Re: Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[Holger Levsen]

On Fri, Dec 16, 2022 at 01:22:30AM +0100, Juri Grabowski wrote:
> Quebes is not really RPM distribution as long I know.
 
It is: Qubes' dom0 is based on Fedora.

(and then you can install (almost) any other distro in domU, not
just linux however, but also BSDs, Mirage, Windows or something else.)


-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

The moon landing 50 years ago was paid by taxes, while Bezos space trip was
paid by not paying taxes.


signature.asc
Description: PGP signature

Re: Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[debian]

Hi!

On Thu, Dec 15, 2022 at 03:12:21PM +0100, Guillem Jover wrote:
> The project name talks about gpg keys, but those are really OpenPGP
> keys (or even better, certificates). I've asked upstream to rename the
> project to avoid this common confusion. So you might want to wait until
> that's settled to avoid multiple trips over NEW.
> 
>   
Thank you very much! I liked this issue on github and waiting for
upstream reply.
> 
> (If this project is also intended to only cover RPM-based distributions,
> as Adam brought up, you might want to further ask them to make that clear
> from the project name, say rpm-distribution-openpgp-keys or similar. But
> in any case regardless of the intended target use, it still seems like a
> very generic name which can be easily confused for a package that would
> be needed for Debian, or derivatives.)
Mainly for mock we just need keys for rpm-based
distributions/repositories. On the other way we have
extrepo-offline-data package where are repository keys for 3rd party debian 
repositories. Also maybe it's better to have extern PGP keys on one place.
What do you think about it?

Best Regards,
Juri Grabowski

Re: Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[Juri Grabowski]

Hello,

On Thu, Dec 15, 2022 at 08:15:37AM +0100, Adam Borowski wrote:
> These are all RPM distributions, which is definitely not what one would
> expect in our context.  At the very least the short desc would need to
> mention that, and I'd recommend having that in the name as well.
Thank you for your reply!
Mainly I agree with you.
Quebes is not really RPM distribution as long I know.
There is some keys for zoom, skype and others which are more self-contained.
Your suggestion for package descriptions?

Best Regards,
Juri Grabowski

Re: Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[Adam Borowski]

On Thu, Dec 15, 2022 at 03:12:21PM +0100, Guillem Jover wrote:
> On Wed, 2022-12-14 at 15:27:18 +0100, Juri Grabowski wrote:
> > * Package name: distribution-gpg-keys
> >   Upstream Author : Miroslav Suchý 
> > * URL : https://github.com/xsuchy/distribution-gpg-keys/
> >   Description : GPG keys by various Linux distributions
> > 
> > used by various Linux distributions to sign packages.
> > 
> > needed by mock/3.5 and I need a sponsor for this package. See current 
> > packaging in
> > https://salsa.debian.org/pkg-rpm-team/distribution-gpg-keys
> > After I know ITP bug number I upload this source package to
> > https://mentors.debian.net/package/distribution-gpg-keys/

> (If this project is also intended to only cover RPM-based distributions,
> as Adam brought up, you might want to further ask them to make that clear
> from the project name, say rpm-distribution-openpgp-keys or similar.

When in that project's native environment, ie a RPM distribution, the name
_is_ adequate.  It's only in Debian (/Alpine/Arch/Gentoo/...) where the
name can be confusing.  But then, there's no requirement for the package
name to match upstream.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋⠀ Quis trollabit ipsos trollos?
⠈⠳⣄

Re: Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[Guillem Jover]

Hi!

On Wed, 2022-12-14 at 15:27:18 +0100, Juri Grabowski wrote:
> Package: wnpp
> Version: 1.79
> Severity: wishlist
> Owner: Juri Grabowski 
> X-Debbugs-Cc: debian-devel@lists.debian.org, deb...@jugra.de

> * Package name: distribution-gpg-keys
>   Version : 1.7.9
>   Upstream Author : Miroslav Suchý 
> * URL : https://github.com/xsuchy/distribution-gpg-keys/
> * License : CC0-1.0
>   Programming Lang: data
>   Description : GPG keys by various Linux distributions
> 
> used by various Linux distributions to sign packages.
> 
> needed by mock/3.5 and I need a sponsor for this package. See current 
> packaging in
> https://salsa.debian.org/pkg-rpm-team/distribution-gpg-keys
> After I know ITP bug number I upload this source package to
> https://mentors.debian.net/package/distribution-gpg-keys/

The project name talks about gpg keys, but those are really OpenPGP
keys (or even better, certificates). I've asked upstream to rename the
project to avoid this common confusion. So you might want to wait until
that's settled to avoid multiple trips over NEW.

  

(If this project is also intended to only cover RPM-based distributions,
as Adam brought up, you might want to further ask them to make that clear
from the project name, say rpm-distribution-openpgp-keys or similar. But
in any case regardless of the intended target use, it still seems like a
very generic name which can be easily confused for a package that would
be needed for Debian, or derivatives.)

Thanks,
Guillem

Re: Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[Adam Borowski]

On Wed, Dec 14, 2022 at 03:27:18PM +0100, Juri Grabowski wrote:
> * Package name: distribution-gpg-keys
>   Upstream Author : Miroslav Suchý 
> * URL : https://github.com/xsuchy/distribution-gpg-keys/
>   Description : GPG keys by various Linux distributions
> 
> used by various Linux distributions to sign packages.

These are all RPM distributions, which is definitely not what one would
expect in our context.  At the very least the short desc would need to
mention that, and I'd recommend having that in the name as well.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋⠀ Quis trollabit ipsos trollos?
⠈⠳⣄

Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[Juri Grabowski]

Package: wnpp
Version: 1.79
Severity: wishlist
Owner: Juri Grabowski 
X-Debbugs-Cc: debian-devel@lists.debian.org, deb...@jugra.de

* Package name: distribution-gpg-keys
  Version : 1.7.9
  Upstream Author : Miroslav Suchý 
* URL : https://github.com/xsuchy/distribution-gpg-keys/
* License : CC0-1.0
  Programming Lang: data
  Description : GPG keys by various Linux distributions

used by various Linux distributions to sign packages.

needed by mock/3.5 and I need a sponsor for this package. See current packaging 
in
https://salsa.debian.org/pkg-rpm-team/distribution-gpg-keys
After I know ITP bug number I upload this source package to
https://mentors.debian.net/package/distribution-gpg-keys/

Best Regards,
Juri Grabowski