ecd6ace2c4 24868 
golang-pault-go-debian-dev_0.4-1_all.deb
Files:
 69ac67286dc0ac5d0a8f9ba0c2d2adb8 2162 devel extra 
golang-pault-go-debian_0.4-1.dsc
 e8337e97ba3c6d5b1b7ece0afb17f2ab 26898 devel extra 
golang-pault-go-debian_0.4.orig.tar.gz
 12ff95069dcd024af4bd37d5550ca95f 2476 devel extra 
golang-pault-go-debian_0.4-1.debian.tar.xz
 b0a2fef2b4cedb497409e87bb449effe 24868 devel extra 
golang-pault-go-debian-dev_0.4-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJV51mrAAoJEHtYWzCAfCqHbCcP/3Yqq3164K67nFDtnyz6eiuX
I0lFFqjSqEuQnNdfs4zspxXhLP61KR/U9Ans853U7GlPOcJ2DioieXWcGdZpXM6M
g9zUyThG67E7e2rCcs0q0TS1dJk82/PV8C9aUQXNSMwNli3ZbdLjAVZU9RQQPNMt
Ts1GnCOZr6va5GEgBds7urxO0WwM9OcLhSDJH7yrKtw6g6P0c8jd12bNZ+uf0GLC
ZVhvQRHbhbKQ2GnBg0K0WWCRGxAPgh4ZWiXB7CfMhGl2FmGIi+UC22WVbBoVYSHC
umyAQu4FE+iOiikt0oiCiffhltmD1bsQMht+xONZ1zKV0mJl7OasstGdzaRduzNF
TNcTCsPcTDcca2pzbslBOTr6YQgNglIgZZUwHYGmrQDQjNgzvxRdZCDviOJ76YRn
n1jmaqh5VA7ouVEsjFnFqJYO7yCKpwCLT6o7k3LgC4ZPlZPq3rCeLuar8kHrfuxV
1eCCkvLZedZTDcdhL16oyeriWdPh8s8GLido1HcTDwJ5ESWV35COb2liV+XtI+SO
PX9dfkPlAOsnWtXS8Cakm7XM4+60K6HzmJ1HJDSpyNs3FQoeOp05NkZM75somkIC
DZ3ZDmHIplmu1AEcPrZhf2ZCsANw+8bXHf4j8xEjcnQrU/AfbTxuPp3lcnsAxgc8
CJUvvFUWDGTDenYUzZwe
=o0He
-END PGP SIGNATURE-

Re: Bug#797021: ITP: midicsv -- translate MIDI file to CSV

[Paul Tagliamonte]

On Sat, Aug 29, 2015 at 11:24:12PM +0200, Santiago Vila wrote:
 Everything boils down to an ITP bug?

In the case of a dispite, well, yeah, that's clearly why they exist.

 I think this clearly shows my intent to package it:

Sure, *your* intent, but that's not you getting the global mutex. If I
want to package something, I'll search for a RFP or ITP, and use that.
If I don't see anything, I put it in NEW.

 https://people.debian.org/~sanvila/wip/

... I surely don't look at every DD's people.d.o for a .dsc 

When two threads do work without both checking the mutex, you end up with
a race condition when both try to write data back out.

Live and learn. This is literally why ITPs exist.


Frankly, you're assuming malice. That's out of line, Why not be friendly
and create something positive out of this.

  Paul


signature.asc
Description: Digital signature

Re: Bug#797021: ITP: midicsv -- translate MIDI file to CSV

[Paul Tagliamonte]

On Sun, Aug 30, 2015 at 01:07:15AM +0200, Santiago Vila wrote:
 On Sat, Aug 29, 2015 at 03:28:44PM -0700, Kamal Mostafa wrote:
  Santiago, it is disappointing that you'd jump to the (wholly incorrect)
  conclusion that I had somehow hijacked your package or your work.  Its
  just a coincidence that we both happened to package this on the same day
  (but I followed proper ITP upload procedures, whereas you didn't).
 
 It was not really my package or my work. Before your ITP, my plan
 was to file a RFP with Víctor as the owner. He asked me in Debconf for

FWIW, an RFP isn't right either. That's a request for packaging. Kamal
would have just turned it into an ITP and set himself as the owner.

You should have filed an *ITP* with your mentee.

I suggest you do a WNPP touch-up and re-read the devref.

 something to work, and I suggested this package which I had in a
 private repo for years.
 
 But if the package is not going to be maintained by him because I
 didn't file an ITP in time, so be it.
 
 Thanks.

There's no reason you can't work together. Why not try to be helpful and
work together? Three is better than two or one.

Cheers,
  Paul


signature.asc
Description: Digital signature

Re: Bug#797021: ITP: midicsv -- translate MIDI file to CSV

[Paul Tagliamonte]

On Sun, Aug 30, 2015 at 01:45:32AM +0200, Santiago Vila wrote:
 I'm confused now.
 
 Please note that I said with Víctor as the owner.
 
 Do you mean that the owner of a bug report is not a mutex,
 much like the person filing the ITP?

Owning a RFP basically means nothing. It might be weird enough to
someone looking at it that they'd ask, but here's a workflow (again, I
invite you to re-read the devref)

RFPs, when they get an owner are turned into an ITP, since you're no
longer requesting someone package it, but rather, intend to actually
upload it.

If someone sees an RFP, the idea is they retitle to an ITP and set
owner. I'd likely do it without reading the RFP, so I'd miss any
owner.

If you stall on the ITP, it's polite to turn the ITP (back?) into an
RFP.

 Until now I believed that the following two bugs were equivalent:
 
 From: A
 Subject: RFP: foo
 Owner: B
 
 From: B
 Subject: ITP: foo

Yay! So, they're not. So, misconception corrected! If you intend to
upload, you should, well, show that with the bug. By making it an intent
to upload bug. Since you intend to upload. It's not a request anymore.

 but now you say that anybody can change the owner in the first report.

I likely would without checking, but someone more careful might check,
say Hunh, that's weird and email.

 If that's the case, what do we have this Owner thing for, then?

It's a general feature of the BTS. Owner has meaning for ITPs, but RFPs,
that's weird. You can't really own the request like someone owns the
intent.

 (Speaking about the BTS in general, not about ITPs in particular).
 
 Thanks.

Cheers,
  Paul


signature.asc
Description: Digital signature

Re: [DDEB] Status on automatic debug packages (2015-08-24)

[Paul Tagliamonte]

On Mon, Aug 24, 2015 at 02:28:05PM -0700, Steve Langasek wrote:
 I wonder how this list was arrived at.  Offhand, I see the libc6-dbg and
 python3.5-dbg packages are both in section 'debug', both of which are part
 of the build-dependency closure of main; I'm pretty sure we don't want them
 shunted to a separate archive.

Really good point; no one thought of this while we were sprinting on it.
Right, so, two things are now in.

nthykier has checked in a changeset to add a binary control header to
signal it's an autocreated debug package, and dak now uses that to check
to see if it should be diverted.

This means we *wont* see a great pickup in space by moving those super
ultra huge debs (like webkit's debug package) into the other mirror, but
I'm sure we can work something out with the maintainers.

Anyway, thanks for that. Patches made against dak and just getting some
testing locally now.

   Paul

-- 
 .''`.   Paul Tagliamonte paul...@debian.org|   Proud Debian Developer
: :'  :  https://people.debian.org/~paultag   |   https://pault.ag/
`. `'`   Debian - the Universal Operating System
 `-4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87


signature.asc
Description: Digital signature

Accepted yagtd 0.3.4-1.1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 18 Aug 2015 16:54:30 +0200
Source: yagtd
Binary: yagtd
Architecture: source all
Version: 0.3.4-1.1
Distribution: unstable
Urgency: medium
Maintainer: Max Vozeler x...@debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 yagtd  - utility to help organize your to-do lists
Closes: 786302
Changes:
 yagtd (0.3.4-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Remove dependency on python-support (Closes: #786302).
Checksums-Sha1:
 847f8b4ba9565f531ee6f23399f522b3f39f9a3c 1807 yagtd_0.3.4-1.1.dsc
 9fcb4b4e9846a7647a355e510f88e3067c894e05 1685 yagtd_0.3.4-1.1.diff.gz
 1498f2579fcda901a598aaf5fedf05dec5daad21 63348 yagtd_0.3.4-1.1_all.deb
Checksums-Sha256:
 d546d83f09e5d596ea8f252b15a24e331785b48e8047fdd6040276a3182d06e3 1807 
yagtd_0.3.4-1.1.dsc
 1213a174990c1ea967764cc954a27415b369ce54acafd33c439a930dae6ac915 1685 
yagtd_0.3.4-1.1.diff.gz
 d0e54414629104d2b9c9e364476a3de1617395b9f5ab2a58551c9e566d793e38 63348 
yagtd_0.3.4-1.1_all.deb
Files:
 1c7ea137bd50095b796a3aad90637416 1807 utils optional yagtd_0.3.4-1.1.dsc
 9268c7cac0e2d6d7e0740e5cee218902 1685 utils optional yagtd_0.3.4-1.1.diff.gz
 88fb9ef831fb4d82872abbb6c39587a0 63348 utils optional yagtd_0.3.4-1.1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJV00gEXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHzUoP/1+wGZ3QfunHANDvGK7INC8u
zu6Q4Vo/rRuJEUWsocjQjIn5AA7ARbVLe79OYJV8o1pFjI0TuQ24laIJ7koAW6P8
TCrloTEBvWnPCmq5MLXbSyGstWpNvewLCueLmboIhwCJJZSCMXEiQ4HBpEQEiqvD
Hks6cirGvepgdviRg7FzVpXGQLuyUIyf251RLxgE7oC/NWXnyfePT9azqyo7u9p2
YLirkL7UdeJYv/cTRQxaWBUjIzHc9qhTuiU9Q9xOZVX2jJ0l+PI+uqoS3Ha8gohG
n154Teh0uFmQwYuFEOTQbYTDgPuKGxw8gjLXQ3PPIpDhSumE+IKeex1hkC5zvf6n
lJ0IFNfjYDxhoTue0O6eI6WG/P5yL3tz1yjY9rybgNavn/uIj6pohND4MG7BjOYM
vlaRL4tAB6Wds+RZ3v452AtRBHj5tc4jZVnce2QV2RXIOHa09jqzqivjMSfsjljK
Q9B8bXfOTHONnJ00FrQOF0xAMu3/5GAF26mMQ1XBxDzsFa9PQZk26+kkyRTD6yN+
WbAu8+EdrDUVC/G1SISHHAqCloOz1g/hogpIOmbS/GN7T0dLEsiHxHX0tFHfExpN
y+Asqf2gqIrZDJkxHOCsc/nCHpCVqRkW6QJTYrg7+5tIJ1fbUgBOkeIOHy/YW77u
/vcfKoIdxq/oaCus3u4r
=VQ79
-END PGP SIGNATURE-

Accepted golang-pault-go-debian 0.3-1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 14 Aug 2015 16:09:34 +0200
Source: golang-pault-go-debian
Binary: golang-pault-go-debian-dev
Architecture: source all
Version: 0.3-1
Distribution: unstable
Urgency: medium
Maintainer: pkg-go pkg-go-maintain...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-pault-go-debian-dev - library to parse and handle common Debian file 
formats
Changes:
 golang-pault-go-debian (0.3-1) unstable; urgency=medium
 .
   * Upstream release.
Checksums-Sha1:
 6086d9db34ee0f56afd7ed2e2f67c54f3345c1b7 2294 golang-pault-go-debian_0.3-1.dsc
 50fb51b0a1680344c166939c52831ba2344464f0 24164 
golang-pault-go-debian_0.3.orig.tar.gz
 2b961eb4f930a51e3c5c188a38b21ba019a09845 2424 
golang-pault-go-debian_0.3-1.debian.tar.xz
 f32d57d16807dc8040dd325ca2ecd062eef1f8b7 22890 
golang-pault-go-debian-dev_0.3-1_all.deb
Checksums-Sha256:
 18a3e172c7005113a787a06c553fdd471df3b3821fa5d20da7b73f3a5d918de5 2294 
golang-pault-go-debian_0.3-1.dsc
 25ad3e99375d29c53f01d47fa24f37de1cba5b5b51f51295efd4643f1562b13d 24164 
golang-pault-go-debian_0.3.orig.tar.gz
 60e4f55f6b6be19703a1b7b1f80ba96f47157211f2b75e30168194d680073fdc 2424 
golang-pault-go-debian_0.3-1.debian.tar.xz
 b44eb6ca4fbab54e42d8ed2b9790ef8cbc35fd5f5477becf5c9981676bbcb44b 22890 
golang-pault-go-debian-dev_0.3-1_all.deb
Files:
 4e8989992d9caf2d9e7db422a6823b13 2294 devel extra 
golang-pault-go-debian_0.3-1.dsc
 369fe0c3afbf094358e101941dae4a17 24164 devel extra 
golang-pault-go-debian_0.3.orig.tar.gz
 d23e835e9ba0e890b3e174b26b7fb440 2424 devel extra 
golang-pault-go-debian_0.3-1.debian.tar.xz
 c684ab5c6f07ef5cf32007f3f24c3261 22890 devel extra 
golang-pault-go-debian-dev_0.3-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJVzfczXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqH8wcP+gMMsrCQOd6nC5oo0gxn82m3
hVPP/Rwvjy5N9zsPpamfpFrbpTV4pNYoeHaMHHNG5wCtTFfHwJ+LLfWYFhn3DUQp
n000f//bcwy2YHQJM5qqPs58cBQ0lGwdGreTka83VZd9VcM5eQsUFNcbjkzaoZNM
PX6fzAGuiABVTa4vLFKQsK6yqTeUslCBVvtzodW+dA2fdupHksstDzkNXhP8Jfn4
nUwB5hOULoNh7dXcbg9BLPCsZyNExXIGR6JBvIMmwdUyEFFfcjKjwAuwdNltI+im
NGpuXUO57c5I80JxM363HB3Lg6nrxK7UP82ZH+C2rLfGs8esVVWpxZQQeCdqmO5d
QuZaHcKLMAYIkxaJh0RjlT/46fHu8eaY222iU3xRoCJ0zqHtMG9zDgA7lIjZdoko
hkceaJ1wtAJzuDs8seXFua5A54/1zE7ZVahnsY0pj0nOE4GzI47p/9Ce5DFLE67D
7Dl+k8PamDRYWl+4Nk3JAHTdYOT8eA+wOT27oy228YbEXAbTxeU9HnLSSNHQA+h7
Gbwmz/GnQcnfCPEOBvLxf5/29IX3mVuo9tO4QczWCXCTjgIHGrf+th8yx2y7RLz5
omd8MewnRtUUXEaUoPq8D7tr46yvmWdciXD/ricreSj9J5Ep3uVEwTgO8jVwmpf3
yfEhan2SettgD0RJO+FM
=4OkD
-END PGP SIGNATURE-

Accepted golang-pault-go-debian 0.2-2 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 14 Aug 2015 12:10:46 +0200
Source: golang-pault-go-debian
Binary: golang-pault-go-debian-dev
Architecture: source all
Version: 0.2-2
Distribution: unstable
Urgency: medium
Maintainer: pkg-go pkg-go-maintain...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-pault-go-debian-dev - library to parse and handle common Debian file 
formats
Changes:
 golang-pault-go-debian (0.2-2) unstable; urgency=medium
 .
   * Switch to use dh-golang = 0.10, to use the XS-Go-Import-Path control
 header, rather than the debian/rules export.
Checksums-Sha1:
 e6a927a230ab6f614a6e389705eaa86a106a99ac 2294 golang-pault-go-debian_0.2-2.dsc
 ce9ced5d2f3d792141e05a0ac9da80ff892501bb 2424 
golang-pault-go-debian_0.2-2.debian.tar.xz
 9833aeb09fbde166318d6b51f2491c1826c02086 18934 
golang-pault-go-debian-dev_0.2-2_all.deb
Checksums-Sha256:
 e74d78c73826a6e98ff2590c06b7d8490ce1d57c11ce800d326793eb4cbaec24 2294 
golang-pault-go-debian_0.2-2.dsc
 1ea4445d0accf66ae279e40fc003b8166dba9aeede7d25115502bcc9b14be4ab 2424 
golang-pault-go-debian_0.2-2.debian.tar.xz
 6029bac8389c4820ebcc1d0458dedd4481f534afc5731b5d47594420259f332a 18934 
golang-pault-go-debian-dev_0.2-2_all.deb
Files:
 dcf4b3551bd898a655b40fe9f8774e80 2294 devel extra 
golang-pault-go-debian_0.2-2.dsc
 0a705e91489f63f0daab8d8e124ba9a0 2424 devel extra 
golang-pault-go-debian_0.2-2.debian.tar.xz
 d395024cc01d685cc7f22e840e72f802 18934 devel extra 
golang-pault-go-debian-dev_0.2-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJVzcCXXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHhvMP/3qh0BCZ3vD10aNNep9JLuWn
YB0cY5NJrsTESm0TahrHcAIDsfAtvWRIOovUdqgiJhdTDUYi80tV2dbJXohXLPWM
pr+Aqs9IKo0mAYW5hSf7N5lb7RaHmruhbwqrUfHkYN/4AmDMZ7kaNJCUjK2awz75
zRPlWJ8s5tFdMXPxuLy1zf6LlYAISsvs9ZFRZlB0NGo2tuKmY6F+0UIE9q9mNE35
qwM1G0lD2ENQBESQ9M4UBPemVlMSk1a58ohW2vUoFtEDOPYAqCkS5v2n4Fj102FU
qVrP3Lxm5FaOPcJgm8gMpBPka66oSba3H4s2GTXJkqTtBqP8+x2abevjn4TEqe3h
dxOcLIT0HAfN5dAnadz8enicFz7evMjQd0hLoaioOR9getntt1px1Ae7im+uitlR
D2shkq+lH41r3oKNH0Li6acxqPghfk++Q4F+uZWTmJ6fbA0taJqnDOCEVB1m4SLW
EQFv24skvMp8E5RHLjB6Ee41tZ9ao40+kA9od7H+1QGKWoMZlGh5mWX++Mroa9zy
Qmh6UP29Czt02ZiI8kgo5L83mxNDkCSGKT+sbj5km73x+/u+qDrUiQJPs4m/5hWb
Fp8nkwM5Bz8pCTxgGe8aHqHL8MJJmrtIqZMil8VUqcEhovlk4ADGUVbjtrtbsJlC
sfPZZ4vP4+9GOmi57UjL
=mTWR
-END PGP SIGNATURE-

