[EPEL-devel] Fedora EPEL 7 updates-testing report

[updates]

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
   5  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-4211889c5a   
seamonkey-2.53.17.1-1.el7
   3  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-981e9f53ff   
chromium-117.0.5938.92-2.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-ffb6e04eb7   
drupal7-7.98-1.el7
   1  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-c283911e27   
ckeditor-4.22.1-1.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

xrdp-0.9.23.1-1.el7

Details about builds:



 xrdp-0.9.23.1-1.el7 (FEDORA-EPEL-2023-97dd2d11b6)
 Open source remote desktop protocol (RDP) server

Update Information:

Release notes for xrdp v0.9.23.1 (2023/09/27)  This is a security fix release
for CVE-2023-42822. This update is recommended for all xrdp users.  Security
fixes   - CVE-2023-42822: Unchecked access to font glyph info

ChangeLog:

* Thu Sep 28 2023 Bojan Smojver  - 1:0.9.23.1-1
- Update to 0.9.23.1
- CVE-2023-42822


___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2232304] RFE: epel9 branch of perl-Mozilla-PublicSuffix

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Fedora Update System  changed:

   What|Removed |Added

 Status|MODIFIED|ON_QA



--- Comment #5 from Fedora Update System  ---
FEDORA-EPEL-2023-d37fd7d349 has been pushed to the Fedora EPEL 9 testing
repository.

You can provide feedback for this update here:
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d37fd7d349

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information
on how to test updates.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202232304%23c5
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Schedule for Thursday's FESCo Meeting (2023-09-28)

[Stephen Gallagher]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Following is the list of topics that will be discussed in the
FESCo meeting Thursday at 17:00UTC in #fedora-meeting-2 on
irc.libera.chat.

To convert UTC to your local time, take a look at
  http://fedoraproject.org/wiki/UTCHowto

or run:
  date -d '2023-09-28 17:00 UTC'

Links to all issues to be discussed can be found at:
https://pagure.io/fesco/report/meeting_agenda

= Discussed and Voted in the Ticket =

No pending announcements this week, several Changes are close to
approval but won't cross the threshold until tomorrow, so they will be
part of next week's announcement.

= Followups =

#3059 F39 incomplete changes: 100% complete deadline
https://pagure.io/fesco/issue/3059

= New business =

#3065 New workstation WebUI is enforcing a requirement for a separate /boot
https://pagure.io/fesco/issue/3065

#3067 Change: Restructure Kubernetes Packages
https://pagure.io/fesco/issue/3067

= Open Floor =

For more complete details, please visit each individual
issue.  The report of the agenda items can be found at
https://pagure.io/fesco/report/meeting_agenda

If you would like to add something to this agenda, you can
reply to this e-mail, file a new issue at
https://pagure.io/fesco, e-mail me directly, or bring it
up at the end of the meeting, during the open floor topic. Note
that added topics may be deferred until the following meeting.
-BEGIN PGP SIGNATURE-

iQGzBAEBCAAdFiEEhQqd0dvyrMxvxJSRRduFpWgobREFAmUUwvAACgkQRduFpWgo
bREnNAwAwL1y54HDQsOmji6JAOK1O5V5xNrCerJ8OcDDNZ/l5ozhbHnRn3qOqmHO
XRR6Arxu55Xpo9afaP2sPbIwxSb7XoK+SztEZpecn8kw6CyNIbNLl5RoiE8FCe5b
WDiA4WLODLPwE/BMvQU4zIPNDZkOCFpTA4SE6it1oMM2k33CYMoPcb+sQBryYoQQ
cYnxBJODiuI3pQGSvLIc59CXvDgjzV9Z6MwrngBFCWOAXCM0q7HLAT0gvR0jZObG
ICl4hUyyIigvrsNkUAmC8sNZZKoIa/+4xrRPAp1HhLI3wlr1vC6n+R3j2Bh/TUvg
8MRSBiCnV11C7BPaASuCznK/SwouVqnDbAciIHjrY3MuV104/yYUtwicITgBlb0Q
hc0aCastbYsvjUjnkGeNGfPV1o1i/BdY4XrpSX2gWgPaFRGjQobplAUf5r0xBsPh
mru3KNCPQa+aAPgbFxdripiR/hQzt1TBSBpBNAW6jutkPLwC8fvCZywCCO6wyE0L
y1yunFEe
=QJX1
-END PGP SIGNATURE-
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: i386 leaf report

[Fabio Valentini]

On Wed, Sep 27, 2023 at 11:32 PM Jerry James  wrote:
>
> Figuring out whether a given package is a leaf for i386 is a pain in
> the neck when done manually.  How about we have a computer figure it
> out for us?
>
> Those of you who run regular reports, what would it take to run a
> report every week or two that lists every package X such that:
> 1. X has no ExcludeArch field that expands to a value including "i386";
> 2. X has no ExclusiveArch field that expands to a value not including "i386";
>and
> 3. For every package Y that BuildRequires or Requires X or any of its
>subpackages:
>A. Y has an ExcludeArch field that expands to a value including "i386"; or
>B. Y has an ExclusiveArch field that expands to a value not including 
> "i386".
>
> Bonus points if the report can take a list of packages to exclude.
> That way, over time we can figure out which packages we really want to
> build for i386 and drop them from the report.  When the report lists 0
> packages, we have reached nirvana.
>
> I'm willing to put in some work to write such a report, but have no
> clue how to get started.  If someone can point me in the right
> direction, I can take a stab at it.

I've thought about doing something like this, but it's more difficult
to get right than it looks like at first glance.

Problem 1: You cannot rely on repository metadata. Since koji throws
away SRPMs from all architectures except for one random one,
architecture-specific BuildRequires are not reliably represented in
our repository metadata.
Problem 2: So long as noarch packages are also randomly scheduled to
sometimes be built on i686, all noarch packages also need to be
included in the analysis for what things need all their dependencies
available on i686.
Problem 3: Imagine a situation where a package that is still required
on i686 adds a new dependency on a package (and its dependency tree)
that has already been removed from i686. What needs to happen in this
case? Do we possibly need to handle bootstrap problems if too many
things are dropped?

- Problem 1 can be worked around by processing spec files directly
(ew), or by parsing buildroot information that is stored for all koji
builds (available via koji API).
- Problem 2 is, I think, being worked on by releng / fedora-infra, so
that in the future, it might be possible to exclude i686 builders when
scheduling noarch builds.
- Problem 3 might be too hard to solve, and might also not be a (big)
problem in the timeframe where we still need to care about i686
packages.

However, for parsing spec files, there's also the question of ...
which spec files need to be parsed?
Those committed into the rawhide branch? Those might not have been
built yet. Those from the SRPM associated with the last tagged koji
build? Not sure how feasible it is to get those efficiently.

