Re: Packages with DMUA but no DM (was: Re: RFS: mpg321 (updated package with AudioScrobbler support))
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Dne Sat, 26 Jun 2010 21:45:25 -0500 Raphael Geissert geiss...@debian.org napsal(a): -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Wise wrote: On Sat, Jun 26, 2010 at 8:42 AM, Nanakos Chrysostomos nana...@wired-net.gr wrote: I am looking for a sponsor for the new version 0.2.11-4 of my package mpg321. According to the PTS the package has DMUA set on it, so you should be able to build and upload it yourself. Except that Nanakos isn't a DM according to [1] and [2], which makes me wonder why Michal sponsored an upload that sets the field. I really did not check whether he is DM, sorry. I've already uploaded few version of mpg321 and though it would be okay to keep DMUA there. I just did not expect somebody would add DMUA while not being DM ... lesson learned. - -- Michal Čihař | http://cihar.com | http://blog.cihar.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.15 (GNU/Linux) iEYEARECAAYFAkwobxgACgkQ3DVS6DbnVgTXqQCeNRzM8oew/poJnV9fcfzl61PU pB8AnjVZoqBDVAAYrUtHKlBSiB0Svoa0 =qpRx -END PGP SIGNATURE-
Re: Packages with DMUA but no DM (was: Re: RFS: mpg321 (updated package with AudioScrobbler support))
Il giorno lun, 28/06/2010 alle 11.44 +0200, Michal Čihař ha scritto: [...] I just did not expect somebody would add DMUA while not being DM ... lesson learned. Just curiosity, but... why is this a problem? I mean: couldn't a DD say I trust you on this package but you're still not DM - I set the flag so it's useful in case you become it?! Is there some key-related security trap I'm missing? thanks Pietro signature.asc Description: This is a digitally signed message part
Re: Packages with DMUA but no DM (was: Re: RFS: mpg321 (updated package with AudioScrobbler support))
Il giorno lun, 28/06/2010 alle 11.44 +0200, Michal Čihař ha scritto: [...] I just did not expect somebody would add DMUA while not being DM ... lesson learned. Just curiosity, but... which lesson? I mean: couldn't a DD say I trust you for this package but you're still not DM - I set the flag so it's useful in case you become it?! Is the problem that it's unsecure to trust an email address which key is still not officially known to Debian? thanks Pietro signature.asc Description: This is a digitally signed message part
Re: Packages with DMUA but no DM (was: Re: RFS: mpg321 (updated package with AudioScrobbler support))
Hi Dne Mon, 28 Jun 2010 12:57:22 +0200 Pietro Battiston m...@pietrobattiston.it napsal(a): Il giorno lun, 28/06/2010 alle 11.44 +0200, Michal Čihař ha scritto: [...] I just did not expect somebody would add DMUA while not being DM ... lesson learned. Just curiosity, but... which lesson? Because I should check it more carefully. I mean: couldn't a DD say I trust you for this package but you're still not DM - I set the flag so it's useful in case you become it?! Is the problem that it's unsecure to trust an email address which key is still not officially known to Debian? I think the biggest problem is that it is confusing - eg. PTS shows this information and make people think there is no need to sponsor this package (like it happened now). -- Michal Čihař | http://cihar.com | http://blog.cihar.com signature.asc Description: PGP signature
Re: Packages with DMUA but no DM (was: Re: RFS: mpg321 (updated package with AudioScrobbler support))
Le Sat, Jun 26, 2010 at 09:45:25PM -0500, Raphael Geissert a écrit : I wonder if there should be a list of packages with DMUA but no DM Uploader[s] or Maintainer. Hi Raphaël, in the Debian Med packaging team, we set the DMUA field to ‘yes’ in all of our packages, and regulate upload rights through the Uploaders field. So at least some of our packages would be in this list without being problematic. Have a nice day, -- Charles Plessy Debian Med packaging team http://www.debian.org/devel/debian-med Tsurumi, Kanagawa, Japan. -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100628011038.ga29...@kunpuu.plessy.org
Packages with DMUA but no DM (was: Re: RFS: mpg321 (updated package with AudioScrobbler support))
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Wise wrote: On Sat, Jun 26, 2010 at 8:42 AM, Nanakos Chrysostomos nana...@wired-net.gr wrote: I am looking for a sponsor for the new version 0.2.11-4 of my package mpg321. According to the PTS the package has DMUA set on it, so you should be able to build and upload it yourself. Except that Nanakos isn't a DM according to [1] and [2], which makes me wonder why Michal sponsored an upload that sets the field. Not to mention that some bugs were closed in the changelog when they should have been closed by manually sending a message to the report explaining why it is not a bug. Examples: * Tried to reproduce the same experiment as Bug #388587 and i don't see any problem. If someone else can simulate the same problem, please report the bug and the way to simulate it again.So i am closing thsi bug also. (Closes: Bug#388587) * Anyone who wants to use the -a option can follow the information from the manpage. To give an example: mpg321 -a /dev/dsp song.mp3. So Bug #286176 should close.The -a option seems to work fine. (Closes: Bug#286176). I wonder if there should be a list of packages with DMUA but no DM Uploader[s] or Maintainer. [1]https://nm.debian.org/dm_list.html [2]http://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=both;package=debian- maintainers -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkwmu0YACgkQYy49rUbZzlrWAwCfZZMeB1aBdt1jauTDj4YXqa0j FuIAn0TlAwL39bTW4Tpoxfx2ktRVhKwh =oy+V -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4c26bb53.5770e70a.1d64.4...@mx.google.com