Accepted golang-pault-go-topsort 0.0~git20150602.0.a54e6e0-2 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 14 Aug 2015 12:11:29 +0200
Source: golang-pault-go-topsort
Binary: golang-pault-go-topsort-dev
Architecture: source all
Version: 0.0~git20150602.0.a54e6e0-2
Distribution: unstable
Urgency: medium
Maintainer: pkg-go pkg-go-maintain...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-pault-go-topsort-dev - library to topologically sort a DAG
Changes:
 golang-pault-go-topsort (0.0~git20150602.0.a54e6e0-2) unstable; urgency=medium
 .
   * Switch to use dh-golang = 0.10, to use the XS-Go-Import-Path control
 header, rather than the debian/rules export.
Checksums-Sha1:
 eac64a014657dd3b931820ab46508e578746cc7a 2410 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-2.dsc
 310ec7d1573a17a792ad3f0eaae9bfe56dede3db 1848 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-2.debian.tar.xz
 dcb5cea149117bd731c53541908fdb8dd60e58f6 3736 
golang-pault-go-topsort-dev_0.0~git20150602.0.a54e6e0-2_all.deb
Checksums-Sha256:
 1e7f482a8c93836b7b6cf80898d30364b2651a3eb3fce42d44a0a2f517b90f3c 2410 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-2.dsc
 93cf1fa106356dfb15b7a4bac9f1c9711a0a4a13662f9e3b789d71baf6a318d7 1848 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-2.debian.tar.xz
 1a89e493edf49252aee26590caa7e41de09e6e6bbf2fc3d1f5e448430d22d6db 3736 
golang-pault-go-topsort-dev_0.0~git20150602.0.a54e6e0-2_all.deb
Files:
 2c2f4a73fb686012cb90e5ac27719ebb 2410 devel extra 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-2.dsc
 b7cfb612c9f1b2789fb5a995f035e3d2 1848 devel extra 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-2.debian.tar.xz
 a1c10652402d2e3bf58356b14e6e3f6d 3736 devel extra 
golang-pault-go-topsort-dev_0.0~git20150602.0.a54e6e0-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJVzcChXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHj40QAJj0RF2I8HWjxTpIOoi1FL63
rXWlEOuXZL6OKtcdOoNaAHNfY2vIuT9iCdLtCN+FA3y27P3lnGH1o1/G9GPJRTv/
RCKknX6YE8Wv08rmWuOFnGBcrG2Nfeknh9R+B1X+EWVkhjaF/Lk3kIjArfzNUpWS
vxC+ozex9jCxD3dle8lmzZYB5vr8ZhbMDIQo/Xw6Z5DzXdDHilb6jq2vEvGKnll3
mQun95J5K1QGo2Q4eHaT14chdTnKhQgbkJKDy/v8rlduMs8btzlWgawHMYu8cgG6
nW4mBlHwZbYh/7WEcONS2GCr5YCBhX/2muqLS3LicvrcWjylmfvlWQru+5v5Tnru
t2FWJUiJfjNlU1C45e8f2zdTLLfdtmT+t7h0blG4Vg5MdGnwWM0e1gLpNkgnq4Gd
UdCmGJttZstYFHqcCcsL8Yts8OVqUaXPJJVlyLTOzL4JafPuqbg5iQGs5uQJ0pbg
PC91cV/6PuGiKbqIFGscD4TRrqJeueZWCpCDIeI/DSKNSzDPnbyDhYbiyM3DxHfP
ydslh8JVsh/yn7tmtRbgRBhNmF965E+GXTeK0V1jr0ng/QAf3Jm6fqDvIq+PN65d
BgdKC+h5Z9dT6Cyj3QxvavW/KyDu5HtUr9Ly6whXJi97ym/T6/g44x2lcPSDjiRk
64n8bAfDtBv/MdcUzDev
=T6Pf
-END PGP SIGNATURE-

Accepted golang-pault-go-debian 0.2-1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 31 Jul 2015 12:53:50 -0400
Source: golang-pault-go-debian
Binary: golang-pault-go-debian-dev
Architecture: source all
Version: 0.2-1
Distribution: unstable
Urgency: medium
Maintainer: pkg-go pkg-go-maintain...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-pault-go-debian-dev - library to parse and handle common Debian file 
formats
Changes:
 golang-pault-go-debian (0.2-1) unstable; urgency=medium
 .
   * Upstream release.
Checksums-Sha1:
 2a42d12b91ad06e0907114016fe2d195021be7be 2248 golang-pault-go-debian_0.2-1.dsc
 4e8e52c3df8afc13370ad1b6edae0ce72b4b1ed5 19442 
golang-pault-go-debian_0.2.orig.tar.gz
 37ffe22a7e81ee67d2abecb5c61dd6aade079acc 2356 
golang-pault-go-debian_0.2-1.debian.tar.xz
 f685b6eeac4a38a8174551c7a38d7af9b6a49636 18824 
golang-pault-go-debian-dev_0.2-1_all.deb
Checksums-Sha256:
 3ec5155914f8058809c5318af61e0e9b05f22eb65a6c24be17dec86dc4bf6edd 2248 
golang-pault-go-debian_0.2-1.dsc
 b97f3f66e3c62b531413a9553e568a3e4952351e5568c7995125e0eaa88b8ad4 19442 
golang-pault-go-debian_0.2.orig.tar.gz
 32978efe8b94963d60a42e477aadc3e53c97a6c029867f3cf85a69772dbc2b5e 2356 
golang-pault-go-debian_0.2-1.debian.tar.xz
 4769d057596543d4bc61d48fcdc59f44bb4db2c6ad6be5efe056263ef46aad30 18824 
golang-pault-go-debian-dev_0.2-1_all.deb
Files:
 cbd3a257a736713d9bd5106d6fd7ba5e 2248 devel extra 
golang-pault-go-debian_0.2-1.dsc
 5e9c7715868bf6450d490b29c4e79d7e 19442 devel extra 
golang-pault-go-debian_0.2.orig.tar.gz
 de63173d6881baeda3ea064007fd8a27 2356 devel extra 
golang-pault-go-debian_0.2-1.debian.tar.xz
 b85d818034f69840b5f90ce7f0508026 18824 devel extra 
golang-pault-go-debian-dev_0.2-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJVu6hXXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHrBIP/1NeDXAIJLfIJz9V3g4VvlT7
GZITbtL0fAOrvc+5Y/LwleF8ILX7qzPy2FTF1S1VxcYCp5qY3K2MRDXpU35mafLN
lT10zXrgBNV8hq+6N6rXDLZoLJzdY11so3P03N8dRbniAKJqGCW08/fr7A4qNMmx
1UegI9i+7iNsAGzDHdyR6c+6C2/azQfb8hf1faTbBgj7SW4geWOxDWPjl+EWGWQ+
rT8k3coE6+s4QtcVWcvNeb1v2WzD4j7M9Swr5nvBO7Vd4wCBjyqghYDN+1emdwSr
Amcq4z7ooQjSglSLQkzC5MLfDtvJFmQAp3CxGv/l1L33dmKczpafyp5j3yAyqeQy
0VK7UEYv7R1nRuzW6T17OeCqwh/CBUh4Cf7fXjqLVx7fyvfxvlYI7yBWHsPP0NaY
ClEwkw/2PEjm2UYYCPs2DEQZizWTwHbGyr75H3CMkDIswwlHft+QpTX3pTkyiE/4
BF2FnywCd+/VR+b5Kszl3sh3outm2tj3vsOclLtU+s3OYqjZt/JPJXvT38W21RBL
OcFw+IIhED1WCSnVTxbrSK0GY0qgZuMHNVB2QftiGOeHrimO4S76b2RjiwtcyynN
KRLPAO5yASinGSC8ms9nO1kMKbwc9RbFurnoLYzl5i9AHs4Q1129QyGXNA2wUEu8
9EDym18UFsIkUYIVOAbp
=dXe5
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1zldj9-0001am...@franck.debian.org

Re: Metapackage dependencies: Depends or Recommends?

[Paul Tagliamonte]

On Tue, Jul 28, 2015 at 10:58:00AM +0200, Ole Streicher wrote:
 What is the rationale behind this? From the policy, I would think that
 Recommends is the perfect dependency here [2]:
 
 | Recommends
 | This declares a strong, but not absolute, dependency. The Recommends
 | field should list packages that would be found together with this one
 | in all but unusual installations.
 
 Why should one use the much stronger Depends here?

Well, I have a personal thing about this - it strikes me as quirky to
not have a Depends, since those metapackages, without all of them, is
technically not satisfied.

I'm sure this is personal taste, and in the end it won't matter for
most people (except folks who don't install Recommends, but they're going to
break their system regardless), but I'd prefer to see metapackages use
Recommends for the things that should (but don't *have* to be)
installed, and Depends for the things that the metapackage is there for.


I am curious as to what consensus is on -devel

Cheers,
Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted golang-pault-go-topsort 0.0~git20150602.0.a54e6e0-1 (source all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 26 Jul 2015 15:30:19 -0400
Source: golang-pault-go-topsort
Binary: golang-pault-go-topsort-dev
Architecture: source all
Version: 0.0~git20150602.0.a54e6e0-1
Distribution: unstable
Urgency: medium
Maintainer: pkg-go pkg-go-maintain...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-pault-go-topsort-dev - library to topologically sort a DAG
Changes:
 golang-pault-go-topsort (0.0~git20150602.0.a54e6e0-1) unstable; urgency=medium
 .
   * Initial release
Checksums-Sha1:
 5ec416f88e513f8b1f1dd0cf6ee6c2c635fe42b8 2363 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-1.dsc
 e847f7f3b2879fce2934fad32709ee9a79f437cc 2933 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0.orig.tar.bz2
 869561088aa86c6442d8d01c31f56ec5dae6b050 1776 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-1.debian.tar.xz
 7b21ab2b4bb863a3e378978099fee0e26374bc9d 3610 
golang-pault-go-topsort-dev_0.0~git20150602.0.a54e6e0-1_all.deb
Checksums-Sha256:
 d3a23260f51f1fa236e020831587926c19ccc95747e88c2bec9b52b0b0f7807d 2363 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-1.dsc
 1b4429e040cbd3df81af077289f9d770c2cddfff7bb16136f1f59ff296c49874 2933 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0.orig.tar.bz2
 635c39c94c7baa9c673b03fd86e83375b754978535e3da24f701dfe18d83c40d 1776 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-1.debian.tar.xz
 9322710ba04729b78746ea6018bd4756e6c68c6d8c97d091e791d48c29810e5c 3610 
golang-pault-go-topsort-dev_0.0~git20150602.0.a54e6e0-1_all.deb
Files:
 d7798be9b0e786190368aff21e38b1d3 2363 devel extra 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-1.dsc
 7a33f95168f5356f903faaf8b3aee98e 2933 devel extra 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0.orig.tar.bz2
 fe22b522993cc920145d67a3cbaa6959 1776 devel extra 
golang-pault-go-topsort_0.0~git20150602.0.a54e6e0-1.debian.tar.xz
 34841da8786dd70b96894ac4c674b7c0 3610 devel extra 
golang-pault-go-topsort-dev_0.0~git20150602.0.a54e6e0-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJVtTl7XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHpd8P/1iRYMjpXDok1Whb9HCgfjaG
DUX6ph6WEfL616tTjzY9Azzyae3S3fioGQQWGIglj9wNDbQupgJddaJK+p9d1KjC
MxVkjt3h+mCrNEfr5ypkNxIQv8XXnureuozLJTdd61HY8srmDZqx7naqj2+l1CDP
lEzvmtngCCSOou9JeDnrTPPAQZBQ7KpLpT+Rwvh953crEbBTov5VsD5vXLPHU4PR
idIFJSG4ISRubOLwoiL86xp+Yx/wy5KHMl/x2L35iNBKwbEdwAsauKAtM9LPTNzO
F0czsSAoQf0ZkOqW7MN4/M/fiYMbHXGtEqS5oIghPm8sH8vAG5j6Pri7bFRiCv1D
mMY1PWwK4dO8buZ/fBC2ZFDZnJY37bqBaAN+zf+RJ8zjoYyFFpHutzBaAKMwmr7w
6+bR8vcjU44fSWHF0BmjjN8413NTPdETP4O7GYCAOipmXDwOUrS6FNPx4/8c8YBh
xAQYNRQZWKnehQX6O+cVI7hEEEOc1I2/RqZwvSdq4bwKtD0E2wWdhHzkQ98H5BFN
OAO/1oA/PbracubHcbnUPVR+yAjMubhXkhVi86fICk1cKovJLIMBHsbUBwAtZWt1
sh243O3BE3I3PtqCOBfmf60RSua36UoLILRKs9mnWPwW3XxY9RO6Nmx7VYvnOFZ7
/z2co9rpSd08mB6uMk5T
=BbUD
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1zjmh9-0001uw...@franck.debian.org

Accepted golang-pault-go-debian 0.1+git20150726.2.66db6de-1 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 26 Jul 2015 14:42:06 -0400
Source: golang-pault-go-debian
Binary: golang-pault-go-debian-dev
Architecture: source all
Version: 0.1+git20150726.2.66db6de-1
Distribution: unstable
Urgency: medium
Maintainer: pkg-go pkg-go-maintain...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-pault-go-debian-dev - library to parse and handle common Debian file 
formats
Changes:
 golang-pault-go-debian (0.1+git20150726.2.66db6de-1) unstable; urgency=medium
 .
   * Initial release
Checksums-Sha1:
 35bee54e857352ed9cd4fc5fef5f52889c040907 2405 
golang-pault-go-debian_0.1+git20150726.2.66db6de-1.dsc
 7c178dfe39e22ac03f03f6ed82099f2b5d28b43e 17170 
golang-pault-go-debian_0.1+git20150726.2.66db6de.orig.tar.bz2
 c3f2709f9695476e85367e9629b24cff66ebd6af 2380 
golang-pault-go-debian_0.1+git20150726.2.66db6de-1.debian.tar.xz
 5e139965500e78927b4c8235c88594b0fc1982fe 16828 
golang-pault-go-debian-dev_0.1+git20150726.2.66db6de-1_all.deb
Checksums-Sha256:
 8a67b14f3d87f7deef5279c2bd1c568877ee21ad5108fc15ed7d02b303ef575b 2405 
golang-pault-go-debian_0.1+git20150726.2.66db6de-1.dsc
 f26c299f18bb637b52e5744ffb55448ca0376e3730ebb251db54bfc07ff488af 17170 
golang-pault-go-debian_0.1+git20150726.2.66db6de.orig.tar.bz2
 04a0933e4bac8c2ca56b4ae3470e9a88548745093d463a75926edb98cd778886 2380 
golang-pault-go-debian_0.1+git20150726.2.66db6de-1.debian.tar.xz
 8ed4beee49f4bf1d209c601746fc0b8aa044bf934c0ecff07db315585167111e 16828 
golang-pault-go-debian-dev_0.1+git20150726.2.66db6de-1_all.deb
Files:
 579f42de37b323a6578487c1d51f21f4 2405 devel extra 
golang-pault-go-debian_0.1+git20150726.2.66db6de-1.dsc
 8befee22ac7ecbed9e924d2195cfe55d 17170 devel extra 
golang-pault-go-debian_0.1+git20150726.2.66db6de.orig.tar.bz2
 0a0806c66d1c372f65bfd8f4a60c376b 2380 devel extra 
golang-pault-go-debian_0.1+git20150726.2.66db6de-1.debian.tar.xz
 ac63df748f716554dde0d119210743e7 16828 devel extra 
golang-pault-go-debian-dev_0.1+git20150726.2.66db6de-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJVtnUiXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqH7SoP/Arcn/GtRhNIRD0n+cXTBts3
/I6icb/87p/xzDd+TSfOxplnSQ913fWLbMbwRYTe9JZiE7Kd/Q71o3aOivbxzQX/
I9Q8/j9lovmKKag6y3DlqcZgTyv7jYn0S3SY0VFW8Zbv3aSZTUKnA/2m6mc4ehv3
5vu/VsTQBKKpR8SQzOW/zhOC9+ZHgRFEOiq+tjKVuU3rs4pznCSYYNUcTvVHTY2j
sT0ktad0iJqsvtmcqRaeg7LZuq+9/vRzdIfbYW1x/u65jllSjAn5U55QeragN2vB
cbCS9hjMwtW4kWHW4aFeNaqWh7TkeDTDafawLI+F8YXOaVNYsie4/OZcG5BOpdia
oHgxzucDe3mUQixDSFEjb7rYMHa6VocSKtLA3UCmWWxBMyt8aW9nBhiUl/Hsg6RD
fnANCutBcGiIuiD1djhwMPYPDMhsh71vVLLD6cuazGs7b2ya2KE73JEnN5T6evJT
DVw2IJ6rRJum69jzlsBB2HkRdbNFIVQ1tWYihNSTIFx0bm7C55ovP671fLuouMNe
/p6argsHWg5M09eL7+JPQKbW3tF9CI11XX4NXT3Plv6x8UbjROPLI2lVCGvWFpq/
+KYVwz0f5XIVMb7Iy82mK32S2RffHGw53NfU/NjxN4KRL5opoEVGcEnjQBGfcLjI
gPIjZ61tyw+QiTbbpnSp
=/Mf0
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1zjnea-0008o2...@franck.debian.org

Re: MBF for python-support removal

[Paul Tagliamonte]

On Wed, May 20, 2015 at 11:25:59AM -0400, Barry Warsaw wrote:
 On May 20, 2015, at 04:36 PM, Luca Falavigna wrote:
 
 Does anybody else have comments / adjustments on the text above?
 I'd like to send out the bugs within the end of this week.
 