Fabio
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Packaging guidelines - validation of AppStream metadata files

[Neal Gompa]

On Wed, Sep 27, 2023 at 5:41 PM Kevin Fenzi  wrote:
>
> On Wed, Sep 27, 2023 at 10:05:38AM -0400, Neal Gompa wrote:
> > On Wed, Sep 27, 2023 at 9:48 AM Richard Hughes  wrote:
> > >
> > > On Wed, 27 Sept 2023 at 13:23, Mattia Verga via devel
> > >  wrote:
> > > > Can't this script be moved to run in Openshift as cron-based?
> > >
> > > Yes! In fact, that's what I proposed about a decade ago when I wanted
> > > to include the data in the metadata like Debian does. I do think it
> > > should be managed by someone in the rel-eng/infra team rather than me.
> > >
> >
> > openSUSE and Mageia both do it this way too. If we move to running the
> > script in infra, we should just make the switch to appending it to the
> > repodata. When I helped Mageia set it up[1], we elected to compose it weekly
> > and re-append the results for every repo push until the appstream
> > repodata was regenerated.
> >
> > Also, our compose process *has* gotten faster over the past decade, so
> > we may be able to do this at compose-time now.
>
> Here's the old releng ticket about this (I think):
> https://pagure.io/releng/issue/5721
>
> In addition to appstream data, there's the screenshots.
>
> I agree much has changed and we should revisit how best to do this
> process.
>
> I'm not sure at all that it would be possible to do at compose-time...
> composes are taking around 3.5-4hours and thats after I have done
> a lot to speed them up, but might be worth some benchmarking
> to see how much slower it would be. If we are going to go that route, we
> should see if support could be added to pungi.
>
> Moving this from a package to in repodata would grow the repodata quite
> a lot right?
>

It's additional repodata files, files that are not even downloaded by
anything except PackageKit (currently). So the main repodata sizes
don't change.



-- 
真実はいつも一つ！/ Always, there's only one truth!
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Packaging guidelines - validation of AppStream metadata files

[Kevin Fenzi]

On Wed, Sep 27, 2023 at 10:05:38AM -0400, Neal Gompa wrote:
> On Wed, Sep 27, 2023 at 9:48 AM Richard Hughes  wrote:
> >
> > On Wed, 27 Sept 2023 at 13:23, Mattia Verga via devel
> >  wrote:
> > > Can't this script be moved to run in Openshift as cron-based?
> >
> > Yes! In fact, that's what I proposed about a decade ago when I wanted
> > to include the data in the metadata like Debian does. I do think it
> > should be managed by someone in the rel-eng/infra team rather than me.
> >
> 
> openSUSE and Mageia both do it this way too. If we move to running the
> script in infra, we should just make the switch to appending it to the
> repodata. When I helped Mageia set it up[1], we elected to compose it weekly
> and re-append the results for every repo push until the appstream
> repodata was regenerated.
> 
> Also, our compose process *has* gotten faster over the past decade, so
> we may be able to do this at compose-time now.

Here's the old releng ticket about this (I think):
https://pagure.io/releng/issue/5721

In addition to appstream data, there's the screenshots.

I agree much has changed and we should revisit how best to do this
process. 

I'm not sure at all that it would be possible to do at compose-time...
composes are taking around 3.5-4hours and thats after I have done
a lot to speed them up, but might be worth some benchmarking
to see how much slower it would be. If we are going to go that route, we
should see if support could be added to pungi.

Moving this from a package to in repodata would grow the repodata quite
a lot right?

kevin


signature.asc
Description: PGP signature
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

i386 leaf report

[Jerry James]

Figuring out whether a given package is a leaf for i386 is a pain in
the neck when done manually.  How about we have a computer figure it
out for us?

Those of you who run regular reports, what would it take to run a
report every week or two that lists every package X such that:
1. X has no ExcludeArch field that expands to a value including "i386";
2. X has no ExclusiveArch field that expands to a value not including "i386";
   and
3. For every package Y that BuildRequires or Requires X or any of its
   subpackages:
   A. Y has an ExcludeArch field that expands to a value including "i386"; or
   B. Y has an ExclusiveArch field that expands to a value not including "i386".

Bonus points if the report can take a list of packages to exclude.
That way, over time we can figure out which packages we really want to
build for i386 and drop them from the report.  When the report lists 0
packages, we have reached nirvana.

I'm willing to put in some work to write such a report, but have no
clue how to get started.  If someone can point me in the right
direction, I can take a stab at it.
-- 
Jerry James
http://www.jamezone.org/
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2241058] New: perl-Math-BigInt-1.999842 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2241058

Bug ID: 2241058
   Summary: perl-Math-BigInt-1.999842 is available
   Product: Fedora
   Version: rawhide
Status: NEW
 Component: perl-Math-BigInt
  Keywords: FutureFeature, Triaged
  Assignee: jples...@redhat.com
  Reporter: upstream-release-monitor...@fedoraproject.org
QA Contact: extras...@fedoraproject.org
CC: jples...@redhat.com, mspa...@redhat.com,
perl-devel@lists.fedoraproject.org, ppi...@redhat.com
  Target Milestone: ---
Classification: Fedora



Releases retrieved: 1.999842
Upstream release that is considered latest: 1.999842
Current version/release in rawhide: 1.9998.41-1.fc40
URL: https://metacpan.org/dist/Math-BigInt/

Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at:
https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_Monitoring


Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.


Based on the information from Anitya:
https://release-monitoring.org/project/7954/


To change the monitoring settings for the project, please visit:
https://src.fedoraproject.org/rpms/perl-Math-BigInt


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2241058

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202241058%23c0
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Self Introduction: Alberto Faria

[Fabio Valentini]

On Wed, Sep 27, 2023 at 5:51 PM Alberto Faria  wrote:
>
> Hi, everyone!
>
> My name is Alberto Faria and I'm a software engineer from Portugal,
> working at Red Hat. I plan on maintaining the libblkio package, to
> which I've contributed a bunch over the last year and a half.

Welcome!
Let me know if you have any Rust-packaging-specific questions.

Fabio
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Dulaney]

On Sep 27, 2023 aig 11:56:01AM +0200, sgrìobh Miro Hrončok:
> Hello packagers,
> here is the list of packages that still need a Python 3.12 rebuild for Fedora 
> 39+.
>

supervisor in fedora 39 is 4.2.2 but the version that supports python
3.12 is 4.2.5.  I filed Bug 2239529 about this and have received no
response.  The package does not run at all under python 3.12 and if
the maintainer will not update it it should probably be orphaned.

--
Tapadh leabh,
Mairi Dulaney.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: spec file with aarch64 specific Fortran build flags

[Tulio Magno Quites Machado Filho]

Sébastien Le Roux  writes:

> Dear all,
> in the past weeks the updates of GCC for both Fedora and Debian have 
> introduce few identical Fortran modifications:
>
> fortran/108961
> fortran/109684
> fortran/110825
>
> As a result my I cannot build the RPM package (nor the Debian package) 
> for my program 'atomes' anymore,
> because the ARM 64 build failed with the same error related to an OpenMP 
> instruction in a Fortran file.

I reproduced this error and it looks like a compiler bug:

fortran/spherical.F90: In function ‘plegendre_’:
fortran/spherical.F90:345:12: warning: ‘pll’ may be used uninitialized 
[-Wmaybe-uninitialized]
  345 | END FUNCTION
  |^
fortran/spherical.F90:307:40: note: ‘pll’ was declared here
  307 |   DOUBLE PRECISION :: fact, oldfact, pll, pmm, pmmp1, omx2
  |^
fortran/spherical.F90: In function ‘sphericals_._omp_fn.1’:
fortran/spherical.F90:179:36: error: unrecognizable insn:
  179 |   !$OMP DO SCHEDULE(STATIC,NS/NUMTH)
  |^
(insn 1295 924 926 20 (parallel [
(set (reg:DI 24 x24)
(zero_extend:DI (mem/c:SI (plus:DI (reg/f:DI 29 x29)
(const_int -260 [0xfefc])) [29 
%sfp+-260 S4 A32])))
(set (reg:DI 7 x7)
(zero_extend:DI (mem/c:SI (plus:DI (reg/f:DI 29 x29)
(const_int -256 [0xff00])) [29 
%sfp+-256 S4 A32])))
]) "fortran/spherical.F90":184:35 -1
 (nil))
*** WARNING *** there are active plugins, do not report this as a bug unless 
you can reproduce it without enabling any plugins.
Event| Plugins
PLUGIN_FINISH_UNIT   | annobin: Generate final annotations
PLUGIN_START_UNIT| annobin: Generate global annotations
PLUGIN_ALL_PASSES_START  | annobin: Generate per-function annotations
PLUGIN_ALL_PASSES_END| annobin: Register per-function end symbols
during RTL pass: cprop_hardreg
fortran/spherical.F90:179:36: internal compiler error: in extract_insn, at 
recog.cc:2791
Please submit a full bug report, with preprocessed source.
See  for instructions.
make[2]: *** [Makefile:1230: fortran/spherical.o] Error 1
make[2]: Leaving directory '/builddir/build/BUILD/Atomes-GNU-1.1.12/src'
make[2]: *** Waiting for unfinished jobs
make[2]: Entering directory
'/builddir/build/BUILD/Atomes-GNU-1.1.12/src'


Have you already reported this issue upstream?

> It was pointed out to me that the build succeed changing the -'O2' 
> option of the Fortran FLAGS by '-O1'.
>
> Following this :
>
> https://fedoraproject.org/wiki/Changes/RPMMacrosForBuildFlags

After a discussion in this mailing list there was an agreement to
restrict the scope of this change and use different names.
Now, the packages can't use _pkg_extra_* anymore.


-- 
Tulio Magno
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: -Werror=implicit-int -Werror=implicit-function-declaration coming to rawhide

[Michael Catanzaro]

On Wed, Sep 27 2023 at 12:52:17 PM -0400, Carlos O'Donell 
 wrote:
You have 5 years of excellent documentation by Florian and others to 
catch up on! :-)


Random compliment: this documentation is indeed quite good.

Upstream freedesktop-sdk and GNOME build flags are based on Fedora's 
because these docs clearly explain what every flag does and why it's 
wanted.


Michael

___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Intention to tighten RPM crypto-policy back

[Alexander Sosedkin]

On Tue, Sep 19, 2023 at 11:19 AM Alexander Sosedkin
 wrote:
>
> Hello,
>
> 6 months ago, there's been a F38 blocker: https://pagure.io/fesco/issue/2960
> Long story short:
> RPM has moved to sequoia,
> sequoia has started respecting crypto-policies,
> Google repos have been signed with a 1024-bit DSA key,
> Google Chrome was not installable => F38 blocker.
> Back at the time, it's been hastily "resolved"
> by relaxing RPM security through crypto-policies
> just enough to tolerate that Google signature:
> https://bugzilla.redhat.com/show_bug.cgi?id=2170878
> https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/merge_requests/129
>
> Since then it has been brought to my attention that
> Google has now added a 4096 bit RSA key
> https://www.google.com/linuxrepositories/
> (EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796)
>
> Because of that, I'd like to revert that RPM policy relaxation
> https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/a12f7b20638be8f872ad1995c7d2edce41c227b5
> in (f39) rawhide and align RPM security with the rest of the policy.
>
> Thoughts / feedback?

OK, I've messed up.

Clemens Lang has kindly pointed me at a flaw in my testing.
Basically, nothing is as rosy as I've previously shown
because of SHA-1 signatures in the keys.
In fact, even Chrome can't be installed with the change properly reverted.
Guess I'll have to shelve the wide discussion for a while, we aren't ready. =(

Sorry for taking your time.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: -Werror=implicit-int -Werror=implicit-function-declaration coming to rawhide

[Stephen Gallagher]

On Wed, Sep 27, 2023 at 12:59 PM Ron Olson  wrote:
>
> I mean this sincerely: Where is the excellent documentation? I admit that 
> I’ve been frustrated that web searches leads me all over the place, sometimes 
> the documentation is obsolete, or it’s someone’s blog post, etc. I’ve been 
> surprised again and again there’s a macro for this or that which could have 
> made the job much easier, but I had no idea until I asked here or in IRC.
>

The documentation he's referring to is the
https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/rawhide/f/buildflags.md

Indeed, we probably should figure out a way to make that link more
prominent on the Packaging Guidelines pages, though.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: -Werror=implicit-int -Werror=implicit-function-declaration coming to rawhide

[Ron Olson]

I mean this sincerely: Where is the excellent documentation? I admit 
that I’ve been frustrated that web searches leads me all over the 
place, sometimes the documentation is obsolete, or it’s someone’s 
blog post, etc. I’ve been surprised again and again there’s a macro 
for this or that which could have made the job much easier, but I had no 
idea until I asked here or in IRC.


On 27 Sep 2023, at 11:52, Carlos O'Donell wrote:


On 9/27/23 12:47, Richard W.M. Jones wrote:

On Wed, Sep 27, 2023 at 11:22:04AM -0500, Ron Olson wrote:
This is the first time I’ve heard of buildflags.md; where might I 
find this

file?


$ ls -l -h /usr/share/doc/redhat-rpm-config/buildflags.md
-rw-r--r--. 1 root root 28K Feb 28  2023 
/usr/share/doc/redhat-rpm-config/buildflags.md


(part of the redhat-rpm-config package)

I didn't know it existed either :-)


You have 5 years of excellent documentation by Florian and others to 
catch up on! :-)


--
Cheers,
Carlos.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: 
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: -Werror=implicit-int -Werror=implicit-function-declaration coming to rawhide

[Carlos O'Donell]

On 9/27/23 12:47, Richard W.M. Jones wrote:
> On Wed, Sep 27, 2023 at 11:22:04AM -0500, Ron Olson wrote:
>> This is the first time I’ve heard of buildflags.md; where might I find this
>> file?
> 
> $ ls -l -h /usr/share/doc/redhat-rpm-config/buildflags.md
> -rw-r--r--. 1 root root 28K Feb 28  2023 
> /usr/share/doc/redhat-rpm-config/buildflags.md
> 
> (part of the redhat-rpm-config package)
> 
> I didn't know it existed either :-)