 LGTM.
 -Barry

Ditto. Burn python-support to the ground.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted docker.io 1.6.1+dfsg1-2 (source amd64 all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sun, 10 May 2015 13:02:54 -0400
Source: docker.io
Binary: docker.io vim-syntax-docker golang-docker-dev
Architecture: source amd64 all
Version: 1.6.1+dfsg1-2
Distribution: unstable
Urgency: medium
Maintainer: Paul Tagliamonte paul...@debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 docker.io  - Linux container runtime
 golang-docker-dev - Externally reusable Go packages included with Docker
 vim-syntax-docker - Docker container engine - Vim highlighting syntax files
Changes:
 docker.io (1.6.1+dfsg1-2) unstable; urgency=medium
 .
   * Add --no-restart-on-upgrade to dh_installinit so that we don't force
 a stop on upgrade, which can cause other units to fall over. Many thanks
 to Michael Stapelberg (sECuRE) for the tip!
Checksums-Sha1:
 8074e5e1ee3d78ac9617fc2a9907029030978b65 3606 docker.io_1.6.1+dfsg1-2.dsc
 ef69b59d1df51e9807417eb87c9f2671f3a49a72 16152 
docker.io_1.6.1+dfsg1-2.debian.tar.xz
 1fb41aba33852196d788fa1d75cea04390a2cf19 4554218 
docker.io_1.6.1+dfsg1-2_amd64.deb
 a2d5b49cd18737d9df66dfa724115096499ebf67 30066 
vim-syntax-docker_1.6.1+dfsg1-2_all.deb
 cdb63f3bbd5d8c99b713d1cb99c19c7fae4d5f3b 257698 
golang-docker-dev_1.6.1+dfsg1-2_all.deb
Checksums-Sha256:
 0838d0485f344d5320f802aba907f6b7d4537e9ebefc6bdbe267dda29c190af0 3606 
docker.io_1.6.1+dfsg1-2.dsc
 ceb5a376d43034524000e00b960385b686782ec345ee1d7c18a69a9cde0ffe7a 16152 
docker.io_1.6.1+dfsg1-2.debian.tar.xz
 c842f65564e0cdeab113b5767b94188b0041aafab90f9384a27b9ebff384cc5f 4554218 
docker.io_1.6.1+dfsg1-2_amd64.deb
 c937878cc28f0ac01b11eb799cf372172c82cd435afc244b76359c20fe87d37c 30066 
vim-syntax-docker_1.6.1+dfsg1-2_all.deb
 3d91d6c345129121eaffc74ac216afd87eccbed82cdb8eb8a869fea272a801d6 257698 
golang-docker-dev_1.6.1+dfsg1-2_all.deb
Files:
 bb2fb19faf1a86a91160fc734d4aa61b 3606 admin optional 
docker.io_1.6.1+dfsg1-2.dsc
 278c4ae03a7975b435ea452470d2e35b 16152 admin optional 
docker.io_1.6.1+dfsg1-2.debian.tar.xz
 da1534a3f838e53d00f617d51a0118b1 4554218 admin optional 
docker.io_1.6.1+dfsg1-2_amd64.deb
 4704b70e12e61815ca16ac4cf344192f 30066 admin optional 
vim-syntax-docker_1.6.1+dfsg1-2_all.deb
 b014e636b1783b82486de761cc2af554 257698 admin optional 
golang-docker-dev_1.6.1+dfsg1-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJVT5YcAAoJEHtYWzCAfCqH1a0P/3QyYwrL/zXHb34ogKfyw32N
S0KJyzpcuTNK8xoefpx2l6PHOzD8jj8rEu3pkCMGqlvGyCTpSf3a0LtzvoDZxWIL
iYt0jYUZWUbXBSfb9qMiDSQadjpb1roCUEWZ2XKY5yuxWCp9W9BqXZArX6ej2k2r
TE3L2Ned3JJVzBOI1DCRORjK8tqgVa0UEOZgyE/Jb6+q19lJkqGRnSAxRWUfaYoP
5k4S0tY6Ox6juF5X/fSIgLODYy12o76FslLERhJtx60+znkeXLtJLLO9DIGOFfHD
5/Logh+/xt8JYzQQXUWYvOKvFc2JigCNoHAoNYA/ogChx5RaqnzyG41VuI3wFs3M
PSxzOb7pvtjDHYV/MUpQgLYrQ9TlOqrlEdCA0/iVq+PIgxltUHf207c9Hx9IlwzN
ZknyCaDyCfcofZecGa0ilLnhmCZ3JCtY4GJlLbufFXLdo8pmvGvL9NFRB1qYiJ+S
x6jMJQTRxldU8036ie3xvagV8b1mare0BpfP+sESIkDjfWwcxzMQ/AjdN/Gi8cjk
KohOJl+ybRZ8/UAO1mSs1P0FG9IkBoE6lRK6pZPZsGDD2WmLPrNb0xHOoI3+C8v5
GHqDMrPSNE8EFN3AGiHtoZGsM5NKKMIFNwBSod5NfK61xuL75WUBaI4ZKfVGLGeR
WYqWTXkyk73/LVevVHT/
=8WYc
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1yrvle-0002oo...@franck.debian.org

Accepted dput-ng 1.9 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 29 Apr 2015 21:29:13 -0400
Source: dput-ng
Binary: dput-ng python-dput dput-ng-doc
Architecture: source all
Version: 1.9
Distribution: unstable
Urgency: medium
Maintainer: dput-ng Maintainers dput-ng-ma...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 dput-ng- next generation Debian package upload tool
 dput-ng-doc - next generation Debian package upload tool (documentation)
 python-dput - next generation Debian package upload tool (Python library)
Closes: 783746
Changes:
 dput-ng (1.9) unstable; urgency=medium
 .
   * The  jessfraz ya jessie FTW release
 .
   [ Sebastian Ramacher ]
   * Remove obsolete conffile /etc/dput.d/profiles/backports.json. Thanks to
 Jakub Wilk for spotting the obsolete conffile.
 .
   [ Luca Falavigna ]
   * Add support for Deb-o-Matic binnmu command.
 .
   [ Tristan Seligmann ]
   * Add jessie-backports to list of Debian codenames (closes: #783746).
Checksums-Sha1:
 dea1e7d4f83842498413f3fe175c71ed292d8fa5 2130 dput-ng_1.9.dsc
 0c09bf4b95efd6faa5e6f7adbb5fc969699e5689 82528 dput-ng_1.9.tar.xz
 3ac09d8eafaeb970ce5df8c436444c076fab9eaa 36480 dput-ng_1.9_all.deb
 2ed82abfc3d876d56a51eafd037930c22a2b1699 41154 python-dput_1.9_all.deb
 f0ad97a1005df5632dd064a865bdcc15ada10eb1 61730 dput-ng-doc_1.9_all.deb
Checksums-Sha256:
 28f151aeb284aa620b38642e5ee9bb24a64984416c5670cadd98618d0fae6b82 2130 
dput-ng_1.9.dsc
 e0bbc725147a3d4690d47871a8b9c3f7e13dc41f678d29d481923ef08fec1ef8 82528 
dput-ng_1.9.tar.xz
 b158e72bc520ee51bc5358cb291078bed20674cb049a9b3b3e744cbc4f0a2339 36480 
dput-ng_1.9_all.deb
 4858bf6a51ed24bd8753fb01c9b0cc17a4905b6a58794029510ee15d9144a12c 41154 
python-dput_1.9_all.deb
 0f1148458c42531c29b4512ebdb2c40eb576012425e63c44683778c0089c02ab 61730 
dput-ng-doc_1.9_all.deb
Files:
 63c5e045c213ee3d1e145e248d9fa82f 2130 devel extra dput-ng_1.9.dsc
 9112694d5c5f04114835a5a8d7478fd9 82528 devel extra dput-ng_1.9.tar.xz
 e104ebbb588e4e6c47ec8a5a9898269f 36480 devel extra dput-ng_1.9_all.deb
 84ccf0b46f0a0abb37a5334acbd93706 41154 python extra python-dput_1.9_all.deb
 57ee474e705a09953361fbf928c9ae12 61730 doc extra dput-ng-doc_1.9_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJVQYamXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHU+0P/1Gk7hoLMHCcArZ6hbmauv9I
U4LbaEBEIqpk1maSbnsdWd3dHXTKPC1U31pN5VP1aDXdJg8GQpoDKDvzVLMKhQoj
KJ5ZQvUh81a07RqfrlFoZU2qaXRWqE3KLQGeM0NVdv3Ut39iQ1HKNfzPWlm3t4ev
npCo6YRXtOBoKlUHO19obz9zo6A8h6uV7yFyet7qJZ8Wv9Je7bEgt3T5mOD/kqQ8
vNsPSZt1y+MwSjKGiftMDJ6pDVkrXFXbpspqRag8Xfw2QDCHWOJ8g28VyJHtNxja
ZbvxIyDyMVkEAGAEMcxE6I1PVNikhPT8GhN9MTs55q5CXgAr7nAFAvkE3REkKVUO
/TX0VUmgqPPQLc6oxOm+VKqModQroKpZf44Lz+NaKVmIemcnoBr9ojhC4TFnNB+/
TmKaT30owbXBouIxGituioJuztjJ0OS17qBOP4NS4WMjRxVqlldR/U11ayjVDqov
tq9eJLXFiUy6JelnRdFkZenfhw3y+Mkf32DKu2m2KO/s/sX5ztYErg8y6umrArzy
A4/KwPjHSB0bCuX62kqC1WDlXHh3ewh+CDq0/uLvTFoQFgNN3FABlI4bNvN+XM5N
wiXxDDuoxj0D+FO078j7Srqq5xiVEFJ0pE4vsrgB21qpfyekQTKs9qB7jUOQMhqv
GzWTZhY+xeKaPkyHTATd
=EiVe
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1yndb4-0003qu...@franck.debian.org

Re: MBF: build Python 3 modules for packages that support it upstream

[Paul Tagliamonte]

On Sun, Apr 19, 2015 at 02:41:47PM +0200, Julien Cristau wrote:
 You might want to give people more than 24 hours to comment.  A week
 seems like the bare minimum to me.
 
 Cheers,
 Julien

Euch, sorry, I filed them this morning, but it was only like 40 or so
packages, a chunk of which are DPMT.

Sorry for doing this without waiting enough, I just wanted to get them
tracked, and I figured these were all kinda no-brainers.

Sorry if it's bothering anyone, I'd be happy to talk more about the
ongoing efforts here.

Cheers,
  Paul



-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: GitHub “pull request” is proprietary, incompatible with Git ‘request-pull’ (was: debian github organization ?)

[Paul Tagliamonte]

On Sat, Apr 18, 2015 at 05:55:17PM +1000, Ben Finney wrote:
  Sometimes I wonder if people think free software is so fragile that if
  anyone who works on it ever touches non-free software, everything we
  built will crumble. I think our community and ecosystem is a lot more
  robust than that.
 
 Conversely, I wonder why people are so eager to cede the power of peer
 collaboration by setting up single-vendor services as mediators of our
 peer relationships. Surely we have seen that fail far too many times to
 be led down that path yet again.

The real conversation here is slightly more subtle, I think.


You, me and the majority of people here on this list *are* willing to
make tradeoffs for our freedom. Our tradeoffs often come at the expense
of ultra-modern hardware, fancy new non-free software and the SaaS of
the month.

We're willing to hack on our stuff to make it work -- to create a free
and open source world. That's why I'm here. That's why I spend hours on
this stuff.


Other people, they made other tradeoffs on their freedom. They're
willing to give up some of that freedom to a company, subject themselves
to a power dynamic wherein they're denied freedom, in a pragmatic
decision to just not worry about it.

People use GitHub simply because they don't have to host it, they don't
have to maintain it, they don't have to tell contributors how to
contribute. They're using Slack because NTEUs can use it better than
IRC. They're using gmail because mail servers suck to maintain.



Everyone's willing to make tradeoffs on our freedom. It's what tradeoffs
we make, that's the question.

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: [py3porters-devel] MBF: build Python 3 modules for packages that support it upstream

[Paul Tagliamonte]

On Sat, Apr 18, 2015 at 10:38:10AM +0200, Jakub Wilk wrote:
 * Paul Tagliamonte paul...@debian.org, 2015-04-17, 20:07:
   faulthandler
 
 This one is is part of stdlib since Python 3.3.
 
   cython
 
 Already packaged as cython3.

Perfect, thanks jwilk! I'll remove those from the list :)

(I actually knew about the first, that was out of my local list, sorry
about that!)


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: debian github organization ?

[Paul Tagliamonte]

On Fri, Apr 17, 2015 at 03:36:45PM -0300, João Vanzuita wrote:
 And wanna ask you guys to answer the Jonathan Downland question bellow.
 
 On 17/04/15 13:06, Jonathan Dowland wrote:
 The real question is: what do we gain by hosting such things on github?
 The social stuff, pull requests, etc.?

Uch, so I resubscribed to -devel -- it'd be nice to email the admins of
the thing you're talking about to, well, ask them.

I've been using it to create repos where I need to communicate with an
upstream on GitHub (so that it's in the Project's namespace, so it's not
locked up under github.com/paultag when I go missing), and I maintain
mirrors of repos on git.debian.org (using a VCS sync script I wrote) to
let new contributors send me patches.

Lowing the barrier to entry, and helping them work with a different
workflow (alioth, etc) once they feel comfortable contributing is much
less intimidating.


So, yes, it's nonfree. Yes, it's controlled by DDs. No, I don't think
this should be the Vcs-Git: target. No, I don't think we should endorse
GitHub. Yes, we need free tools. Yes, we should contribute to the F/OSS
community where upstreams are.


I even wrote a GitHub Pull Request - format-patch series tool, but
never deployed it. One day when I have all the time in the world :)

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: MBF: build Python 3 modules for packages that support it upstream

[Paul Tagliamonte]

On Thu, Apr 16, 2015 at 06:50:11PM -0400, Paul Tagliamonte wrote:
 I'll curate the raw run I did today, since I saw a few false positive
 (python 3 backports to python 3) and file them. I'll run a dd-list at
 some point before the file.
 
 Severity will be wishlist. Target is the next release / sid after Jessie
 release.

Since I've got no one complaining, I'm going to go ahead and file these
under the usertag patchme-python3, wishlist, and with a note it's for
after jessie releases. I'll compile a dd-list and run through it before
the filing.

Thanks!
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: debian github organization ?

[Paul Tagliamonte]

On Sat, Apr 18, 2015 at 06:03:12AM +1000, Ben Finney wrote:
 Upstream is using a decentralised VCS, it seems a little condescending
 to assume they are incapable of using it.

An entirely fair point, however, I also think it's quite rude to ignore
the workflow they've chosen for contributions -- if they expect PRs, it
might disrupt their workflow and result in a much harder time for them.

Honestly, it might mean they pull it into one of their repos and make a
PR to the canonical repo. Which is just making work for them.


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: MBF: build Python 3 modules for packages that support it upstream

[Paul Tagliamonte]

On Thu, Apr 16, 2015 at 06:50:11PM -0400, Paul Tagliamonte wrote:
 Severity will be wishlist. Target is the next release / sid after Jessie
 release.


Draft text and dd-list attached. Please let me know of any false
positives if you see them.

I'll start filing tomorow night.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt
Package: {{package}}
Severity: wishlist
User: py3porters-de...@lists.alioth.debian.org
Usertags: patchme-python3
thanks

Hello there!

This package contains a trove classifier[1] in its `setup.py` like
Programming Language :: Python :: 3. This means that the package's upstream
developers consier this package to be ready for Python 3. This is wonderful!


As part of an ongoing process to migrate as much as we can to Python 3 to
ensure we're ready for our glorious Python 3 future, please build a Python 3
module.


If you need help doing this, please feel free to contact the Debian Python
Modules Team (DPMT), and we can help! If you would welcome a NMU, please do
let the team know (py3porters-de...@lists.alioth.debian.org).

Please upload any new versions before Jessie's release to experimental, the
Release Team has been doing such great work, it'd be a shame to see unstable
out of sync before we release!



If the reason you've not built a Python 3 module is due to the dependency
chain below you, just let me know, and I can add it to our list, or feel
free to file a bug in coordination with the team!


Have a great day, and thanks for your work!
  Paul, on behalf of the Python 3 Embetterment Squad


[1]: https://pypi.python.org/pypi?%3Aaction=list_classifiers
Adam Schmalhofer adam.schmalho...@gmx.de
   execnet
   pytest-xdist

Alex Chiang achi...@canonical.com
   python-messaging

Andrea Corbellini andrea.corbell...@ubuntu.com
   python-iowait

Andreas Tille ti...@debian.org
   python-hl7 (U)

Angel Abad an...@debian.org
   glue

Ben Finney ben+deb...@benfinney.id.au
   python-lockfile

Bernd Zeimetz b...@debian.org
   flask-wtf (U)
   mod-wsgi (U)
   parsedatetime (U)
   wtforms (U)

Bjorn Ove Grotan bgro...@grotan.com
   pyrad (U)

Carl Chenet cha...@debian.org
   pycallgraph

Christophe Siraut d...@tobald.eu.org
   python-django-contact-form (U)

David Paleino da...@debian.org
   python-couchdb

David Watson dwat...@debian.org
   python-django-south

Debian Med Packaging Team debian-med-packag...@lists.alioth.debian.org
   python-hl7

Debian Python Modules Team python-modules-t...@lists.alioth.debian.org
   basemap
   django-auth-ldap
   faulthandler
   flask-wtf
   mod-wsgi
   parsedatetime
   pycallgraph (U)
   pyodbc (U)
   pyquery
   pyrad (U)
   python-django-contact-form
   python-gmpy (U)
   python-http-parser
   python-meld3
   python-pgmagick
   python-pyftpdlib (U)
   python-pysnmp4-apps (U)
   python-pysnmp4-mibs (U)
   python-socketpool
   sphinx-issuetracker
   transifex-client (U)
   wtforms

Debian QA Group packa...@qa.debian.org
   django-authority
   python-django-treebeard

Debian Tryton Maintainers maintain...@debian.tryton.org
   relatorio

Deepak Tripathi apenguinli...@gmail.com
   pyodbc
   python-pysnmp4-apps (U)
   python-pysnmp4-mibs (U)

Dirk Eddelbuettel e...@debian.org
   rpy2

Felix Geyer fge...@debian.org
   mod-wsgi (U)

Fladischer Michael fladischermich...@fladi.at
   sphinx-issuetracker (U)

Free Ekanayaka fr...@debian.org
   python-pyramid-tm
   python-pyramid-zcml

Ghe Rivero g...@debian.org
   pysendfile

Jackson Doak nosk...@ubuntu.com
   python-meld3 (U)

Jan Luebbe jlue...@debian.org
   python-pysnmp4-apps

Jan Lübbe jlue...@debian.org
   python-pysnmp4-mibs

Janos Guljas ja...@debian.org
   python-pyftpdlib
   transifex-client

Jeremy Lainé jeremy.la...@m4x.org
   pyrad

John Paulett j...@paulett.org
   python-hl7 (U)

Jonathan Wiltshire j...@debian.org
   pyquery (U)

Laszlo Boszormenyi (GCS) g...@debian.hu
   python-greenlet

Laszlo Boszormenyi (GCS) g...@debian.org
   python-greenlet

LLVM Packaging Team pkg-llvm-t...@lists.alioth.debian.org
   llvm-py

Martin Kelly aomig...@gmail.com
   python-gmpy

Mathias Behrle mathi...@m9s.biz
   relatorio (U)

Michael Fladischer fladischermich...@fladi.at
   django-auth-ldap (U)

Michael Hanke michael.ha...@gmail.com
   openpyxl (U)
   pydicom (U)
   scikit-learn (U)
   statsmodels (U)

Michael Hanke m...@debian.org
   lazyarray (U)

Michal Čihař ni...@debian.org
   tagpy

Miriam Ruiz little_m...@yahoo.es
   faulthandler (U)

NeuroDebian Team t...@neuro.debian.net
   openpyxl
   pydicom
   scikit-learn
   statsmodels

NeuroDebian team t...@neuro.debian.net
   lazyarray

Ondrej Certik ond...@certik.cz
   cython (U)

Pierre Chifflier pol...@debian.org
   python-ptrace

Python Applications Packaging Team python-apps-t...@lists.alioth.debian.org
   cython

Python Modules Packaging Team python

Python 3 porting ML - Request for Projects

[Paul Tagliamonte]

Heyya -devel,

If anyone has Python 2 only projects that you need a hand with porting,
we have a brand new list:

https://lists.alioth.debian.org/mailman/listinfo/py3porters-devel

This list, within less than 15 hours of my posting the d-d-a mail, has
over 110 people subscribed.