You have 5 years of excellent documentation by Florian and others to catch up 
on! :-)

-- 
Cheers,
Carlos.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: F39 Change Proposal: Allow Removal of tzdata (System-Wide)

[Carlos O'Donell]

On 9/27/23 04:43, Peter Robinson wrote:
> On Wed, Sep 27, 2023 at 6:24 AM Remi Collet  wrote:
>>
>> Le 26/09/2023 à 19:32, Carlos O'Donell a écrit :
>>
 In version 8.3 (F40) we'll includes the UTC definition
 in our patch to use system tzdata, UTC being use
 as the fallback value.
>>>
>>> I'm curious; what does this patch look like?
>>
>> (trivial) patch to our system tzdata patch attached
>>
>> In short, if file is missing use bundled content
>>
>> Full patch for PHP 8.3:
>> https://git.remirepo.net/cgit/rpms/scl-php83/php.git/plain/php-8.3.0-systzdata-v24.patch
>>
>> Remi
>>
>>
>> P.S. IMHO, allowing removal of tzdata for PHP doesn't make any sense
>> as most app will fail badly (runtime exception) because of missing
>> TZ when upstream use a bundle copy of the full database, so this can
>> never happen, so this will create another RPM specific problem
> 
> Can't you just explicitly require tzdata?

I agree, if PHP requires tzdata then please add "Requires: tzdata"

With any kind of minimization work where we split up the packages we are going 
to
find implicit dependencies that should be made explicit. It is perfectly OK to
require tzdata from PHP if that's what is needed for your users, and you know
your users best.

-- 
Cheers,
Carlos.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Self Introduction: Alberto Faria

[Richard W.M. Jones]

On Wed, Sep 27, 2023 at 04:50:02PM +0100, Alberto Faria wrote:
> Hi, everyone!
> 
> My name is Alberto Faria and I'm a software engineer from Portugal,
> working at Red Hat. I plan on maintaining the libblkio package, to
> which I've contributed a bunch over the last year and a half.

Welcome to Fedora, Alberto.

As we discussed off list I'll be your sponsor into the packagers group.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: -Werror=implicit-int -Werror=implicit-function-declaration coming to rawhide

[Richard W.M. Jones]

On Wed, Sep 27, 2023 at 11:22:04AM -0500, Ron Olson wrote:
> This is the first time I’ve heard of buildflags.md; where might I find this
> file?

$ ls -l -h /usr/share/doc/redhat-rpm-config/buildflags.md
-rw-r--r--. 1 root root 28K Feb 28  2023 
/usr/share/doc/redhat-rpm-config/buildflags.md

(part of the redhat-rpm-config package)

I didn't know it existed either :-)

Rich.

> On 26 Sep 2023, at 12:21, Florian Weimer wrote:
> 
> redhat-rpm-config-267-1.fc40 activates the first phase of compiler flags
> to avoid regressions in the Fedora C99 port. Implicit ints and implicit
> function declarations will be rejected by default. The recommended way
> to opt out is to set %build_type_safety_c to 0. See the buildflags.md
> documentation.
> 
> I tried very hard to bring the number of build failures to 0, but in the
> end, every time I got close, some other package popped up that failed to
> build. So I have now made the switch in the knowledge that some
> packages will still fail to build.
> 
> The discussion regarding this topic at the GNU Tools Cauldron last
> weekend was quite positive, and it is likely that GCC 14 will make a
> similar change by default.
> 
> Thanks,
> Florian
> 
> 
> ━━━
>
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/
> code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/
> devel@lists.fedoraproject.org
> Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/
> new_issue
> 

> ___
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct: 
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: 
> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> Do not reply to spam, report it: 
> https://pagure.io/fedora-infrastructure/new_issue


-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
nbdkit - Flexible, fast NBD server with plugins
https://gitlab.com/nbdkit/nbdkit
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: -Werror=implicit-int -Werror=implicit-function-declaration coming to rawhide

[Carlos O'Donell]

On 9/27/23 12:22, Ron Olson wrote:
> This is the first time I’ve heard of buildflags.md; where might I find this 
> file?

It is distributed with redhat-rpm-config as part of the documentation of build 
flags.

You can see the rawhide version here:
https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/rawhide/f/buildflags.md

-- 
Cheers,
Carlos.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2241007] New: perl-HTTP-Message-6.45 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2241007

Bug ID: 2241007
   Summary: perl-HTTP-Message-6.45 is available
   Product: Fedora
   Version: rawhide
Status: NEW
 Component: perl-HTTP-Message
  Keywords: FutureFeature, Triaged
  Assignee: mspa...@redhat.com
  Reporter: upstream-release-monitor...@fedoraproject.org
QA Contact: extras...@fedoraproject.org
CC: mspa...@redhat.com,
perl-devel@lists.fedoraproject.org, ppi...@redhat.com
  Target Milestone: ---
Classification: Fedora



Releases retrieved: 6.45
Upstream release that is considered latest: 6.45
Current version/release in rawhide: 6.44-3.fc39
URL: http://search.cpan.org/dist/HTTP-Message/

Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at:
https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_Monitoring


Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.


Based on the information from Anitya:
https://release-monitoring.org/project/2977/


To change the monitoring settings for the project, please visit:
https://src.fedoraproject.org/rpms/perl-HTTP-Message


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2241007

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202241007%23c0
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: -Werror=implicit-int -Werror=implicit-function-declaration coming to rawhide

[Ron Olson]

This is the first time I’ve heard of buildflags.md; where might I find 
this file?


On 26 Sep 2023, at 12:21, Florian Weimer wrote:

redhat-rpm-config-267-1.fc40 activates the first phase of compiler 
flags
to avoid regressions in the Fedora C99 port.  Implicit ints and 
implicit
function declarations will be rejected by default.  The recommended 
way

to opt out is to set %build_type_safety_c to 0.  See the buildflags.md
documentation.

I tried very hard to bring the number of build failures to 0, but in 
the
end, every time I got close, some other package popped up that failed 
to

build.  So I have now made the switch in the knowledge that some
packages will still fail to build.

The discussion regarding this topic at the GNU Tools Cauldron last
weekend was quite positive, and it is likely that GCC 14 will make a
similar change by default.

Thanks,
Florian
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: 
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Adam Williamson]

On Wed, 2023-09-27 at 09:48 -0500, Ian Pilcher wrote:
> On 9/27/23 04:56, Miro Hrončok wrote:
> > fail2ban
> > 
> > https://bugzilla.redhat.com/2219991
> > https://github.com/fail2ban/fail2ban/issues/3487
> > Bugzilla ASSIGNED 2 months ago, no update since.
> > Maintainers NEEDINFOed last week.
> 
> With my system/network administrator hat on, this one is really
> concerning.  After reading the upstream issue, it doesn't seem that
> there's much chance of this being fixed any time soon.
> 
> Is there anything in Fedora that provides similar functionality?  (I've
> looked, but come up empty thus far.)

Could we possibly just vendor the old async stuff into fail2ban for now
to keep it usable until upstream manages to rewrite everything? I agree
that we should really try to avoid this dying, it does seem to be
fairly commonly used by enthusiast sysadmins.
-- 
Adam Williamson (he/him/his)
Fedora QA
Fedora Chat: @adamwill:fedora.im | Mastodon: @ad...@fosstodon.org
https://www.happyassassin.net



___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Self Introduction: Alberto Faria

[Alberto Faria]

Hi, everyone!

My name is Alberto Faria and I'm a software engineer from Portugal,
working at Red Hat. I plan on maintaining the libblkio package, to
which I've contributed a bunch over the last year and a half.

Regards,
Alberto
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Tomasz Torcz]

On Wed, Sep 27, 2023 at 09:48:04AM -0500, Ian Pilcher wrote:
> On 9/27/23 04:56, Miro Hrončok wrote:
> > fail2ban
> > 
> > https://bugzilla.redhat.com/2219991
> > https://github.com/fail2ban/fail2ban/issues/3487
> 
> With my system/network administrator hat on, this one is really
> concerning.  After reading the upstream issue, it doesn't seem that
> there's much chance of this being fixed any time soon.
> 
> Is there anything in Fedora that provides similar functionality?  (I've
> looked, but come up empty thus far.)

  Check `sshguard`. Despite the name, it also parses logs for few mail
and FTP (sic) daemons.


-- 
Tomasz   .. oo o.   oo o. .o   .o o. o. oo o.   ..
Torcz.. .o .o   .o .o oo   oo .o .. .. oo   oo
o.o.o.   .o .. o.   o. o. o.   o. o. oo .. ..   o.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Ian Pilcher]

On 9/27/23 04:56, Miro Hrončok wrote:

fail2ban

https://bugzilla.redhat.com/2219991
https://github.com/fail2ban/fail2ban/issues/3487
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainers NEEDINFOed last week.


With my system/network administrator hat on, this one is really
concerning.  After reading the upstream issue, it doesn't seem that
there's much chance of this being fixed any time soon.

Is there anything in Fedora that provides similar functionality?  (I've
looked, but come up empty thus far.)

--

Google  Where SkyNet meets Idiocracy

___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: %pyproject_save_files license handlers

[Miro Hrončok]

On 19. 08. 23 23:57, Maxwell G wrote:

On Sat Aug 19, 2023 at 22:13 +0200, Miro Hrončok wrote:

On 19. 08. 23 19:44, Maxwell G wrote:

Hi Pythonistas,

%pyproject_save_files automatically handles marking license files
with %license when a build backend installs them into a package's
dist-info directory and the License-File header is specified in the
METADATA file. Currently, only setuptools and hatchling meet this
criteria. Notably, poetry and flit do not support this. They will
install license texts into the dist-info directory, but they do not add
the License-File metadata. The License-File tag is not standardized, and
discussion on PEP 639 which defines this standard has stalled. I believe
relying on this feature is a problem, as if a project changes build
systems or some other config and a packager doesn't realize, suddenly
the license file won't be marked with %license or even worse, not
installed at all. Since the pyproject macros read the build backend from
pyproject.toml without packagers having to manually specify anything
(which is generally great!), this situation seems likely to occur.

Until these issues are resolved, I propose banning this in Fedora and
requiring packagers to manually mark files with %license or at least
adding a large warning to the Packaging Guidelines. It can be similar to
the `'*' +auto` flags which are used by pyp2spec for automatic PyPI
builds in Copr but not allowed in Fedora proper.
What do y'all think? Am I missing something?


Hey. Alternatively to banning this: what if we make %pyproject_save_files fail
without a license? Obviously, that would be a breaking change, so it could be
opt-in first.

%pyproject_save_files -l ...

When used like this, no License-File header would result in an error.




We could introduce a reverse flag -L (don't fail without a license), and have a
discussion about changing the default later.

The guidelines could than say something like: If there is a license file you
MUST do one of the following when using %pyproject_save_files:

   1) use -l and don't list it in %files explicitly
   2) use -L and list it in %files explicitly

That way, we ensure the license is packaged (and marked as %license) while not
reducing automation.



I like -l flag idea, but I don't think we can make it fail by default
for the foreseeable future, given the status of PEP 639 and build system
adoption.
We could use a heuristic (such as a hardcoded list of globs) to match
license files in dist-info directories if License-File doesn't exist,
but I'm not sure that's the best idea.
I'm hesitant about adding a noop -L flag until we actually have a
plan/criteria on when to start enforcing -l, but I don't feel strongly.


I've drafted the implementation:

https://src.fedoraproject.org/rpms/pyproject-rpm-macros/pull-request/422

The -l flag asserts at least 1 License-File is present.
The -L flag disables the assert (i.e. it does nothing).

I was considering the idea that the -L flag would assert no License-File was 
found, but I don't think that will be that useful.


--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
python-devel mailing list -- python-devel@lists.fedoraproject.org
To unsubscribe send an email to python-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Fedora 39 compose report: 20230927.n.0 changes

[Fedora Branched Report]

OLD: Fedora-39-20230926.n.1
NEW: Fedora-39-20230927.n.0

= SUMMARY =
Added images:1
Dropped images:  1
Added packages:  0
Dropped packages:61
Upgraded packages:   56
Downgraded packages: 0

Size of added packages:  0 B
Size of dropped packages:414.10 MiB
Size of upgraded packages:   849.24 MiB
Size of downgraded packages: 0 B

Size change of upgraded packages:   6.36 MiB
Size change of downgraded packages: 0 B

= ADDED IMAGES =
Image: Workstation live aarch64
Path: 
Workstation/aarch64/iso/Fedora-Workstation-Live-aarch64-39-20230927.n.0.iso

= DROPPED IMAGES =
Image: i3 live aarch64
Path: Spins/aarch64/iso/Fedora-i3-Live-aarch64-39-20230926.n.1.iso

= ADDED PACKAGES =

= DROPPED PACKAGES =
Package: RBTools-4.0-4.fc39
Summary: Tools for use with ReviewBoard
RPMs:RBTools
Size:902.64 KiB

Package: andriller-3.3.1-9.fc38
Summary: Android Forensic Tools
RPMs:andriller
Size:184.90 KiB

Package: androwarn-1.6.1-14.fc39
Summary: Static code analyzer for malicious Android applications
RPMs:androwarn
Size:201.98 KiB

Package: brd-1.0-24.fc38
Summary: Scans directories and files for damage due to decay of storage medium
RPMs:brd
Size:34.75 KiB

Package: btest-0.57-16.fc38
Summary: A Simple Driver for Basic Unit Tests
RPMs:btest
Size:49.17 KiB

Package: eric-20.1-12.fc38
Summary: Python IDE
RPMs:eric
Size:15.30 MiB

Package: fedora-gather-easyfix-0.2.1-90.fc38
Summary: Gather easyfix tickets across fedorahosted projects
RPMs:fedora-gather-easyfix
Size:122.45 KiB