Feed us. Feed us old code. Let us hack :)


Please include as much documentation as you can, and any information you
can provide. Many folks here are totally 100% new to Debian, so please
be descriptive and link to VCS repos.

Please be friendly!

With love,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

MBF: build Python 3 modules for packages that support it upstream

[Paul Tagliamonte]

Please CC me on all replies, I'm not subscribed to -devel



I'd like to propose a MBF on Python packages that contains a Trove
classifier that's positive Python 3, who's Debian packaging does not
build a Python 3 package.


Which is to say their upstream claims Python 3 support, but we don't
build Python 3 modules.


I'll curate the raw run I did today, since I saw a few false positive
(python 3 backports to python 3) and file them. I'll run a dd-list at
some point before the file.

Severity will be wishlist. Target is the next release / sid after Jessie
release.


Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted fluxbox 1.3.7-1~exp1 (source amd64) into experimental

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 18 Feb 2015 14:29:38 -0500
Source: fluxbox
Binary: fluxbox
Architecture: source amd64
Version: 1.3.7-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Dmitry E. Oboukhov un...@debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 fluxbox- Highly configurable and low resource X11 Window manager
Changes:
 fluxbox (1.3.7-1~exp1) experimental; urgency=medium
 .
   * New upstream release
Checksums-Sha1:
 b2a1a10691c02b710d05c3676baf5cfe268290e1 2082 fluxbox_1.3.7-1~exp1.dsc
 47919f0345832de41ca7192ff168abd145af819f 1267833 fluxbox_1.3.7.orig.tar.gz
 bbfc2d516f232e6326001d68c650dcf2e234e9fe 416100 
fluxbox_1.3.7-1~exp1.debian.tar.xz
 b0a479590867475e1324356578891673e73c6f8d 1174308 fluxbox_1.3.7-1~exp1_amd64.deb
Checksums-Sha256:
 1585b873e380c9ffbdbf5456c463a890b66d044bd8ce4cc5bab1788133cd 2082 
fluxbox_1.3.7-1~exp1.dsc
 c99e2baa06fff1e96342b20415059d12ff1fa2917ade0173c75b2fa570295b9f 1267833 
fluxbox_1.3.7.orig.tar.gz
 0a4bf51f7a9f3a65faf6e7cba0e3862de26b68df9758bf2346c3ef88c1609e09 416100 
fluxbox_1.3.7-1~exp1.debian.tar.xz
 b1aa2678b9cd508f5c97ca92fc4b17990540f22767b636f2e1ea50211105092f 1174308 
fluxbox_1.3.7-1~exp1_amd64.deb
Files:
 cf637911df4e5ff7d9ea11dd199a9f31 2082 x11 optional fluxbox_1.3.7-1~exp1.dsc
 d99d7710f9daf793e0246dae5304b595 1267833 x11 optional fluxbox_1.3.7.orig.tar.gz
 51fd8b22f6e05614a180a8c3229e7418 416100 x11 optional 
fluxbox_1.3.7-1~exp1.debian.tar.xz
 ba44d0085541d07e58ede207a0fb72ba 1174308 x11 optional 
fluxbox_1.3.7-1~exp1_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJU5O1ZAAoJEHtYWzCAfCqHGqUQAI4MdW08Ud8StoBpUSqQcAlI
vbQITvZfM6tCYCwqrj788Q1Pz/NlQ9AhDUdxsd/I1oT8u09U612/XlXLJIC5gEjX
YF5z2Jvlvp0x7qp9Ic1927EUWMx9LY1ulYl7SfqRqRAQtWg80Iq2F7a9kpWMqSeJ
7smSjnubU0Hdzlg1Q9kuwMjv36Lr7sjuOmoeFS2hPs113S2XDwg1O8Crz8Hac6jm
pRumF1ugdfFdWFWi86ZEA6AAUKpBIfo8ft0Fpyet4Mk6xgpjMLp3Nzjd0ghg/woP
RuFCjnSwI0B8V4BY6CYYkdWV8VyxmjyK95SqsXrwTwGS3mlbh8iv8PL/8zq01uNP
LgrxUL69x3o9QqRpvBaFaFBce/DNn3KozaNpM7mB4M2mIBaTt1w4zgnGuLbKreOp
oxtDZxhwO/suIYsubpGSSDJ2LHf36QC3hKx4wV7BNMc/L7euFHrZfEQx/+tMbfF4
9FBstgzk7W0vMQ/FElIs4cbiUGTAE6QLQ/PG3q81KfmALH+FlNwG3iO5519GqE50
xknsABNE2PnT/k5v2O3Va6foqiJDIk9rnvuoHRis9zWFxVxohMhC1aQBLJnHsthx
tCvRWpFaiXTbsjU0R/kPQMteRBLhulEZlwWzQ4sV3WOYL4stD1Dly6JagZW5LPyo
jdbt9rFXZ5xU5THBdPys
=wR3R
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1yoc3z-0002rn...@franck.debian.org

Accepted fluxbox 1.3.6-1~exp1 (source amd64) into experimental

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 06 Jan 2015 14:02:15 -0500
Source: fluxbox
Binary: fluxbox
Architecture: source amd64
Version: 1.3.6-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Dmitry E. Oboukhov un...@debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 fluxbox- Highly configurable and low resource X11 Window manager
Changes:
 fluxbox (1.3.6-1~exp1) experimental; urgency=medium
 .
   * New upstream release
Checksums-Sha1:
 229fe342e16e72f0c34cd53e4f5fbc591830787d 2214 fluxbox_1.3.6-1~exp1.dsc
 0b3f329b37fb69ee94b3eb63202fdadacd45ff43 1312141 fluxbox_1.3.6.orig.tar.gz
 f325be2090535dc315e78a3ca89d1ea6684475c7 416348 
fluxbox_1.3.6-1~exp1.debian.tar.xz
 eebc90f5f651da465f92e6402b00e4a115dad382 1169730 fluxbox_1.3.6-1~exp1_amd64.deb
Checksums-Sha256:
 7e047898577fa79e4ba89f800789dde09cada47436edd2b47945182d7d25bbfb 2214 
fluxbox_1.3.6-1~exp1.dsc
 cb54eb62d3dba2f282a50fbdd077d26a2c9f555c12b5bf664b1192ece7669527 1312141 
fluxbox_1.3.6.orig.tar.gz
 2ee7dfbd65a99e35926abd9cdab5e84d8f2718d0f9e65b6acf468ea823532cf2 416348 
fluxbox_1.3.6-1~exp1.debian.tar.xz
 dc4615f6bc24d833572a107003dcd394324ed89c64c3c733944c238af51c4e51 1169730 
fluxbox_1.3.6-1~exp1_amd64.deb
Files:
 225d51b4f1b36eb07d5938f82bfcc4cc 2214 x11 optional fluxbox_1.3.6-1~exp1.dsc
 1fd76785640a0b91fd9052ecf70beb57 1312141 x11 optional fluxbox_1.3.6.orig.tar.gz
 1bef2a62c3815bb3a969bab3798eaf83 416348 x11 optional 
fluxbox_1.3.6-1~exp1.debian.tar.xz
 f21a32008f18e88da6e83541b24e831f 1169730 x11 optional 
fluxbox_1.3.6-1~exp1_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJUrDMiXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHmv4P/AwDCpznmxcu5PLl+/EUX9/b
8jXD+LMbW1IW0WycyqN17wo1r4MV2b+65pubKF52IyAw4z91rsfL/almH91dmb7T
wy/c9hax0fzUonnXhVe+V1fvF5kafohXPuYZrpKbGluIyns16RwFTT7NqHUOjCi7
a/WMJNycp2/jqVuaI7ol49v97HmMjJ30uNkAiqkiZOUeapFrAh/oofw9PEb+v+5b
thagPWOKDxaQJbytWZ1ia3093Een3PKR4a2Z7YKZLZ/O6FEJZ3zR09V94CtQpyJp
mKzhb8hi72voHxY6EstyWJgtl3fUV1tJLSHUEhC+kRz5PzU++n0Gd7jDrEIpRYJr
ljVgU3Tc5qrwytP69RgHMCRIf5VRj6mlO94iDcCV3m+J5KkB3bgYkDl0VUxqb1aK
jVZx5ixSX1fMIW7qzB2BCLFs+wATgzeRBRhP4Mt37I8ng/E+rjU+znRQR86HoGvx
ZLac2DOwT95dvSwU95ea/jfSi9PX/wxdOlnSLXRTU0gL0etl9i/XwW2QRXAls67o
Zvq8CciMZm/ftbzo/tuPIbrem/YlhgxyhFg4t/mye1BFpXkXSSNiwr0wgO9gG1U8
F6gU9jAp5euL+Aoh5p16qlv7U29hG/cD6IhOgKQlqYIjH3sA5InYM7I0yTi3+kGU
GvAH+4c6UurxOPfp8vVY
=N25/
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1y8ze4-sr...@franck.debian.org

Accepted docker.io 1.3.2~dfsg1-1 (source amd64 all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 24 Nov 2014 19:14:28 -0500
Source: docker.io
Binary: docker.io vim-syntax-docker golang-docker-dev
Architecture: source amd64 all
Version: 1.3.2~dfsg1-1
Distribution: unstable
Urgency: high
Maintainer: Paul Tagliamonte paul...@debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 docker.io  - Linux container runtime
 golang-docker-dev - Externally reusable Go packages included with Docker
 vim-syntax-docker - Docker container engine - Vim highlighting syntax files
Changes:
 docker.io (1.3.2~dfsg1-1) unstable; urgency=high
 .
   * Severity is set to high due to the sensitive nature of the CVEs this
 upload fixes.
   * Update to 1.3.2 upstream release
 - Fix for CVE-2014-6407 (Archive extraction host privilege escalation)
 - Fix for CVE-2014-6408 (Security options applied to image could lead
  to container escalation)
   * Remove Daniel Mizyrycki from Uploaders. Thanks for all your work!
Checksums-Sha1:
 f17dd4ec7c1dadb5e53308af2685f90f90b58cc7 3475 docker.io_1.3.2~dfsg1-1.dsc
 c36e6a4314208a5a3b7acd9a74999ea3a6d84dcc 80047 
docker.io_1.3.2~dfsg1.orig-libcontainer.tar.gz
 bd9befbf00fac841477c6e32d57aad8b20b212f6 34535 
docker.io_1.3.2~dfsg1.orig-libtrust.tar.gz
 1fb41694e81e6ea4ea8c86efa747968e2b280bb6 608071 
docker.io_1.3.2~dfsg1.orig.tar.gz
 afbd476e610413e43096ad7b2d10aa728f82aacc 12344 
docker.io_1.3.2~dfsg1-1.debian.tar.xz
 b74769ca42917fc51d763ac67d162c07561cfa1e 3734214 
docker.io_1.3.2~dfsg1-1_amd64.deb
 234e3dddf5a46c1aad90a11b9b89373420568d76 27318 
vim-syntax-docker_1.3.2~dfsg1-1_all.deb
 2e2c83a033ca81154572e7e1f83057e020f79b5b 191328 
golang-docker-dev_1.3.2~dfsg1-1_all.deb
Checksums-Sha256:
 5893f2c90880833523fbf36a8fd4bf63f682f203bdab0a9d5eaf8f2a4b4bc96f 3475 
docker.io_1.3.2~dfsg1-1.dsc
 ee9d2e7b7e1dbf243f1a1601048be21dd64e11fea20b19b163d4b48561e6cb9a 80047 
docker.io_1.3.2~dfsg1.orig-libcontainer.tar.gz
 b7e2bbf05e94abcf7b90606a0f2eda32cf11308095c66528de458b795b2e791c 34535 
docker.io_1.3.2~dfsg1.orig-libtrust.tar.gz
 22715dff2e72001353725c73e4ea0e46ab5b1b09f2723cb38ec8fc55ce8aa3ee 608071 
docker.io_1.3.2~dfsg1.orig.tar.gz
 4718d3542561b5e54e6593831665fc9108da6ced4c2b21ffa91d28df17c3c112 12344 
docker.io_1.3.2~dfsg1-1.debian.tar.xz
 1fe0447bb4389cbc22e3b0a279a4147c4d84e97750890d41668b90d7c2212c16 3734214 
docker.io_1.3.2~dfsg1-1_amd64.deb
 f1ff6ca84a87612a8cb577fb761b7ac9b0e33a89b3a1fd817e3e6a9ff51a28da 27318 
vim-syntax-docker_1.3.2~dfsg1-1_all.deb
 70a9923d7756c9acd8ba823b8909bedceaaa6d69f16e5da69599175395f43c57 191328 
golang-docker-dev_1.3.2~dfsg1-1_all.deb
Files:
 ff8f76a34d50a1153d691a91ffacda26 3475 admin optional 
docker.io_1.3.2~dfsg1-1.dsc
 8258c9086f2564e90c2a20df2a300125 80047 admin optional 
docker.io_1.3.2~dfsg1.orig-libcontainer.tar.gz
 bce7d448fe33281701a0dac12216f2a1 34535 admin optional 
docker.io_1.3.2~dfsg1.orig-libtrust.tar.gz
 974a3eecd6e1a160d85837ccdfff2dc9 608071 admin optional 
docker.io_1.3.2~dfsg1.orig.tar.gz
 5e7b0c8bd00d1ca073d5f399764d66e3 12344 admin optional 
docker.io_1.3.2~dfsg1-1.debian.tar.xz
 c6971dfccb9e9e79cc716df8df6ef9ac 3734214 admin optional 
docker.io_1.3.2~dfsg1-1_amd64.deb
 793600420cfb7c549da11da72f632666 27318 admin optional 
vim-syntax-docker_1.3.2~dfsg1-1_all.deb
 753a3f12f81616d6e026c2b2a395ce65 191328 admin optional 
golang-docker-dev_1.3.2~dfsg1-1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJUc85KXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjA0OUFEODJDOTIwNjZDNzM1MkQyOEE3
QjU4NUIzMDgwN0MyQTg3AAoJEHtYWzCAfCqHiAkP/1vnFmxtpQq8tqnAOpkHRUFm
XCP4b60PC1OABvlG60C462LKQBYCcu0S9KzUonCIJHxqepxHVGiPibKKOPnt0i6j
DkmHJbASO2jXgf/1tK3ChkI3270NJbiQlIatez8U0+bTmYlxxy2lZg/xAfQHs32/
p9+Nsj9MzlLQ4feqZj6+IbmYnX8+6PndSLoBDLRIqMzbB+34qMd5P4FTZxJ0EvC/
i/OuDz+hsPZnWq6/94Q5HI6KQB7nNO/gs78K9Rocslnjrags+YJXJOLo7FVuiKJf
XMURsw0ww7xU06Y5Q0Lp+7fdiMRqGuJv95wRvlt7Dtzz0CAT3s6a79tm/Gw88hSk
+MDZwjVyzMwvgd6QFTGLlCMBr6m9O0Vhibjzvc8BWn5d9XGpuiWdzELT4zpqaRZL
/FFarh30SfcYO4CEB3QGVhLAUsgVFqP5en44ynkURXqNOWik1mgz9YnVSQQ4emP3
hk2VAOY1PyBwLRJCQvbTCvyhldHarnfqfIBwh+6g69RkVoh4pmDlbDlyzVJjPVfh
Ey5Nc59RXBn/zJTez/HBI9qs5j5Sogt6VG/+S7lL16zxfCGkkIenQzu30k9RTQCq
ihJPNwkQSGIQm3bfKqeZusZQtH7cJQusUkwybGCmLALODfA72o1iqppCCRH3ml5F
0dFliMyDdifcxif4z8wA
=zHXB
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1xt4jv-0005lh...@franck.debian.org

Re: Let's abandon debian-devel.

[Paul Tagliamonte]

On Mon, Nov 10, 2014 at 11:25:35PM +0900, Charles Plessy wrote:
 Hi all,
 
 after unsubscribing from debian-vote, I had a bit of a thought about
 debian-devel, which is hard to follow now, and suddenly I saw something very
 clear.  This year's freeze seems of an excellent quality and promises to be
 brief.  Is that thanks to debian-devel ?  Not much.  Excellent work is being
 done on the Installer and is that thanks to debian-devel ?  Not much.  In 2010
 when I was candidate to become DPL, I wrote that Debian was in growth crisis.
 I think that it never has been so true.  Places like debian-devel, which can 
 be
 instrumental in smaller projects, are very toxic in larger ones.


Yeah. I agree. I've been on VAC in life chaos (see d-private mail), and
not reading the devel threads has been pretty great. I think I might do
more of not reading it.

 From now on I will try to see if I can give to Debian the same quality of
 contribution without being subscribed to debian-devel.  And I invite you to
 think about it and *not* to discuss it on this list.

+1

 With most of the work done on topic mailing lists, trolls lose the lever 
 effect
 they have when feasting on debian-devel or debian-vote.  Let's make our 
 project
 stronger by reducing thr attack surface for troublemakers.

+1

A lack of communication and collaboration is really bad, but right now
I'm getting *neither* in -devel. Until that changes, I think I'm with
plessy.

 Cheers,
 
 -- 
 Charles Plessy
 Debian Med packaging team,
 http://www.debian.org/devel/debian-med
 Tsurumi, Kanagawa, Japan


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Doxygen and embedded jquery problem, how to solve?