Package: golang-github-alicebob-miniredis-2.14.5-7.fc39
Summary: Pure Go Redis server for Go unittests
RPMs:compat-golang-github-alicebob-miniredis-2-devel 
golang-github-alicebob-miniredis-devel
Size:112.10 KiB

Package: libssh2-python-0.7.1-35.fc38
Summary: Python binding for the libssh2 library
RPMs:python3-libssh2
Size:149.72 KiB

Package: php-ocramius-generated-hydrator-4.1.0-4.fc38
Summary: An object hydrator
RPMs:php-ocramius-generated-hydrator
Size:19.66 KiB

Package: php-symfony4-4.4.47-1.fc38
Summary: Symfony PHP framework (version 4)
RPMs:php-symfony4 php-symfony4-asset php-symfony4-browser-kit 
php-symfony4-cache php-symfony4-common php-symfony4-config php-symfony4-console 
php-symfony4-css-selector php-symfony4-debug php-symfony4-debug-bundle 
php-symfony4-dependency-injection php-symfony4-doctrine-bridge 
php-symfony4-dom-crawler php-symfony4-dotenv php-symfony4-error-handler 
php-symfony4-event-dispatcher php-symfony4-expression-language 
php-symfony4-filesystem php-symfony4-finder php-symfony4-form 
php-symfony4-framework-bundle php-symfony4-http-client 
php-symfony4-http-foundation php-symfony4-http-kernel php-symfony4-inflector 
php-symfony4-intl php-symfony4-ldap php-symfony4-lock php-symfony4-mailer 
php-symfony4-messenger php-symfony4-mime php-symfony4-monolog-bridge 
php-symfony4-options-resolver php-symfony4-phpunit-bridge php-symfony4-process 
php-symfony4-property-access php-symfony4-property-info 
php-symfony4-proxy-manager-bridge php-symfony4-routing php-symfony4-security 
php-symfony4-security-bundle php-symfony4-serializer php-symfony4-stopwatch 
php-symfony4-templating php-symfony4-translation php-symfony4-twig-bridge 
php-symfony4-twig-bundle php-symfony4-validator php-symfony4-var-dumper 
php-symfony4-var-exporter php-symfony4-web-link 
php-symfony4-web-profiler-bundle php-symfony4-web-server-bundle 
php-symfony4-workflow php-symfony4-yaml
Size:5.42 MiB

Package: pico-wizard-0.1.0^git20220929.934dbcf-4.fc39
Summary: Post-installation configuration wizard
RPMs:pico-wizard
Size:155.37 KiB

Package: pyflowtools-0.3.4.2-14.fc38
Summary: An interface to OSU FlowTools
RPMs:pyflowtools
Size:111.64 KiB

Package: pyftpdlib-1.5.7-1.fc38
Summary: Extremely fast and scalable Python FTP server library
RPMs:python3-pyftpdlib
Size:194.15 KiB

Package: python-acora-2.2-14.fc38
Summary: A Python multi-keyword text search engine
RPMs:python3-acora
Size:570.90 KiB

Package: python-adext-0.3-10.fc39
Summary: Python module to extend AlarmDecoder module
RPMs:python3-adext
Size:13.56 KiB

Package: python-aiozeroconf-0.1.8-15.fc38
Summary: An asyncio/pure Python implementation of mDNS service discovery
RPMs:python3-aiozeroconf
Size:74.56 KiB

Package: python-airthings-3.2.0-10.fc39
Summary: Fetch sensor measurements from Airthings devices
RPMs:python3-airthings
Size:54.99 KiB

Package: python-alarmdecoder-1.13.9-8.fc38
Summary: Python interface for the AlarmDecoder (AD2) devices
RPMs:python3-alarmdecoder
Size:117.39 KiB

Package: python-ansible-pygments-0.1.1-4.fc38
Summary: Provides Pygments highlighter for Ansible output for use in Sphinx
RPMs:python3-ansible-pygments
Size:19.42 KiB

Package: python-btlewrap-0.1.0-8.fc38
Summary: Wrapper around different bluetooth low energy backends
RPMs:python3-btlewrap
Size:36.09

[Bug 2232304] RFE: epel9 branch of perl-Mozilla-PublicSuffix

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Fedora Update System  changed:

   What|Removed |Added

 Status|ASSIGNED|MODIFIED



--- Comment #4 from Fedora Update System  ---
FEDORA-EPEL-2023-d37fd7d349 has been submitted as an update to Fedora EPEL 9.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-d37fd7d349


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202232304%23c4
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Packaging guidelines - validation of AppStream metadata files

[Neal Gompa]

On Wed, Sep 27, 2023 at 9:48 AM Richard Hughes  wrote:
>
> On Wed, 27 Sept 2023 at 13:23, Mattia Verga via devel
>  wrote:
> > Can't this script be moved to run in Openshift as cron-based?
>
> Yes! In fact, that's what I proposed about a decade ago when I wanted
> to include the data in the metadata like Debian does. I do think it
> should be managed by someone in the rel-eng/infra team rather than me.
>

openSUSE and Mageia both do it this way too. If we move to running the
script in infra, we should just make the switch to appending it to the
repodata. When I helped Mageia set it up[1], we elected to compose it weekly
and re-append the results for every repo push until the appstream
repodata was regenerated.

Also, our compose process *has* gotten faster over the past decade, so
we may be able to do this at compose-time now.

[1]: https://bugs.mageia.org/show_bug.cgi?id=18669








--
真実はいつも一つ！/ Always, there's only one truth!
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Miro Hrončok]

On 27. 09. 23 15:58, Zbigniew Jędrzejewski-Szmek wrote:

On Wed, Sep 27, 2023 at 11:56:01AM +0200, Miro Hrončok wrote:

Hello packagers,
here is the list of packages that still need a Python 3.12 rebuild for Fedora 
39+.



zbyszekpython-igor


I retired it now in f39 and rawhide. The first attempt failed halfway
because I didn't have a valid token. I repeated the 'fedpkg retire …' command,
but I'm not sure if the state got updated correctly.


Thanks.
The failed token failure is not real. It only fails to disable monitoring.
What matters is the dead.package file dist git.

See https://pagure.io/fedpkg/issue/505 (opened 6 months ago).

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Miro Hrončok]

On 27. 09. 23 15:58, Zbigniew Jędrzejewski-Szmek wrote:

On Wed, Sep 27, 2023 at 11:56:01AM +0200, Miro Hrončok wrote:

Hello packagers,
here is the list of packages that still need a Python 3.12 rebuild for Fedora 
39+.



zbyszekpython-igor


I retired it now in f39 and rawhide. The first attempt failed halfway
because I didn't have a valid token. I repeated the 'fedpkg retire …' command,
but I'm not sure if the state got updated correctly.


Thanks.
The failed token failure is not real. It only fails to disable monitoring.
What matters is the dead.package file dist git.

See https://pagure.io/fedpkg/issue/505 (opened 6 months ago).

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
python-devel mailing list -- python-devel@lists.fedoraproject.org
To unsubscribe send an email to python-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Zbigniew Jędrzejewski-Szmek]

On Wed, Sep 27, 2023 at 11:56:01AM +0200, Miro Hrončok wrote:
> Hello packagers,
> here is the list of packages that still need a Python 3.12 rebuild for Fedora 
> 39+.