[Paul Tagliamonte]

On Wed, Oct 29, 2014 at 03:59:44PM +0100, Jonas Smedegaard wrote:
 IMO the proper solution is for Debian packaging of doxygen to untangle 
 jQuery from extensions, depend on + symlink the jQuery part, provide the 
 extensions as a shared package, and patch doxygen code to generate 
 docuementation referencing each separately instead of the entangled one.
 
 ...but seems from that README that maintainers of doxygen have already 
 reflected on this and disagrees.
 
 I suggest (but won't drive it myself) to file a bug against doxygen to 
 kindly reconsider...
 
 ...and until eventually maybe progress on that front, either a) try 
 untangle the jquery+extensions code yourself for each and every single 
 package using doxygen, or b) embrace same attitude as doxygen 
 maintainers and add lintian suppressions referencing doxygen README as 
 comment.
 
 
 I suspect there's nothing new in what I write here - that you've already 
 come to same conclusion yourself before posting do devel - sorry that I 
 have no better input. :-/

This is the place in which I remind people javascript-common with
multiple versions of jQuery would reduce maintainer burden and avoid
filling the archive with tons of binaries if someone has a spare few hours.

For jessie+1 I guess.

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Enlightenment DR19 - Maintainers?!

[Paul Tagliamonte]

On Wed, Oct 08, 2014 at 12:26:07AM -0300, Martinx - ジェームズ wrote:
Hey guys!

And gals!

I'm wondering here... Where are the E19 packages for Debian?!     :-P

You tell us!

I assume you're related to the recent reddit thread? If so, hi! Welcome!
If not, also hi! Welcome!

I'd suggest contacting the maintainers of e17 and seeing if they want to
work with you. There's also an Alioth group, I think!

[snip]

Can't wait to try E-Wayland-Only!    =D

Sounds awesome!

Cheers!
Thiago
 
 References
 
Visible links
1. https://gist.github.com/tmartinx/86adc8f33b12f163028b#file-nineteen-2-sh
2. 
 https://launchpad.net/~niko2040/+archive/ubuntu/e19?field.series_filter=trusty

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted dput-ng 1.8 (source all) into unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 11 Sep 2014 15:58:10 -0400
Source: dput-ng
Binary: dput-ng python-dput dput-ng-doc
Architecture: source all
Version: 1.8
Distribution: unstable
Urgency: low
Maintainer: dput-ng Maintainers dput-ng-ma...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 dput-ng- next generation Debian package upload tool
 dput-ng-doc - next generation Debian package upload tool (documentation)
 python-dput - next generation Debian package upload tool (Python library)
Closes: 718011 735784 740663 740665 754527
Changes:
 dput-ng (1.8) unstable; urgency=low
 .
   * The There is no sin except stupidity release
 .
   [Sebastian Ramacher]
   * Fix handling of IdentiyFile in sftp uploader. paramiko 1.10 fixed the
 parsing of IdentityFile and now always gives a list. (Closes: #718011)
   * sftp: Check if incoming directory exists before uploading. (Closes:
 #735784)
 .
   [Paul Tagliamonte]
   * Add lots of spew to dcut when it fails to find the local DM key explaining
 exactly why it might not be there, and a hint as to where to look.
 (Closes: 740665), Thank you, mika!
   * Add a new -S / --save flag to save the dcut output before we sent it to
 ftp-master. (Closes: 740663). Thanks to (the one, the only!) Jakub Wilk.
 .
   [ Scott Kitterman ]
   * Drop trailing /ubuntu from ppa stanza, to support the new form of the
 upload path needed for PPAs based on derived distributions.  Also switch
 ubuntu stanza to upload to /ubuntu rather than / (Closes: #754527)
 (LP: #1340130)
 -  Changes shamelessly cribbed from Colin Watson's dput update
Checksums-Sha1:
 779561924aca901069b13a46674e7b056cb2c262 1998 dput-ng_1.8.dsc
 b4b68563d8ab72d115ef1279bc992ae7ef4fe52a 79908 dput-ng_1.8.tar.xz
 3321358952d891ef07fc3ae09a532c5dd23a9350 36146 dput-ng_1.8_all.deb
 77835b7c009d20d2b4f53aa1e6a4637f9106fcb3 40746 python-dput_1.8_all.deb
 593776dd5ba5b6216df5d452b238ee91357dfbc4 61782 dput-ng-doc_1.8_all.deb
Checksums-Sha256:
 c1d258c3dba2fd582a482ced4f4a4fd0922119c3474e92fd2e1b862bd77b1e1c 1998 
dput-ng_1.8.dsc
 a357cb2457c3e494d472fbdff44dd9c541d1d3c8338bf7d62529236e20dd59ba 79908 
dput-ng_1.8.tar.xz
 a6a05173696a223aa5212a359004a355bec40e21970e1ca2dadbc2720dec0d89 36146 
dput-ng_1.8_all.deb
 208ce5eb2bb0579b738de7359da9c29b8ea5567ce1b8b2c7e0e4df7cfd65d002 40746 
python-dput_1.8_all.deb
 0fe4f855f4a06f69ccf23d3347f417356dc0c149dbbda6d8b66918cbefec3ed3 61782 
dput-ng-doc_1.8_all.deb
Files:
 d0ec7457635b5ef3684575dfece2f1c9 36146 devel extra dput-ng_1.8_all.deb
 0d99df88a88ff1a0559ab43e6f761b13 40746 python extra python-dput_1.8_all.deb
 d162c5465402fbca3a1405ea3d21ce29 61782 doc extra dput-ng-doc_1.8_all.deb
 e8ca3ee6d4fa75dd9ba6bed8451b165c 1998 devel extra dput-ng_1.8.dsc
 b2e30a681a892acff9cecab1f7c905fe 79908 devel extra dput-ng_1.8.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJUEgRpAAoJEHtYWzCAfCqHb/wP/Ri7VxgrM0qeXfdLgQIYtRoa
cEEeaHeQo61iCqvWEKN9rpj1+3/l0a6cOns7G5q8FF7HmdUT/JgUc1J7oi5fVZYa
6AAoFcZ1Q+AEr++O2gprjcfLvSIkyC5mDgMMdsmCG2qnrAvXdmB07PbP9bMH3KDN
BFXb/O0xPI40mnXOIWf22NMdEfln91OgXJLYIDklw3SfzrS+E1sfizC3TFIH3z25
PeReko9koqfgh7YseLjIebzcHLWbyH+naKzQmkXR0seCikm5/NjWwvKiBasM4aTp
l93ywicUW8APxD7aF7rzqfS+6mNtXlLU7QTqWvtduVczvCjJqewNunqZboEXJWO0
vIa2n4YqriZTX9aj4K1vhQOjGip0qpMI8wrapuExyz51ceZGjeLGMb3Xhix9tvbE
BqbtCFv/nHH/maJB3EDRr4zDPPIdpuOGsnVz+gfoG00FE2q+SnGJKgHZYJIHIU5+
tdiFcdnSzN3IJ0MXY4ve7dUtQvMjSjGQ7XGpLyzKo4J3sgnl28OQpetIJ669CSOB
OelnP9np0u/IBXtsbY048pUJ2XSvcUl09MDj89aenvc+j6Cd5BY9KYve7JucRieM
tIdTao1AA98GzzfNWRKkra+wDa0G/DEfGh69HkJsWRmsTaYLwuzwh+MBYZdGy+Pj
KSreTjkbHUZdiNCGGUV4
=o55t
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1xsbpr-00025c...@franck.debian.org

Accepted go-md2man 1-2 (source amd64 all) into unstable, unstable

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sun, 24 Aug 2014 20:53:41 -0400
Source: go-md2man
Binary: go-md2man golang-go-md2man-dev
Architecture: source amd64 all
Version: 1-2
Distribution: unstable
Urgency: medium
Maintainer: Tianon Gravi admwig...@gmail.com
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 go-md2man  - utility to create manpages from markdown
 golang-go-md2man-dev - utility to create manpages from markdown
Changes:
 go-md2man (1-2) unstable; urgency=medium
 .
   * Team Upload.
   * Update md2man's description. Thanks, Luke!
Checksums-Sha1:
 def29d6008c1751e881ab917bb79cd82a6bde1a6 2006 go-md2man_1-2.dsc
 638d3731236ab465b1aa219eeb194ac5089bdcbc 2394 go-md2man_1.orig.tar.gz
 5c67d0af1ac2c673fa401ebe58aabe0cb0b4dcd4 3316 go-md2man_1-2.debian.tar.xz
 fcc8dc6965d81fe6117cf41761597ac99b9437f5 496014 go-md2man_1-2_amd64.deb
 830d75ff5bb684e652c71532d214698e957d0089 4384 golang-go-md2man-dev_1-2_all.deb
Checksums-Sha256:
 add4af8739ba96cb3f8e39d2d48c98e585e96a92c343ce9cca6752c44afe62b8 2006 
go-md2man_1-2.dsc
 aa2466b929c925d09c51270c4dadda05d683b5f4f0fb00731f71d3fe63de62ed 2394 
go-md2man_1.orig.tar.gz
 736aff64afb092e1b2ea5d951b101bccec541f9ef5cf06b0074834ed61d07afb 3316 
go-md2man_1-2.debian.tar.xz
 1ad3953aee2fa6b8dd67175b3f9feeda852cb44962f67eccc48fa9a624ba2ddc 496014 
go-md2man_1-2_amd64.deb
 d5dc8347f3bab973d881ac6664b92b88388f6c84016cc909db078fadd9861260 4384 
golang-go-md2man-dev_1-2_all.deb
Files:
 d535e01898c0f660aea02a529e0711a9 496014 doc extra go-md2man_1-2_amd64.deb
 2f43761e01c37757187231bea3a141d3 4384 devel extra 
golang-go-md2man-dev_1-2_all.deb
 52046e1e5f626f3c02e1b3ca12579954 2006 doc extra go-md2man_1-2.dsc
 30812d2b4ba781791d3dea0458e1f826 2394 doc extra go-md2man_1.orig.tar.gz
 9ab2e394536248dd0971e4f51dc3ad6b 3316 doc extra go-md2man_1-2.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJT+2zVAAoJEHtYWzCAfCqH0vUP/AwZ87/NlMJ6OArxtjoNSw5D
sB2/sA3d63WtGgwek918efvrsXijSFgjuAXnBL8CbBY5Vu3VPkRRFitSafNkxkuX
fJV5c/7qa89vl4PZBh7qPohGgFU+4XCpw5xcJ4e+zIMElmBsl7ITIDfPCemozhi3
gSOz6GH8roJsF0t+AyJoqtsMx9eb+FeNUDFbTRhZP3G9tBgSdLS7BSbC5m5mLOib
37+4dcbnpKTNh/neEg80sBbfjEbxd/PFLYjq+AdLZ2NlAWc1yIvbllceFDn+M3Nr
kGWqhuJ51WdlmFTwOcMVh+1G/Va0/3mwbWcQh02erf6U+01LGFDsdBpB94lBuUXU
/30JrHUQbdbZ5HvSrjuAylkjdGsUX1asJtmN7TEjPiTKMEmJYVi/G1sJjM2I5IVa
cst3usZWNlyhGlpMboyoacqgvi7sw8aKLi8YEzI2491CVdkyYl3coi6qIJFosEjV
TegK+bowyjEf0EMDxcMypwLafo/2u0FlhGoKl7+W039dB8COu7AT9FRdx2JOGwdn
/6iEPcbe3GGP3TzC39AyGzsW0IFR1J0l9CA0yJaKUkyvcAlLrTlEz7uikfnc1b5v
2jUKNyO4dYmWZ0FvlM/rarNWuZdhouC9Kwxl+UYCkU5sTADi/PXgTd1O2hOgOO2D
40YToezYQYq7tPJg2Ux4
=aJ83
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1xpsv2-0003bn...@franck.debian.org

Re: Python 3.4

[Paul Tagliamonte]

On Fri, Aug 15, 2014 at 07:28:06PM +0200, Diogene Laerce wrote:
 Hi,
 
 Does someone have any clue or hint on the upgrade of Debian to Python3
 natively ?
 
 Thank you,

Hey Diogene,

Python 3.4 is in Jessie, ready for action. I can confirm it works great,
It's all I use for my personal projects (in fact, I actually complain a
lot when I have to use Python 2 for some reason).

the /usr/bin/python command is unlikely to change soon; more information
on how this should be treated on UNIX like systems can be found at PEP 0394.


There's currently a big push to ensure we're all Python 3 compatable,
but that's something distinct from changing /usr/bin/python to point at
/usr/bin/python3.


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted hy 0.10.0-2 (source all)

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 15 Jul 2014 21:57:00 -0400
Source: hy
Binary: hy python-hy python3-hy
Architecture: source all
Version: 0.10.0-2
Distribution: unstable
Urgency: medium
Maintainer: Tianon Gravi admwig...@gmail.com
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 hy - Lisp (s-expression) based frontend to Python (metapackage)
 python-hy  - Lisp (s-expression) based frontend to Python
 python3-hy - Lisp (s-expression) based frontend to Python 3
Closes: 731059
Changes:
 hy (0.10.0-2) unstable; urgency=medium
 .
   * Add CC0 to debian/copyright, even though they explicitly don't hold
 copyright and is not a license (to make it clear these files aren't covered
 by Expat or any copyright holders).
 .
 hy (0.10.0-1) unstable; urgency=medium
 .
   * Initial release (Closes: #731059).
Checksums-Sha1:
 8689cca989515ddc9cfc4b8ccb18c366c619d963 2166 hy_0.10.0-2.dsc
 9dfcaf412bd817f9ddaca4b961a436534e9eb397 340981 hy_0.10.0.orig.tar.gz
 02d1bec6803ae82548ae6f0d910492f34aac00fa 6452 hy_0.10.0-2.debian.tar.xz
 e78eb75bde75621412a94c688e80bea64bb55251 12382 hy_0.10.0-2_all.deb
 86fa5ac817511c19de5103e6e6211a94b3d0c2f2 47012 python-hy_0.10.0-2_all.deb
 321e9b417447f498fe452ca7c780fe2257fb2c91 76672 python3-hy_0.10.0-2_all.deb
Checksums-Sha256:
 190200ad74882dc93133b34c86658cba7999f149212f521aaa671b2b4ebbe979 2166 
hy_0.10.0-2.dsc
 524c9f2a2e0e789fe8896e9c7bea16c9f42e99d5b662080ec95e94de564523b9 340981 
hy_0.10.0.orig.tar.gz
 b6176869c5e9f3c9ae78b0f6fdf4e46e30be8c7f61d04e182d5ef315b4037730 6452 
hy_0.10.0-2.debian.tar.xz
 023a3f3317eabf7eba7c4b1fc7abbdeae3280f245b6c9993a38ebe34ca084b8e 12382 
hy_0.10.0-2_all.deb
 3ae87a1de2b55fb7ddb91318fa29e52f04b858add99024eb635d2eb9e241806d 47012 
python-hy_0.10.0-2_all.deb
 fa2f2b60cd40803a3561cd29a9029970c46dacee6c6d50ef72edcf858b45ea12 76672 
python3-hy_0.10.0-2_all.deb
Files:
 2c38d33b1c6da39613bd81f1f17130c9 12382 python optional hy_0.10.0-2_all.deb
 dc9e639726fd97caaf32a0982ff0d622 47012 python optional 
python-hy_0.10.0-2_all.deb
 ae9f813b3ac5f5b33bf95c6c6cd67ae5 76672 python optional 
python3-hy_0.10.0-2_all.deb
 d55d92780c8d9464be585f7d0c9aa654 2166 python optional hy_0.10.0-2.dsc
 864303035434591c59b9a8f92fcd67e9 340981 python optional hy_0.10.0.orig.tar.gz
 076edbc4f6f819a5703c170636004916 6452 python optional hy_0.10.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJTxdwoAAoJEHtYWzCAfCqHeYgP+gPD6ZUW0gCdCRFWBl20HlfI
+T2jSMAbgMdtf49M4teh71gp2THCfBHwQOK8ZUDZgntyybkqtx3KhzzrXi/GSd29
1UIrtaKcRZW2yBNXdohhE387SaTTX7bBvBPKbhyh8EA8wyGwt9BCNZwwyqHqO6Ts
3RdpDm8AE88CJH6qC50tUEqybo7qoZaxE8VdtIZit0ssSfQdwIJH7w2rWFOWOD2s
Mdv76bgunpkxy/9f8pzPoxKDLG3FAB8vLSlzVBNT2kt0ov4wgn0FW0KUQlA8M8aK
Xw7yJ/fuY3VdjfXBfubY+P1Jtcfcvd35kpzVflOkFDbIjrab3UGOijhKyTheSUGF
HEh5lPH4nGmqRWMIxPDqSyoVhIvge+jmOtagvZ9wvbtQiQs+zfP9OlBVxhK47oMl
4EMs1Zf2LjDkY82B/p/vYViQREDPu1ICHNiKXry32nNTORv89Sc5PmnWZAcVzhwE
+CzxXFbJyBYAqUHa6FxXWnSs77YdOpP4347cSy3XyI0Q6eLcrhP2HTCBzQ/wt9tW
u5+tjOyurHgzqAgtIs5b0LjYeUxWpsMtOBchxp4MqXXNqoF8fJZNGdXRRYQYbUed
C4DUHBjAOBsmV7Whvr+oEJAZNLxgji/h3pO+xxOhY1D8Aebk/j2eV8iMvuMOUOM0
uoJExLWMIja0ayOMH5q+
=tt0e
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1x7mwt-0006l4...@franck.debian.org

Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL

[Paul Tagliamonte]

On Sat, Jul 12, 2014 at 12:06:27AM +0200, Toni Mueller wrote:
 Package: wnpp
 Severity: wishlist
 Owner: Toni Mueller t...@debian.org
 
 * Package name: libressl
   Version : 2.0.0
   Upstream Author : The OpenBSD project, the OpenSSL project et al.
 * URL : http://www.libressl.org/
 * License : BSD, OpenSSL, SSLeay, Public Domain.
   Programming Lang: C
   Description : SSL library, forked from OpenSSL
 
 
 LibreSSL strives to maintain API compatibility with OpenSSL, but
 do away with all the cruft.
 
 After a long series of OpenSSL problems, recently highlighted by
 the infamous Heartbleed bug, a group inside OpenBSD decided to
 fork OpenSSL and adapt the code to modern coding standards.
 Along the way, a lot of compatibility with older architectures
 and toolchains was discarded.

I didn't see this yet in the thread, so:

https://www.agwa.name/blog/post/libressls_prng_is_unsafe_on_linux
http://arstechnica.com/security/2014/07/only-a-few-days-old-openssl-fork-libressl-is-declared-unsafe-for-linux/
http://lwn.net/Articles/605509/

(Pick your news source)

Flame-ingly yours,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Packaging libjs-jquery = 1.10, and python-xstatic-* packages

[Paul Tagliamonte]

On Thu, Jul 10, 2014 at 01:15:50AM +0800, Thomas Goirand wrote:
 I'd be very happy to read opinions and advices on this topic.

These js files are so small, the deb add more data in bookkeeping than
they do code.

Why can't we have jquery-common or javascript-common or
javascript-kitchen-sink and just throw all the JS into a single source
package, and write them all out (minified) into the deb. Keep a bunch of
different jqeury versions, and perhaps fix the doxygen code copy issue
too.

Slightly less pure, but it's the best way out, IMHO.

 Cheers,
 
 Thomas Goirand (zigo)

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Proposal to avoid executable naming conflicts (was: Bug#753704: ITP: amap -- Next-generation scanning tool for pentesters)

[Paul Tagliamonte]

On Tue, Jul 08, 2014 at 03:57:20PM -0400, Eric Cooper wrote:
 On Wed, Jul 09, 2014 at 06:57:02AM +1200, Chris Bannister wrote:
  On Tue, Jul 08, 2014 at 11:31:12AM -0400, Eric Cooper wrote:
   Since Debian package names must already be unique, we ought to be able
   to leverage that to avoid having to fight over which package gets to
   claim which binary name.
   
   What about making it into a user's install-time decision,
   rather than a developer's packaging-time decision?
  
  Wouldn't you get sick of 'that name has already been taken, please
  try another.' message? 
 
 Given how infrequently this issue has cropped up over the years, no.
 And a prioritization (like mailcap.order) would limit it to once per
 conflict.

Only off the top of my head:

git/git, chromium/chromium, docker/docker, node/node

Those are all pretty big packages.

It'd be really annoying for a script to misuse a binary, which was
expecting node to be, well, node, or git to be git.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Sources licensed under PHP License and not being PHP are not distributable

[Paul Tagliamonte]

On Mon, Jul 07, 2014 at 11:16:37PM +0800, Thomas Goirand wrote:
 Unless I'm mistaking, there's no sign that the PHP license prevents
 derivative work (even under a different license for your patch, if you
 feel like it).

It's my reading that this is the case if you rename your project to not
contain PHP (if it does), which would otherwise be violation of the license.

/
|  4. Products derived from this software may not be called PHP, nor
| may PHP appear in their name, without prior written permission
| from gr...@php.net.  You may indicate that your software works in
| conjunction with PHP by saying Foo for PHP instead of calling
| it PHP Foo or phpfoo
\

 Thomas

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: MATE 1.8 has now fully arrived in Debian

[Paul Tagliamonte]

On Thu, Jul 03, 2014 at 05:01:13PM +0200, David Weinehall wrote:
 On Wed, Jul 02, 2014 at 12:04:46AM +0800, Thomas Goirand wrote:
  I don't think so. I think it encourages to be more easy going, and have
  fun, but never mind. Let's keep Debian boring^W^Wportland weird. :)
 
 Would you feel the same if someone were to, say, upload a
 hurd-must-die package?

I just filed a bug with Policy on if this is a valid use of the
Conflicts relation (#753608). Please don't bring this thread on that
bug. The policy people have to put up with enough headache :)

Can we get back to work now?


Thanks,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted docker.io 1.0.0~dfsg1-1 (source amd64 all)

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 13 Jun 2014 21:04:53 -0400
Source: docker.io
Binary: docker.io vim-syntax-docker
Architecture: source amd64 all
Version: 1.0.0~dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: Paul Tagliamonte paul...@debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 docker.io  - Linux container runtime
 vim-syntax-docker - Docker container engine - Vim highlighting syntax files
Changes:
 docker.io (1.0.0~dfsg1-1) unstable; urgency=medium
 .
   * Updated to 1.0.0 upstream release. Huzzah!
   * I've removed what is commonly called a `button' of patches against
 the docker package. Exact patches:
  - bash-completion-docker.io.patch
  - systemd-docker.io.patch
  - sysvinit-provides-docker.io.patch
  - zsh-completion-docker.io.patch
  - mkimage-docker.io.patch
   * I know y'all are guessing why; and the answer's pretty simple -- we're
 no longer docker.io(1). Since the src:docker package now ships wmdocker(1),
 we can safely declare a breaks/replaces on the pre-wmdocker version of the
 package, allowing existing users to safely update, both src:docker and
 src:docker.io side. This brings us into line with other distros, which
 now ship wmdocker(1) and docker(1).
   * As a stop-gap, I'm still shipping a docker.io(1) symlink to allow
 migration away.
Checksums-Sha1:
 d63484580cd462e470e70c8cc7e4d649e48fc7eb 2568 docker.io_1.0.0~dfsg1-1.dsc
 c758d68c0e946709f29d281d411aaad707e3e41e 2097775 
docker.io_1.0.0~dfsg1.orig.tar.gz
 9a0bd112d1bec5fa34338217c68b43cbe3dfe952 12128 
docker.io_1.0.0~dfsg1-1.debian.tar.xz
 93bd5cb72247e3abcb791d4ce709f793112f2802 4106614 
docker.io_1.0.0~dfsg1-1_amd64.deb
 e37309e8d56ef68726ceb2ff50bbb4113caee885 25424 
vim-syntax-docker_1.0.0~dfsg1-1_all.deb
Checksums-Sha256:
 92455dc24575e9908d239d898b2fb82203c65376b8419245349edf047a422920 2568 
docker.io_1.0.0~dfsg1-1.dsc
 7e3a78180a94b8382a4c925b673b46e9383917b14ca54c0717d3d2b795214a3c 2097775 
docker.io_1.0.0~dfsg1.orig.tar.gz
 410f015412d7f68f631025e5004b3f84f08e8877d3001859cff2bfbed2ceb2da 12128 
docker.io_1.0.0~dfsg1-1.debian.tar.xz
 aad8ea7e34d3a9fb6ccd9d535fb0ae85e61b54894966d9dd521ca981fcdb81e7 4106614 
docker.io_1.0.0~dfsg1-1_amd64.deb
 2c0801b79510171d903dd13efed765270acbdc7d969d4f355e6b14c5f5b4c62a 25424 
vim-syntax-docker_1.0.0~dfsg1-1_all.deb
Files:
 e7a4d091ef9fd37322d595528f1c187f 4106614 admin optional 
docker.io_1.0.0~dfsg1-1_amd64.deb
 89918fd5d7f5d226217e74a5076015e8 25424 admin optional 
vim-syntax-docker_1.0.0~dfsg1-1_all.deb
 61df710703776087ff442242da756467 2568 admin optional 
docker.io_1.0.0~dfsg1-1.dsc
 422894427e4e7115328fb3ab93e45836 2097775 admin optional 
docker.io_1.0.0~dfsg1.orig.tar.gz
 1c2e454d6bfb5e35a9b27fe34ee0da4d 12128 admin optional 
docker.io_1.0.0~dfsg1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJTm6EEAAoJEHtYWzCAfCqHpuIP/ishf4+J/hQlis9Wpa/a1Bos
w75yXK7baNdzqR0vl5AQMYNpZkokkCjayR7rcmn861e2EmknpUGIbDghrPFzntDO
kFixuWgmHkax1tbt0ktI7ZpZuKhHRuMpRoMSVztol326BVhP40CwE+RpeXYUyI3n
+ttM1jT+Yaf9UNVs0Hyo48+D46QPiqSNHnf4GUOHu1LYKWB3b4DpcCSQnbp4gLjZ
kqcl/cL5BfL51MSnZKwqF+1LkWWKPXJX00RUSkcFY2aCjssQZlMh1dwA03IYGE9i
0tZlU4AoOdaDcg6rEzxGaAyDrMVdXJZJRtLZ/phW83SGWZdxZkuxaHHCpk3cblka
4+iRoRl6e0M1xnaBy27MVeE4Q+bxnxa+7iQ5MkoKa7oqd7KSaXYx4Gw2eD5spXnu
4NEEAO7oq0HTgzEB3TENAMvXLH+6go8tKe5hX40zPQGaegWRI1LiMZ0HZ8vDZdP2
ApQ4V/LhOAdpaE1e8OGJho9KJU5vx7wfVKFT6yRgmzynHbdCN3MDZMe5cZVNmEk2
HLHSLMpEatIIwij71qH8yO2rCDRXe79TXAwCFkwXTfOh3Mn4wjt/bQ97qdLNIjZy
65vKEVCbIS+mEEz4CYyRgdBTSR6RUOZNNw72IzA2j2pPDfZf0SVRNFlT4nF7fcnb
BH1dR5w525RJK36wG/St
=1rKp
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1wvcra-0006vs...@franck.debian.org

Accepted golang-mux 0.0~git20140505.1.136d54f-2 (source all)

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 12 Jun 2014 22:07:36 -0400
Source: golang-mux
Binary: golang-mux-dev
Architecture: source all
Version: 0.0~git20140505.1.136d54f-2
Distribution: unstable
Urgency: medium
Maintainer: Daniel Mizyrycki mzdan...@glidelink.net
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-mux-dev - URL router and dispatcher
Changes:
 golang-mux (0.0~git20140505.1.136d54f-2) unstable; urgency=medium
 .
   * Team upload.
   * Update copyright to match body of the license, BSD-3, not MIT/Expat.
 Thanks for that catch, alteholz.
Checksums-Sha1:
 ea4a762f8e2245f55286dad7192f5f791abf904f 2150 
golang-mux_0.0~git20140505.1.136d54f-2.dsc
 bdc7cc875d005cd6538ce8c1f20502d68a832969 4660 
golang-mux_0.0~git20140505.1.136d54f-2.debian.tar.xz
 1f24949292b50cf3c01b914893cbd5777b77a2e7 19200 
golang-mux-dev_0.0~git20140505.1.136d54f-2_all.deb
Checksums-Sha256:
 0b5adc82e5cab75052ad2b568a001c4229627ad4615f7bbb6dc353b53c8fc468 2150 
golang-mux_0.0~git20140505.1.136d54f-2.dsc
 a9c88cb612980ed2f1e0c3d313c8352fd872f0893e54ff8e8ff8227cbb829901 4660 
golang-mux_0.0~git20140505.1.136d54f-2.debian.tar.xz
 8e7fe598240906e237d116e3c559d173b7f511e62b2e5fe7aa7cbba50774e478 19200 
golang-mux-dev_0.0~git20140505.1.136d54f-2_all.deb
Files:
 eb228e0faf358f385a64d55ef316e6d7 19200 devel extra 
golang-mux-dev_0.0~git20140505.1.136d54f-2_all.deb
 a7bad282bccfa7407c9b831aa512307d 2150 devel extra 
golang-mux_0.0~git20140505.1.136d54f-2.dsc
 824ca17ce05095ab5f2a3752101c12f7 4660 devel extra 
golang-mux_0.0~git20140505.1.136d54f-2.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJTml0+AAoJEHtYWzCAfCqHNk4P/3TlCiJqqWJOJh/HED+GFDj9
o989k+iJAYtFOTC/Gv/pGMCE09qhggaArb05McLaIy15TcknRGgL5golpLsYaU1m
9bTp3WgC/4/RslOir50IsJ8p0TkrA+W08Z3YEgsC/cTL0YGxHa5fa1Po71AqtkTi
vNow8X8plp3NqReIZjKuZ0MLVq0op0cc27EW4d76RxP+MpsHizzvQdxdP4i8JsPN
EXrsZ4GTLNls1HoVBtv1tBR8SMq4trjBjY2iw1S11mddRmXcKLEE9OJT3NJnLFkk
ysBopY8BGLJSVVc4yDMl6SFfGmgt0Ks6dY7UX6HO7VRrtS3G5XVxCrYV1wZp6zeN
4xBVew49xDkqaT/9ci1R5NRCGS03Ea02e7glt59TfY2qLI2hlUg0UdAybfh2obn7
BECJsVJWobBuoaJbQ6t8s2l7lAWEcLC+rhZUcBACmDgKrFzAMVazuZjnZnXGfimT
DvA2pC3CT/cloBxmcMkG7Z9jd/aanlETmzRhOPGcZg/2uQteIAo1+JVNoW1gvc0d
k42+MH57amEKkLMqcW57kN5Ss7qGzvsPBvBY9zRc6bolhnzookTM/W5AjZxbQl5l
BApeIJZQBFMeJb7B8MizPxAOXOfcQY8ML8gY36RH+1ec4bpStHNz3mJAtGaSU2oz
Nz0Fk/D6YYp4vdYJyUF8
=LRh7
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1wviha-0005nf...@franck.debian.org

Accepted golang-context 0.0~git20140522.1.1f3e8a4-2 (source all)

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 12 Jun 2014 21:50:59 -0400
Source: golang-context
Binary: golang-context-dev
Architecture: source all
Version: 0.0~git20140522.1.1f3e8a4-2
Distribution: unstable
Urgency: medium
Maintainer: Daniel Mizyrycki mzdan...@glidelink.net
Changed-By: Paul Tagliamonte paul...@debian.org
Description:
 golang-context-dev - General purpose registry for global request variables
Closes: 751423
Changes:
 golang-context (0.0~git20140522.1.1f3e8a4-2) unstable; urgency=medium
 .
   * Team upload.
   * Update copyright to match upstream (BSD-3 vs MIT/Expat). Thanks for the
 catch, alteholz. (Closes: #751423)
Checksums-Sha1:
 50a9115d9ccdafc3e781713837903cdbd8f05b29 2175 
golang-context_0.0~git20140522.1.1f3e8a4-2.dsc
 450a7ffbb59739f5a0aa5f2e805b303156077607 4436 
golang-context_0.0~git20140522.1.1f3e8a4-2.debian.tar.xz
 c870b07c8d317660ebe9ffac6a7c88c1502d4072 6210 
golang-context-dev_0.0~git20140522.1.1f3e8a4-2_all.deb
Checksums-Sha256:
 9737e02e3b8527e285b1670ecad8dabe1c8e4796b63129f73f1f61f7c9f8bcee 2175 
golang-context_0.0~git20140522.1.1f3e8a4-2.dsc
 4209387f612ac6288a77f9a7581d4a62fa1ffea05d1fdf80138bed2af2bf6256 4436 
golang-context_0.0~git20140522.1.1f3e8a4-2.debian.tar.xz
 125214df2dea80e93abd5eeec4ef126393fdc720c9d02070cceca7f68b2bfabf 6210 
golang-context-dev_0.0~git20140522.1.1f3e8a4-2_all.deb
Files:
 ffe2455dc20770425d1a7c922a47f92e 6210 devel extra 
golang-context-dev_0.0~git20140522.1.1f3e8a4-2_all.deb
 8f0784b573c87fa8874269e55a0b7f9a 2175 devel extra 
golang-context_0.0~git20140522.1.1f3e8a4-2.dsc
 21e014aba7032b945f234888a9d179af 4436 devel extra 
golang-context_0.0~git20140522.1.1f3e8a4-2.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJTmlzJAAoJEHtYWzCAfCqH56MP/i4giQyz7oDb4ubmUOIqyt7I
bWd051EP5FME8IQVoD2ZdWZuYVdoa3hBB+fWXmgiETgyO4fHqQwi5ZNERccQbjcU
wVd7ypuZDNPKQWDLCvr61WRghnib+qy94hyyyIujZorfcCGw9dkScmt6aWUFqd1h
FnVpAyjNEFVmWq5khDdf39smQFavA6anbBX2HXUI5c9MwrO4r443oofrpotWdm4S
/OhUTwjQekuOyf2gEZjL3zz+0b0hFyY1r+ZB6ZBSspQLC8L5eOI/2M2sd9YEcWHJ
6XKYKcMUiF7ipqi5sSqwCldFLx7xwG+rJMJl7UY6OETZKmFh4Yub3LdTB3AZnh/2
A04B53m1Hl1LTxxnqBS3gqLIragWwPpyZNXWoH2x/iezpqwas7AfOwyP2a2n5KTK
3cLSHjQmz7GQtLJPpt5SJWxRY6Hw6EOymrb4fJZC8QE2uX1pSfEMwQiEO/jyJQ0u
wW8NMtEvZusxHF8idIkBB+nt+mzntzRrEM2HRszzPQiUFMC64f6vGCQtD4YpD9BW
HTGrYyTAKy2iRyZ1W9gb5/VxuuOuV2XCPQgif+rEkooCbI7htmALsNvYCAgeysTf
qLzXFpFg1Yyz0xI9uRiK/i13vmd9TfQqsDx54szSEbpPqYvuH7KgnkB/mQyFN40c
JCKNjw256vogAYjBMCLm
=Sarg
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1wvih4-0005la...@franck.debian.org

Re: Non-source Javascript files in upstream source

[Paul Tagliamonte]

On Fri, May 02, 2014 at 06:40:26PM +0100, Ian Jackson wrote:
 I'm starting to get tempted.  If we have a GR on it, regardless of the
 outcome, we can stop these arguments a bit sooner.

Please do note that this would be a GR to override a DPL delegated
team's decision[1], just to be absolutely clear.

Cheers,
  Paul

[1]: https://lists.debian.org/debian-devel-announce/2014/04/msg00014.html

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Non-source Javascript files in upstream source

[Paul Tagliamonte]

I'm not writing this email with my ftpteam hat on.



On whenever (I can't be bothered to actually quote, sorry :) ) Russ wrote:
 That doesn't matter for a GR.  A GR can do that with a simple
 majority.

I know, but I just want to make it absolutely clear, since I believe
the statement made covers this, and I think it presents a GR in a
different light -- just politically, even if it doesn't change the votes
needed.




On Fri, May 02, 2014 at 09:20:02PM +0200, Bas Wijnen wrote:
 Is there any disagreement about this?  As far as I've understood so far, there
 are only two points that keep being discussed:
 
 1. Do we need to check that generated files which we don't use are actually
generated from the provided source?  Main example here is a configure file
which gets overwritten during build.

Yes. Please see the email. You need to make sure you have source for
everything. If you're not shipping the raw source (e.g. most Python), be
sure you're making the binary in your rules file, and using that binary
in the deb.


 2. What is source for a non-programmatic work such as a rendered bitmap of a
3-D model, do we require source for non-programmatic works, and if not, 
 what
defines a programmatic work?