> zbyszekpython-igor

I retired it now in f39 and rawhide. The first attempt failed halfway
because I didn't have a valid token. I repeated the 'fedpkg retire …' command,
but I'm not sure if the state got updated correctly.

Zbyszek
___
python-devel mailing list -- python-devel@lists.fedoraproject.org
To unsubscribe send an email to python-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Zbigniew Jędrzejewski-Szmek]

On Wed, Sep 27, 2023 at 11:56:01AM +0200, Miro Hrončok wrote:
> Hello packagers,
> here is the list of packages that still need a Python 3.12 rebuild for Fedora 
> 39+.

> zbyszekpython-igor

I retired it now in f39 and rawhide. The first attempt failed halfway
because I didn't have a valid token. I repeated the 'fedpkg retire …' command,
but I'm not sure if the state got updated correctly.

Zbyszek
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Miro Hrončok]

Hello packagers,
here is the list of packages that still need a Python 3.12 rebuild for Fedora 
39+.

Packages on this list have broken dependencies and hence the users of Fedora 
Linux 39+ cannot install them at all.
Moreover, users of Fedora Linux 37 or 38 with the listed packages installed are 
unable to upgrade to Fedora Linux 39+.


We need to either rebuild those packages in Fedora Linux 39+ or retire+obsolete 
them to clear the upgrade path. Package retirement is not a "punishment" for 
not fixing the package, it is merely a way to allow our users to upgrade.
When a retired package is fixed after Fedora Linux 39 final release, it can be 
added back to the distribution.


The Fedora 39 Final Freeze starts on 2023-10-03 14:00 UTC -- that leaves only 6 
days to push updates via Bodhi, meaning they will not be autopushed in time.


Please, if you are planning to fix the packages, set low karma limits and ask 
another packager to test it and add karma.
Request freeze exceptions when needed: 
https://qa.fedoraproject.org/blockerbugs/propose_bug


I plan to propose "mass" retirement of the remaining packages without a 
requested freeze exception and a clear path forward a couple days after the 
freeze starts, so we have time to ship an updated fedora-obsolete-packages.


Packages broken in Rawhide by maintainer:
atkac  fail2ban
cottsaypython-bloom
dcavalca   python-mathics3 python-mathicsscript
echevemaster python-protego
hobbes1069 fail2ban freecad python-pyside2
jcaratzas  python-logutils
jkastner   freecad
luya   openshadinglanguage
matyas condor
music  openshadinglanguage
orion  fail2ban
qulogicpython-geomet
rebus  dionaea python-smbpasswd
rmattespython-bloom
salimmapython-rust-update-set
sdyroffpython-ansi
slaanesh   openshadinglanguage
tmzfail2ban
ttheisen   condor
valtri condor
zbyszekpython-igor

Details:

condor
==
https://bugzilla.redhat.com/2172684
Bugzilla ASSIGNED half a year ago, no update since.
Maintainer NEEDINFOed today.
Seems to a problem with Boost since Fedora 38.

dionaea
===
https://bugzilla.redhat.com/2219972
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

fail2ban

https://bugzilla.redhat.com/2219991
https://github.com/fail2ban/fail2ban/issues/3487
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainers NEEDINFOed last week.

freecad
===
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.
Blocked on pyside2.

openshadinglanguage
===
https://bugzilla.redhat.com/2220055
Seems to be actively progressing, blocked on this clang15 PR:
https://src.fedoraproject.org/rpms/clang15/pull-request/1

python-ansi
===
https://bugzilla.redhat.com/2220110
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainers NEEDINFOed last week.
The fix of FTBFS is trivial (BR python3-setuptools, as described in 
https://bugzilla.redhat.com/2155030 in December 2022).
However, package has no %check, so I am reluctant to fix it myself, not knowing 
if it even works.


python-bloom

https://bugzilla.redhat.com/2220133
Maintainer said to retire it last week.

python-geomet
=
https://bugzilla.redhat.com/2220250
https://github.com/geomet/geomet/issues/92
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-igor
===
https://bugzilla.redhat.com/2220275
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-logutils
===
https://bugzilla.redhat.com/2220313
https://src.fedoraproject.org/rpms/python-logutils/pull-request/2
PR opened a month ago, no progress since.
New maintainer NEEDINFOed this week.

python-mathics3
===
https://bugzilla.redhat.com/2220323
https://src.fedoraproject.org/rpms/python-mathics3/pull-request/2 (still fails)
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-mathicsscript

https://bugzilla.redhat.com/2220324
Depends on mathics3
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-protego
==
https://bugzilla.redhat.com/2240746
Built in Fedora 39 only (the f39 branch is ahead of rawhide).
I'd normally just go ahead and merge the branches myself,
but the "fix" was to remove all the tests and add redundant manual Requires,
so I am reluctant to do that.

python-pyside2
==
https://bugzilla.redhat.com/2155447
https://bugzilla.redhat.com/2220452
https://bugreports.qt.io/browse/PYSIDE-2388 (WONTFIX)
Upstream no longer cares about this pyside2 version.
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-rust-update-set
==
https://bugzilla.redhat.com/2220488
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-smbpasswd

https://bugzilla.redhat.com/2154979
Bugzilla ASSIGNED 8 months 

Re: Packaging guidelines - validation of AppStream metadata files

[Richard Hughes]

On Wed, 27 Sept 2023 at 13:23, Mattia Verga via devel
 wrote:
> Can't this script be moved to run in Openshift as cron-based?

Yes! In fact, that's what I proposed about a decade ago when I wanted
to include the data in the metadata like Debian does. I do think it
should be managed by someone in the rel-eng/infra team rather than me.

> like the Package Review Status app, although the storage requirements
> are totally different (but, maybe, there's a way to avoid cloning the
> mirror "locally" in Openshift and use a network mounted directory?).

I'm sure someone could hook up an openshift instance to the SAN we
store the archive on -- but that obviously needs to be someone in
[internal?] IT.

Richard.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2232304] RFE: epel9 branch of perl-Mozilla-PublicSuffix

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2232304



--- Comment #3 from Paul Howarth  ---
Branch requests:
perl-Mozilla-PublicSuffix:
https://pagure.io/releng/fedora-scm-requests/issue/56582
perl-HTTP-CookieJar:  
https://pagure.io/releng/fedora-scm-requests/issue/56583


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202232304%23c3
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2232304] RFE: epel9 branch of perl-Mozilla-PublicSuffix

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2232304



--- Comment #2 from Paul Howarth  ---
Thanks!


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202232304%23c2
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Intention to tighten RPM crypto-policy back

[Alexander Sosedkin]

On Wed, Sep 27, 2023 at 2:38 PM Stephen Gallagher  wrote:
>
> On Wed, Sep 27, 2023 at 7:06 AM Alexander Sosedkin  
> wrote:
> ...
> > Feel free to strike down these proposals
> > using whatever mechanisms Fedora governance offers.
> > https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3
> > rejection suggests they do work.
>
> To be clear, that one was rejected primarily because of Chrome and
> VSCode (both extremely important to our user-base), which appear to
> have been resolved since then. I'm definitely in favor of tightening
> things up at this point.