Preferred form of modification. Yes, there exist edge-cases (an image
made from a photo taken of someone which had two pixels flipped after
putting it through scanner after skydiving while drawing it), but I
think good judgement here is fine.

If the png was made from the svg, include the svg. If a binary was made
from c, include the c. If a min.js was made from .js, include the js. If
a config file was made by a jinja template, include the template.

If you were to 'update' the image, how would you do it? What things
would you need? Include that. Think about what you'd need when you fork
the project.


Hopefully most maintainers can identify the preferred form of
modification on their own. If anyone has trouble, ask for help.

Debian Legal is a good place, as is the ftpteam, debian-devel or
wherever you feel most comfortable soliciting the help of others.


 Neither of these is clarified by their recent statement.

I believe they are. We require source. This applies to source packages.
If you don't have source, don't include the thing. If you have the
source, rebuild it at build time.

  However, to put this issue to rest, the GR probably needs to amend the
  DFSG to make it unambiguous, so a 3:1 supermajority would be a good idea
  anyway.
 
 That would be a good idea, but given the constant discussions and the vote in
 2006[1], it seems doubtful whether we can get a simple majority on any point 
 of
 view in this matter.  So it might be better to at least include an option 
 which
 makes the statement without modifying the DFSG.


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted stdeb 0.6.0+20100620-5 (source all)

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sat, 12 Apr 2014 13:34:16 -0400
Source: stdeb
Binary: python-stdeb
Architecture: source all
Version: 0.6.0+20100620-5
Distribution: unstable
Urgency: high
Maintainer: Andrew Straw straw...@astraw.com
Changed-By: Paul Tagliamonte paul...@debian.org
Description: 
 python-stdeb - Python to Debian source package conversion utility
Closes: 744097
Changes: 
 stdeb (0.6.0+20100620-5) unstable; urgency=high
 .
   * Team Upload
 .
   [ Paul Tagliamonte ]
   * Fix PyPi URL due to python.org site changes.
 See https://github.com/astraw/stdeb/pull/72/files for more information.
 (Closes: #744097). Thanks to Asheesh for the bug  in-person prod.
Checksums-Sha1: 
 c669bf23ec6ff57b41f98d51d61f006c5a36403e 2109 stdeb_0.6.0+20100620-5.dsc
 6fc8290de6b595c792ae659d580780c34e12ea49 9824 
stdeb_0.6.0+20100620-5.debian.tar.xz
 7e6293ac91ea6dcef236d9854dade68b27eb1d01 40740 
python-stdeb_0.6.0+20100620-5_all.deb
Checksums-Sha256: 
 5cd22afd616f78498d61419a084e9963b1959ce7366299cb9b3bc6806a5c349d 2109 
stdeb_0.6.0+20100620-5.dsc
 31c15f29d0b079f5cd50eb19ca618129668675b7c02f285bcc56afe3be2286eb 9824 
stdeb_0.6.0+20100620-5.debian.tar.xz
 42eacdfea310db0039a25d02eb59a71440a7a075af7c6e0ca804b9e45c3c12cb 40740 
python-stdeb_0.6.0+20100620-5_all.deb
Files: 
 fe302e1f7ef9946443b3fddd56509e60 2109 python optional 
stdeb_0.6.0+20100620-5.dsc
 404505b83abe3e293e97cbe97de6af3c 9824 python optional 
stdeb_0.6.0+20100620-5.debian.tar.xz
 670f6031d19a255ba3adec4ec697d1ae 40740 python optional 
python-stdeb_0.6.0+20100620-5_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJTSX75AAoJEHtYWzCAfCqHHpwP/RzOA5JlX3YzJW5ZF2H0VmaZ
KxDPjjiP3EEjL69mP5FrnTqPRWpRgrOgFyGAEiOYifEcbZDJkHUFLeIoQ6+12B5Y
wi5AnF2hky0JF+LYiDFQtZh3vOZxvvI/bp3Y9SYryZFf6YKqnrSCj4Va8vHU7Q2D
nZ3swxFGXHncQMVyZzWZtvwRp8D7DG4VTwgm2gi/6WpYIWtm06PJcjNzfCTrb93B
GQGDQYmxCogqTIRbEA/XpaJAhe67hq5Rbd5y0TYCxJNNjpDD82fvL2XD9Rs0wdX3
Z89rvJtPpdp6ErLssqBVehzqAajUsL0EuUZubSeAPpqBQpDUx78ktQwCT49LCgx9
+q2Y3nJnDozkyPsg5gCxwUjTc84cZz3pBB3cmk252tXimyacWb5d8YEzdKxKLjri
eqwCoRPZphNRj6aJWqhRGl6r08damI4GRLh8U1xji7aaAusJDynjDsGFtQxqzuJ9
WoRN2xn3bA7oe2wt4NDQ6SJqXjARoGfIX3c+Rt7AXXPdozV74lVM4jlzBSHQRUK+
g2zTrMTNhm7DI19/CPSQ7QjZgF48i8WeucFpTYclkKPw3/2IbPrFcSLGlqGlqUk3
S7BShe64OG6uHMxJ7nA3QR8DMTqR2M/H7LcZfGbLshm+BIi5GfBpZgcQqQsfstMi
jgmw6jy2EUUnG9ab2Spe
=TaFA
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1wz2hk-0007ec...@franck.debian.org

Re: Debian default desktop environment

[Paul Tagliamonte]

On Tue, Apr 08, 2014 at 12:46:59PM -0500, Gunnar Wolf wrote:
 Hear, hear. 
 
 Remember all the hype that arose when Beryl was announced, with
 per-window transparency settings, the rotating cube, wobbly windows,
 and all that. It was flashy, and I do think it made some heads turn to
 Linux, previously perceived as plainly fugly.
 
 Beryl and its ideas came and went. Yes, some ideas stuck and became
 useful. But I'm very glad that did not become the standard for desktop
 interaction.

It was the standard -- for a while -- and for that while it was the
golden years of the Linux desktop (in my mind)

We had features no one else did, people were pushing the bounds of what
we thought were posible and having a great time doing it. Yeah, a lot of
it was silly, but a lot of really good stuff came out of it that I can't
get these days.

After the KDE4 and GNOME3 rewrites (which are hugely important and vital
to our success) I don't mind Compiz died, but for a *long* time this was
the standard, and it was the most advanced window manager.

Someone remind me; is Unity still a Compiz plugin, or did that die too?


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: systemd and Linux are *fundamentally incompatible* - and I can prove it

[Paul Tagliamonte]

On Tue, Mar 25, 2014 at 04:15:25PM +, Jonathan Dowland wrote:
 I was very proud of my fellow colleagues for not feeding the troll a
 full 24 hours later. Thanks for breaking the record :(

I agree - I even *told* people on #-devel to not even - bother
replying - since I figured no one would *post* to this.



But seriously; is it really this easy to bring the project to a halt?


signature.asc
Description: Digital signature

Re: jquery debate with upstream

[Paul Tagliamonte]

On Tue, Mar 25, 2014 at 11:16:12PM +0100, Philipp Kern wrote:
 To be honest I'd rather like to see a ruling which is codified in
 a policy than random guesswork we do on -devel from observing FTP
 masters' actions. This is not Mao.

There was an ftpteam meeting last week, and this was discussed. I think
there was internal consensus and the team is midway through drafting a
statement.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: jquery debate with upstream

[Paul Tagliamonte]

On Wed, Mar 12, 2014 at 09:57:50PM +0100, Jakub Wilk wrote:
 That would work only if the embedded copy was the same version as
 the packaged one. And there are lots of jQuery versions in the wild.
 
 In 20120817111437.ga8...@jwilk.net I suggested making a package
 that would bundle all the needed sources, but my proposal wasn't met
 with enthusiasm.

I think this mega-package might actually be hella useful, but I think
it'd be useful if we do some dh-foo to automagically strip and link
copies at build-time, so that we *never* ship a jquery file (if it's a
matching shasum or something), but it strips it and turns it into a dep
+ symlink.


As for having the source to a source package in another source package?
Hurm. I don't know how I feel about that, but I don't think I like it.

But, I do like the jquery mega-package // javascript mega-package. We
could at least fix Doxygen to not throw these copies all around.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: jquery debate with upstream

[Paul Tagliamonte]

Also archive size, for what it's worth.

Shipping GBs of DLLs, minified JS and other sourceless nonsense
is totally a waste of everyone's time and storage space.


On Wed, Mar 12, 2014 at 11:44 AM, Don Armstrong d...@debian.org wrote:

 On Wed, 12 Mar 2014, Ian Jackson wrote:
  No-one has come up with any practical benefit from the repacking of
  source tarballs to remove nonfree files.

 Non-free files in source files are distributed by Debian. They cannot be
 modified, inspected, or easily patched. Removing them assures us that
 they will never be accidentally included in a Debian binary package. It
 also means that people running searches for embedded copies to fix
 security issues don't have false positives.

 Whether these benefits outweigh the costs of doing it is arguable, but
 these are some of the benefits.

 --
 Don Armstrong  http://www.donarmstrong.com

 The state must declare the child to be the most precious treasure of
 the people. As long as the government is perceived as working for the
 benefit of the children, the people will happily endure almost any
 curtailment of liberty and almost any deprivation.
  -- Adolf Hitler _Mein Kampf_ p403


 --
 To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive:
 https://lists.debian.org/20140312154438.gd12...@teltox.donarmstrong.com




-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq

Re: jquery debate with upstream

[Paul Tagliamonte]

[ not as ftpteam -- man, I'm saying this a lot lately ]

On Tue, Mar 11, 2014 at 03:16:14PM +, Ian Jackson wrote:
 You have conspicuously failed to answer Jonas's question.  What
 objective does removing these files and repacking the tarballs serve ?

We distribute source. The question is, do we want to distribute binaries
in the source to which we have no, well, source. This means, do we want
to break the DFSG on the distribution of source packages?

  Debian have a certain definition of Freedoms [...]
 
 Whose freedom is impaired, and in what way, by the presence of these
 useless but ignored files in the tarball ?

We distribute them. The challenge here is does anyone use them. I leave
that question up to the reader.

 In this subthread I think we are having an internal conversation about
 what our own logic is, within Debian.  I'm sorry to say that I still
 fail to see the logic behind your apparent (but not explicitly stated)
 point of view.

Hopefully you can grok mine :)

 
 Ian.

Cheers,
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: jquery debate with upstream

[Paul Tagliamonte]

[not ftpteam]

On Tue, Mar 11, 2014 at 06:09:40PM +, Ian Jackson wrote:
 I don't think this is a significant breach of the DFSG.

Ah, but you do acknowledge this *is* a breach, even if a small one.


So this comes down to where the line is, like I said.


You may think a line is somewhere, but the DFSG is interpreted by the
ftp-masters, so the question isn't what paultag or ian says, but what
the ftp-masters say :)


Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: [cjwat...@debian.org: Accepted grub2 2.02~beta2-7 (source i386)]

[Paul Tagliamonte]

Next time, dput-ng checks for this :)

Cheers,
  Paul


On Tue, Mar 11, 2014 at 6:50 AM, Colin Watson cjwat...@debian.org wrote:

 Distribution: unstable.  Whoops.  It is far too easy to make this
 mistake with sbuild if you're not quite paying absolutely perfect
 attention.  My apologies ...

 Anyway, while this was unintentional, I don't think it's actually
 dreadful.  testing has 2.00-22, which is reasonably solid, and I wanted
 to make sure wheezy ships with at least GRUB 2.02 anyway, so I might as
 well just forge ahead now rather than trying to figure out how to back
 this out.

 --
 Colin Watson   [cjwat...@debian.org]


 -- Forwarded message --
 From: Colin Watson cjwat...@debian.org
 To: debian-devel-chan...@lists.debian.org
 Cc:
 Date: Mon, 10 Mar 2014 15:37:30 +
 Subject: Accepted grub2 2.02~beta2-7 (source i386)
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256

 Format: 1.8
 Date: Mon, 10 Mar 2014 13:39:33 +
 Source: grub2
 Binary: grub2 grub-linuxbios grub-efi grub-common grub2-common grub-emu
 grub-emu-dbg grub-pc-bin grub-pc-dbg grub-pc grub-rescue-pc
 grub-coreboot-bin grub-coreboot-dbg grub-coreboot grub-efi-ia32-bin
 grub-efi-ia32-dbg grub-efi-ia32 grub-efi-amd64-bin grub-efi-amd64-dbg
 grub-efi-amd64 grub-efi-ia64-bin grub-efi-ia64-dbg grub-efi-ia64
 grub-efi-arm-bin grub-efi-arm-dbg grub-efi-arm grub-efi-arm64-bin
 grub-efi-arm64-dbg grub-efi-arm64 grub-ieee1275-bin grub-ieee1275-dbg
 grub-ieee1275 grub-firmware-qemu grub-uboot-bin grub-uboot-dbg grub-uboot
 grub-xen-bin grub-xen-dbg grub-xen grub-yeeloong-bin grub-yeeloong-dbg
 grub-yeeloong grub-theme-starfield grub-mount-udeb
 Architecture: source i386
 Version: 2.02~beta2-7
 Distribution: unstable
 Urgency: medium
 Maintainer: GRUB Maintainers pkg-grub-de...@lists.alioth.debian.org
 Changed-By: Colin Watson cjwat...@debian.org
 Description:
  grub-common - GRand Unified Bootloader (common files)
  grub-coreboot - GRand Unified Bootloader, version 2 (Coreboot version)
  grub-coreboot-bin - GRand Unified Bootloader, version 2 (Coreboot
 binaries)
  grub-coreboot-dbg - GRand Unified Bootloader, version 2 (Coreboot debug
 files)
  grub-efi   - GRand Unified Bootloader, version 2 (dummy package)
  grub-efi-amd64 - GRand Unified Bootloader, version 2 (EFI-AMD64 version)
  grub-efi-amd64-bin - GRand Unified Bootloader, version 2 (EFI-AMD64
 binaries)
  grub-efi-amd64-dbg - GRand Unified Bootloader, version 2 (EFI-AMD64 debug
 files)
  grub-efi-arm - GRand Unified Bootloader, version 2 (ARM UEFI version)
  grub-efi-arm-bin - GRand Unified Bootloader, version 2 (ARM UEFI binaries)
  grub-efi-arm-dbg - GRand Unified Bootloader, version 2 (ARM UEFI debug
 files)
  grub-efi-arm64 - GRand Unified Bootloader, version 2 (ARM64 UEFI version)
  grub-efi-arm64-bin - GRand Unified Bootloader, version 2 (ARM64 UEFI
 binaries)
  grub-efi-arm64-dbg - GRand Unified Bootloader, version 2 (ARM64 UEFI
 debug files)
  grub-efi-ia32 - GRand Unified Bootloader, version 2 (EFI-IA32 version)
  grub-efi-ia32-bin - GRand Unified Bootloader, version 2 (EFI-IA32
 binaries)
  grub-efi-ia32-dbg - GRand Unified Bootloader, version 2 (EFI-IA32 debug
 files)
  grub-efi-ia64 - GRand Unified Bootloader, version 2 (IA64 version)
  grub-efi-ia64-bin - GRand Unified Bootloader, version 2 (IA64 binaries)
  grub-efi-ia64-dbg - GRand Unified Bootloader, version 2 (IA64 debug files)
  grub-emu   - GRand Unified Bootloader, version 2 (emulated version)
  grub-emu-dbg - GRand Unified Bootloader, version 2 (emulated debug files)
  grub-firmware-qemu - GRUB firmware image for QEMU
  grub-ieee1275 - GRand Unified Bootloader, version 2 (Open Firmware
 version)
  grub-ieee1275-bin - GRand Unified Bootloader, version 2 (Open Firmware
 binaries)
  grub-ieee1275-dbg - GRand Unified Bootloader, version 2 (Open Firmware
 debug files)
  grub-linuxbios - GRand Unified Bootloader, version 2 (dummy package)
  grub-mount-udeb - export GRUB filesystems using FUSE (udeb)
  grub-pc- GRand Unified Bootloader, version 2 (PC/BIOS version)
  grub-pc-bin - GRand Unified Bootloader, version 2 (PC/BIOS binaries)
  grub-pc-dbg - GRand Unified Bootloader, version 2 (PC/BIOS debug files)
  grub-rescue-pc - GRUB bootable rescue images, version 2 (PC/BIOS version)
  grub-theme-starfield - GRand Unified Bootloader, version 2 (starfield
 theme)
  grub-uboot - GRand Unified Bootloader, version 2 (ARM U-Boot version)
  grub-uboot-bin - GRand Unified Bootloader, version 2 (ARM U-Boot binaries)
  grub-uboot-dbg - GRand Unified Bootloader, version 2 (ARM U-Boot debug
 files)
  grub-xen   - GRand Unified Bootloader, version 2 (Xen version)
  grub-xen-bin - GRand Unified Bootloader, version 2 (Xen binaries)
  grub-xen-dbg - GRand Unified Bootloader, version 2 (Xen debug files)
  grub-yeeloong - GRand Unified Bootloader, version 2 (Yeeloong version)
  grub-yeeloong-bin - GRand Unified Bootloader, version 2 (Yeeloong
 binaries)
  grub-yeeloong-dbg - GRand 

Re: Idea for apt-get : getting source code instead getting binaries

[Paul Tagliamonte]

On Thu, Mar 06, 2014 at 04:33:50PM +0100, Solal Rastier wrote:
 Hello! I've an idea for a new apt-get package style :
 
 Developer side :
 -The developer create a ./install script in the source code.
 -The install script executes all commands necessary for install the software. 
 Also, it getting dependancies, etc.
 -The developer create a tarball (.tar.bzip2) and rename the file name. 
 Instead of software.tar.bzip2 , that's software.deb
 -The developer distribute the software.deb
 
 Apt-get side :
 -The apt-get tool download software.deb from the Debian repository.
 -The program is installed with dpkg
 
 Dpkg side :
 -dpkg rename the software.deb software.tar.bzip2
 -tar uncompress the software.tar.bzip2
 -cd go into the software folder
 -./install execute install script

Script to do this attached; can I have my GSoC money now? :)

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt
#!/bin/bash

PACKAGE=$1
WORKDIR=$(mktemp -d)
pushd ${WORKDIR} /dev/null

apt-get build-dep ${PACKAGE}
apt-get source --build ${PACKAGE}
dpkg -i *deb


popd ${WORKDIR} /dev/null


signature.asc
Description: Digital signature

Re: Using docker for Debian packaging work ?

[Paul Tagliamonte]

I'd be interested in a few things - a Debian index which I can trust
(images) - I'm keen
to help add OpenPGP to Docker upstream. I'd also love it if dbuilder (or
whatever)
could tag layers with build-deps installed (tagging something like
foobar:1.2.3-1),
so that building the package wouldn't have to install the b-d's each time -
and since
they're defined in terms of the Debian layer in the Dockerfile, we can keep
each
image super small.


On Thu, Mar 6, 2014 at 12:32 PM, Olivier Berger 
olivier.ber...@telecom-sudparis.eu wrote:

 Hi.

 I've been investigating the use of Docker containers on Debian
 (resulting in the creation of a few wiki pages [0]), and intend to use
 them more for Debian related tasks. Btw, thanks a lot for the packaging
 of docker and other guides already available around (I tried to collect
 what I spotted in the Wiki).

 I'm wondering if there are some bits of docs you would like to share if
 you're using docker regularly for Debian maintenance.

 I'm curious if anyone investigated the use of docker for git-pbuilder,
 fonr instance. Not that I'm sure there would be benefits compared to
 other current backends of git-pbuilder. I'm pretty sure that some may
 find a limitation in that Docker only supports building for amd64 over
 an amd64 system, currently.

 May I suggest to add more links / pages, starting from
 https://wiki.debian.org/PackagingWithDocker ?

 Thanks in advance.

 Best regards,

 [0] see https://wiki.debian.org/Docker for an index
 --
 Olivier BERGER
 http://www-public.telecom-sudparis.eu/~berger_o/ - OpenPGP-Id:
 2048R/5819D7E8
 Ingenieur Recherche - Dept INF
 Institut Mines-Telecom, Telecom SudParis, Evry (France)


 --
 To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive: https://lists.debian.org/87pplzdyi0@inf-8660.int-evry.fr




-- 
All programmers are playwrights, and all computers are lousy actors.

#define sizeof(x) rand()
:wq

Re: Idea for apt-get : getting source code instead getting binaries

[Paul Tagliamonte]

On Thu, Mar 06, 2014 at 06:58:41PM +0100, John Paul Adrian Glaubitz wrote:
 On 03/06/2014 05:01 PM, Paul Tagliamonte wrote:
  Script to do this attached; can I have my GSoC money now? :)
 
 Homer: Can I have some money now?

BTW; just for context, I thought this message was to a soc-coordination
list (and idling making a joke, I didn't intend to slander our student's
work, they do great stuff, and I respect the crap out of everyone that
works in GSoC).

 On a more serious side note, I think OP's point was to promote a package
 format where the upstream developer already does all the work and create
 a Debian package on the fly which could simply be dropped into the
 archives ready to install. Even when the package wasn't in Debian in
 the first place, which is the main assumption of your script, Paule.

Yeah, well, I was just showing that this is feasible with a properly
defined source package in the archive, even without any built debs. This
script was just snark (and has two big bugs, at least)

 However, this shifts the responsibility for the QA of a package from
 Debian towards upstream which will probably end in fear and loathing
 in the archives in no time.

Yep.

 Turning an upstream source into a working Debian package isn't really
 time-consuming and difficult for most cases. However, creating a well-
 maintainable and (lintian-)clean package into Debian isn't and takes
 lots of care and attention by a dedicated Debian Maintainer which knows
 the in and outs of Debian, its Policy and its powerful tools.

The proposed idea was basically as much effort as properly debianizing
the package.

 Cheers,
 
 Adrian
 
 - -- 
  .''`.  John Paul Adrian Glaubitz
 : :' :  Debian Developer - glaub...@debian.org
 `. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
   `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Much love,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: Bug#740379: ITP: asciinema -- Record and share your terminal sessions,

[Paul Tagliamonte]

On Sat, Mar 01, 2014 at 05:10:00AM +0100, Adam Borowski wrote:
 Are there any reasons to use this over ttyrec or termrec?  It seems to me
 asciinema is strictly worse than:
 ttyrec tmpfile  POST tmpfile http://asciinema's_url

Is it the same protocol? Nice of asciinema to support it.

 * you can't do things locally
 * there's only a recorder, without a player (you need to use a web service
   to replay)

That's a plus for me. I almost never want to watch this stuff locally,
and I'm recording for others.

 * it's slow: takes around 2 seconds at the start and end
 * can't be used from scripts (to eg, record everything)
 * can't be used to pipe the output, etc (for termcast)
 * can't edit the recording


Meh.

I've been using it from inside a virtualenv. I might as well have a
system-wide copy that I'm sure is pseudo-trusted and DFSG free.

 -- 
 A tit a day keeps the vet away.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition

[Paul Tagliamonte]

On Wed, Feb 26, 2014 at 01:11:55PM +, Thorsten Glaser wrote:
 First, we need new syntax to specify the architectures an arch:all
 package may be built on. (There may be cases where this cannot be
 deducted from the other binary packages it builds – if any. Heck,
 there may even be cases where a source package has multiple arch:all
 packages that need to be built on *different* architectures.)
 
 Then we need to have this syntax supported by dpkg in stable, AIUI…

Yo, tg,

I was going to send a mail about this yesterday. I've decided I'm going
to start a quest to support this. I settled on Build-Indep-Architecture
myself.

Anyway, dpkg doesn't need to be involved besides not choking on the
d/control line. We can just change wanna-build, debile and launchpad to
pass --arch-all to sbuild[1], which sbuild totes already supports.

The launchpad team seems willing, and i've not talked with wanna-build,
but I'm sure they're up for it.

BTW; the syntax would define a single arch; you know, in the spirit of
reproducability.

Someone willing to take this work up from me would clear my plate up to
do other thing, but it's something I want to see :)

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition

[Paul Tagliamonte]

On Wed, Feb 26, 2014 at 03:55:37PM +0100, Jakub Wilk wrote:
 BTW; the syntax would define a single arch; you know, in the
 spirit of reproducability.
 
 I have mixed feeling about this. On one hand, most[0] of arch:all
 packages can be built on more than one architecture, so “single
 arch” sounds like an artificial limitation.

You're not wrong; I'd just really hate for this to lead to a situation
where the arch:all build causes a FTBFS on ${EXOTIC_ARCH}
(HURD/kFreeBSD/MIPS) because it's assumed it works fine (I could see
something like endianess breaking things) and have it transitively break
the package (or worse yet; render data that isn't good to run)

I'd tend to lean to being explicit about where it should build (rather
then say any and call it a day), and have it explicitly reproducable
rather than some toss-up.

If dpkg-buildpckage doesn't care (and I don't see any reason why it
would), I'm sure it can just ignore this field and leave it as advice to
the build software.

Yeah, not great, I know :\

 On the other hand, we
 very much don't want the same arch:all package to be built by
 multiple buildds…
 
 
 [0] Likely s/Most/All/ if you take into account hypothetical
 architectures that nobody has boostrapped (yet?!), e.g.
 musl-linux-m68k.

Point taken.

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: building arch:all packages on the buildd network (was: Re: when will we finally throw away binary uploads)

[Paul Tagliamonte]

On Wed, Feb 26, 2014 at 04:28:15PM +0100, Ansgar Burchardt wrote:
 Build-Architecture-Indep might also work and is visually similar to
 the already existing Build-Depends-Indep and Build-Conflicts-Indep
 fields.

Erm, I swear I didn't ignore your feedback; this is what I meant, I just
typed it wrong. Either way, the field name is likely the easy part :)

  BTW; the syntax would define a single arch; you know, in the spirit of
  reproducability.
 
 I think allowing multiple architectures is more technically correct: not
 restricting the build to specific architectures implies any so we
 allow muliple architectures already.

 For the implementation we might want to have a priority list. The first
 architecture from the priority list that is allowed in Build-Arch-Indep
 (or whatever) would build the arch:all packages. The list would likely
 start with amd64 or i386 so that arch:all packages without
 Build-Arch-Indep would be built on amd64 (i386).

I have yet to go through the other thread, but I assume the only
objection still remaining is that having it be a single arch is
troublesome.

So, building off this mail (and ideas I had kicking around):


| Build-Depends-Indep field is defined as a list of architectures that the
| arch indep packages may be built on.
| 
| Architectures are parsed as splitting on whitespace (space, tab and
| newline) as delimiter between the raw values. A package which defines
| non-any values may not define any in the list of values. The values
| are defined with the same values as the Architecture field, with the
| exception of all.
| 
| any may be interpreted as the prefered arch, which is advised (but not
| required) to be amd64. If multiple values are provided, the first value
| (only) will be used to build the arch:all package.

Any arguments on this rough concept?

I figure we can treat the list sorta like we do with OR'd
Build-Depends (after all, aren't they really similar in the end?), so
that we ensure a deterministic build host arch, and allow for fallback
for buildd setups that may not have a few arches.


Comments?

Cheers,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: building arch:all packages on the buildd network (was: Re: when will we finally throw away binary uploads)

[Paul Tagliamonte]

On Wed, Feb 26, 2014 at 09:51:41PM -0500, Paul Tagliamonte wrote:
 Comments?

Erm, also - any package which omits this field may be considerd any
(or something like that)

Cheers,
  Paul



-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Re: building arch:all packages on the buildd network (was: Re: when will we finally throw away binary uploads)

[Paul Tagliamonte]

On Wed, Feb 26, 2014 at 10:09:22PM -0500, James McCoy wrote:
 On Wed, Feb 26, 2014 at 09:51:41PM -0500, Paul Tagliamonte wrote:
  So, building off this mail (and ideas I had kicking around):
  
  
  | Build-Depends-Indep field is defined as a list of architectures that the
  ^-- Build-Architecture-Indep, right?

Erm, yeah, duh, whoops :)

Thanks!
  Paul


-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Backports, Stable releases, Testing, Oh my!

[Paul Tagliamonte]

Howdy folks,

I'm sending to both -devel and backports. I'm not sure which is the
correct list. If one's wrong, feel free to drop it in replies.

I've been talking with a mentee about backporting procedures, and I've
explained why we don't backport until a package hits tending (stable 
stable-bpo  testing = unstable)

However, with the new testing removals from the release team (which is
totally great for creating an always releasable testing, many thanks for
that), we can create a situation where stable-bpo has a newer version
than testing when we release (lazy maintainer never fixed the rc bug).

What shall we do? Remove from stable-bpo? Hope an update comes around?
Does it make sense to revisit the rules? Does a wait until testing still
make sense (ok, waiting always makes sense, but beyond the 'let it
settle' thing)


Much love,
  Paul

-- 
 .''`.  Paul Tagliamonte paul...@debian.org  |   Proud Debian Developer
: :'  : 4096R / 8F04 9AD8 2C92 066C 7352  D28A 7B58 5B30 807C 2A87
`. `'`  http://people.debian.org/~paultag
 `- http://people.debian.org/~paultag/conduct-statement.txt


signature.asc
Description: Digital signature

Accepted ubuntu-dev-tools 0.152+nmu1 (source all)

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 24 Feb 2014 22:34:22 -0500
Source: ubuntu-dev-tools
Binary: ubuntu-dev-tools
Architecture: source all
Version: 0.152+nmu1
Distribution: unstable
Urgency: medium
Maintainer: Ubuntu Developers ubuntu-dev-t...@lists.alioth.debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description: 
 ubuntu-dev-tools - useful tools for Ubuntu developers
Closes: 738413
Changes: 
 ubuntu-dev-tools (0.152+nmu1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Change debian.tar.gz to debian.tar.xz (Closes: #738413)
Checksums-Sha1: 
 9cf34d0a7b68a75f6bc558dd48a7ad28d3157574 2024 ubuntu-dev-tools_0.152+nmu1.dsc
 1bf7ded8d54ea5f2a534d22213e77f50b9473eb4 147892 
ubuntu-dev-tools_0.152+nmu1.tar.xz
 223bc4b1e9323c57899c9061ccb9f68b795560a6 167674 
ubuntu-dev-tools_0.152+nmu1_all.deb
Checksums-Sha256: 
 5f704e54ce2537a97f6db8f580c15466610a0d5fdef26e06cf070ff2db2293d9 2024 
ubuntu-dev-tools_0.152+nmu1.dsc
 46b6313b413672068635cd57803f6f81154a409ec0a28e8ae764d371b19abe8a 147892 
ubuntu-dev-tools_0.152+nmu1.tar.xz
 d996b381b17cb068af3c12bc192d6f18b5781b855b0c13ed4edfd3b67d2dcdd7 167674 
ubuntu-dev-tools_0.152+nmu1_all.deb
Files: 
 62cec538b3056d4f87dbbf2bbdca0b13 2024 devel optional 
ubuntu-dev-tools_0.152+nmu1.dsc
 4ede441fa0aef149f63a04de7f1ab7f4 147892 devel optional 
ubuntu-dev-tools_0.152+nmu1.tar.xz
 87b44850c382089e98cc57a7925c8e58 167674 devel optional 
ubuntu-dev-tools_0.152+nmu1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJTDBKTAAoJEHtYWzCAfCqH/P8P/A+gWCmvpl5/gipTXS+qPXBY
STBELR/RlDYZH2A9X/LG1GD+RrJVRWWuMvCggXjVJDbyWX8Af+b3/UtcTxYLhDzp
Tpv1XtlKaGkKF1PaEIPNaDzLpFyicYv7EodU/HzxGjyEZcEolm84EgKjv7U+OZMK
kGODenxKyYPHNB9XZfvs8BPmGbhc5ET40F0zDYJR/2RObl0Ktcg1it6aaoRQepWS
YEFPm9a8L+QD1s7myQRO6cOKdkpP+Jf6jubTmg9p8Seko3Bc6Ec5nxX1s4y0AGvM
Nvxhs+UivRWUcVfro2QV4knUNM8g7srmraPMDiJ0I5ih8mjgQJdxORd3IdpjAgc5
HqPvnHnnzwxVSi5kKvxL31204sILN0kSgoYhzJt/adfSYknKxNgz/WOSF9lICVb4
2IAjTE1O1FMX4N/n+c5cErafHgF9LLUHgpO6gwuAJB24y1GkJcEEUfDiSaaoQTqm
BIOiI//DBYe+LtePl9KErv6tcteyZUKpsy/XY0gLwEddOI2pROULzqtrwtMU2H6d
5QFcd7pDVN6uYN6ybXIhGiWGDmz4+h54NpqR+BARxuOWc5LGhT1Blr2eESjtE5by
jtcIZqzNeEN7kXglGpWoKIzZ7hhaeOXj5JiLjrfsG6j65VSa16fZhrGFcDlKsE1f
3IaOdIcZ7BwBEglOaqsD
=IjZx
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1wipza-0004ap...@franck.debian.org

Accepted fluxbox 1.3.5-2 (source amd64)

[Paul Tagliamonte]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Mon, 24 Feb 2014 22:56:46 -0500
Source: fluxbox
Binary: fluxbox
Architecture: source amd64
Version: 1.3.5-2
Distribution: unstable
Urgency: low
Maintainer: Dmitry E. Oboukhov un...@debian.org
Changed-By: Paul Tagliamonte paul...@debian.org
Description: 
 fluxbox- Highly configurable and low resource X11 Window manager
Closes: 715911 720136
Changes: 
 fluxbox (1.3.5-2) unstable; urgency=low
 .
   [Paul Tagliamonte]
   * Check for $HOME before blindly using it in fluxbox-update_configs.
 (Closes: #715911)
 .
   [Andreas Beckmann]
   * preinst, prerm: Do not test for the existence of update-alternatives
 (this is part of dpkg).  (Closes: #720136)
   * Do not remove+reinstall the current alternative on upgrades as that could
 override local customization.
Checksums-Sha1: 
 fb82e94b2a2584190244bed0f8f44069e7dcbdf7 2057 fluxbox_1.3.5-2.dsc
 7afa1a1e61566500b76aa89656bb9a92e3126eaf 417564 fluxbox_1.3.5-2.debian.tar.xz
 a6c9b7d735e8fd0f26d3a716a6b831684f81f630 1131838 fluxbox_1.3.5-2_amd64.deb
Checksums-Sha256: 
 dde3f6b557677defd6f8f88501d91129dec72e142a34e86b1995115c31e7e652 2057 
fluxbox_1.3.5-2.dsc
 0c3d66e6585d6f46f1f569b514a0e39e551d8598ba52b1b13325690b9aa25fef 417564 
fluxbox_1.3.5-2.debian.tar.xz
 342a0955f8b56f56a8da917a2228216186229f3d67f6091189626e3c1e1f56bd 1131838 
fluxbox_1.3.5-2_amd64.deb
Files: 
 26c16aaf1f3d20ac808f35575cb3f0b7 2057 x11 optional fluxbox_1.3.5-2.dsc
 cfb5bad056627a992664ff83bd3efef2 417564 x11 optional 
fluxbox_1.3.5-2.debian.tar.xz
 83d73fb48cbbe99122c9381cd2cbb6d9 1131838 x11 optional fluxbox_1.3.5-2_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJTDBXHAAoJEHtYWzCAfCqHkG4P/0lY9zcM1ZNIYpt+cXjI1s9k
IddJ12sHKp/eyTsXkqhZyz7uQxWe49W7pwovcny/5P/YOrbNod+UMn0eElc9MncR
mHgqPusNr6j82ODVJ0vxvWdBIqtu1GGcz72c4DzjvKV/wD8tWmGOV3H2zFI+73HF
HQkMNMHN62brYEaunjrgtfMdScQFU+93jfYOsSj1auoUFdBAFa016z9E0c3dLoQn
bKRWCNLsea2GDZlvxHmj2ECOJYkcESx2VnVkFsusAaVUprxKmqYmmi5O/UoPeiqv
3aEtq4DSZYNZLW/Q5FeRd876AdWJF20SfL53u1nBlVLF7i97FrbhC1ofo6WJMFEc
xa4a73D+XAQM6hIn/juvDFoDSW9IdkT+ozxtqexnH94dHNtSpHEr4GWocJdXNIT0
Fkmo5mXKSvceZLZiSh84zaGGna9gThT+ro985wI+21fvN5Ehvzt2ts7NkdbVqIQn
8DFPrlwPyj866AQk/SiHFpVi7pGlJQ81wzcNJMBiG33gI9grg9fzz0N1kxwVIyFT
y9NXfIlMF50Bl0wEM9chO451Oul2XOyMQWhYlkupxd8SlQSefgYtKdp0I3cXowTr
ROuucm7D2zQI68nsJjxdY//MuiyOn/JC/BAY4kkPQYCQZemY3tgRtYXOSIJrrnPY
b4VJZSCaNw2n+wxXe8mW
=I+Zx
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1wi9tp-0006w8...@franck.debian.org