You're probably thinking about the revert I wanna revert:
https://pagure.io/fesco/issue/2960.
StrongCryptoSettings3 was a different, more ambitious thing,
where preventing openssl from trusting SHA-1 signatures
was the contention point that prevented it from happening.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Intention to tighten RPM crypto-policy back

[Stephen Gallagher]

On Wed, Sep 27, 2023 at 7:06 AM Alexander Sosedkin  wrote:
...
> Feel free to strike down these proposals
> using whatever mechanisms Fedora governance offers.
> https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3
> rejection suggests they do work.

To be clear, that one was rejected primarily because of Chrome and
VSCode (both extremely important to our user-base), which appear to
have been resolved since then. I'm definitely in favor of tightening
things up at this point.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Packaging guidelines - validation of AppStream metadata files

[Mattia Verga via devel]

Il 27/09/23 13:24, Richard Hughes ha scritto:
> On Tue, 26 Sept 2023 at 03:16, Neal Gompa  wrote:
>> So a stopgap solution was implemented: appstream-data. Richard Hughes
>> maintains a local mirror of the full Fedora repositories and generates
>> the appstream data from that using scripts[1] and extra data[2] to
>> produce the appstream-data package[3].
> That's a really good writeup, thanks. Note, I'm not the only person
> who can generate metadata, and I'd *love* someone to take over the
> task if they've got more time than me. We used to build the new
> metadata weekly, but it's slipped to monthly, if that frequently.
>
> The storage requirement of a "full mirror" is ~8G for centos and ~720G
> for Fedora -- and although NVMe is faster, I use an external HDD. You
> can also generate the metadata on laptop-class hardware -- it takes
> about an hour per release or an order of magnitude faster with fast
> NMVe and server class hardware. I've not tried to use
> appstream-compose yet, but it might work.
>
> Ideally this is something that could be picked up by release
> engineering, but I've fought that battle and lost each time. C'est la
> vie.
>
> Richard.

Can't this script be moved to run in Openshift as cron-based? Something 
like the Package Review Status app, although the storage requirements 
are totally different (but, maybe, there's a way to avoid cloning the 
mirror "locally" in Openshift and use a network mounted directory?).

Mattia

___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Fedora rawhide compose report: 20230927.n.0 changes

[Fedora Rawhide Report]

OLD: Fedora-Rawhide-20230926.n.0
NEW: Fedora-Rawhide-20230927.n.0

= SUMMARY =
Added images:3
Dropped images:  2
Added packages:  7
Dropped packages:62
Upgraded packages:   103
Downgraded packages: 1

Size of added packages:  14.10 MiB
Size of dropped packages:492.44 MiB
Size of upgraded packages:   5.89 GiB
Size of downgraded packages: 1.04 MiB

Size change of upgraded packages:   1.22 MiB
Size change of downgraded packages: 185 B

= ADDED IMAGES =
Image: Kinoite dvd-ostree aarch64
Path: Kinoite/aarch64/iso/Fedora-Kinoite-ostree-aarch64-Rawhide-20230927.n.0.iso
Image: i3 live aarch64
Path: Spins/aarch64/iso/Fedora-i3-Live-aarch64-Rawhide-20230927.n.0.iso
Image: Container_Minimal_Base docker ppc64le
Path: 
Container/ppc64le/images/Fedora-Container-Minimal-Base-Rawhide-20230927.n.0.ppc64le.tar.xz

= DROPPED IMAGES =
Image: Sericea dvd-ostree x86_64
Path: Sericea/x86_64/iso/Fedora-Sericea-ostree-x86_64-Rawhide-20230926.n.0.iso
Image: Silverblue dvd-ostree x86_64
Path: 
Silverblue/x86_64/iso/Fedora-Silverblue-ostree-x86_64-Rawhide-20230926.n.0.iso

= ADDED PACKAGES =
Package: kf6-kguiaddons-5.240.0^20230916.160754.7ff692a-1.fc40
Summary: KDE Frameworks 6 Tier 1 addon with various classes on top of QtGui
RPMs:kf6-kguiaddons kf6-kguiaddons-devel
Size:971.09 KiB

Package: kf6-kholidays-5.240.0^20230901.194437.d42ac5f-1.fc40
Summary: The KHolidays Library
RPMs:kf6-kholidays kf6-kholidays-devel
Size:1.69 MiB

Package: 
kf6-networkmanager-qt-5.240.0^20230920.135708.7f4e3a34bbe3c7db7f2d090e1bfc572a21f834a2-135.fc40
Summary: A Tier 1 KDE Frameworks 6 module that wraps NetworkManager DBus API
RPMs:kf6-networkmanager-qt kf6-networkmanager-qt-devel
Size:2.66 MiB

Package: 
kf6-syntax-highlighting-5.240.0^20230922.195427.0211d718294684eb9d557e7d523b1693f03f16b9-135.fc40
Summary: KDE Frameworks 6 Syntax highlighting engine for Kate syntax definitions
RPMs:kf6-syntax-highlighting kf6-syntax-highlighting-devel
Size:8.51 MiB

Package: resalloc-ibm-cloud-1.0-1.fc40
Summary: Resource allocator scripts for IBM cloud
RPMs:resalloc-ibm-cloud
Size:42.80 KiB

Package: rust-gix-index-0.24.0-2.fc40
Summary: Git index file implementation used by gix
RPMs:rust-gix-index+default-devel rust-gix-index+document-features-devel 
rust-gix-index+serde-devel rust-gix-index-devel
Size:107.05 KiB

Package: waycheck-0.1.3-1.fc40
Summary: Simple GUI that displays protocols implemented by a Wayland compositor
RPMs:waycheck
Size:158.89 KiB


= DROPPED PACKAGES =
Package: RBTools-4.0-4.fc39
Summary: Tools for use with ReviewBoard
RPMs:RBTools
Size:902.75 KiB

Package: andriller-3.3.1-9.fc38
Summary: Android Forensic Tools
RPMs:andriller
Size:184.91 KiB

Package: androwarn-1.6.1-14.fc39
Summary: Static code analyzer for malicious Android applications
RPMs:androwarn
Size:201.97 KiB

Package: brd-1.0-24.fc38
Summary: Scans directories and files for damage due to decay of storage medium
RPMs:brd
Size:34.75 KiB

Package: btest-0.57-16.fc38
Summary: A Simple Driver for Basic Unit Tests
RPMs:btest
Size:49.17 KiB

Package: eric-20.1-12.fc38
Summary: Python IDE
RPMs:eric
Size:15.30 MiB

Package: fedora-gather-easyfix-0.2.1-90.fc38
Summary: Gather easyfix tickets across fedorahosted projects
RPMs:fedora-gather-easyfix
Size:122.45 KiB

Package: golang-github-alicebob-miniredis-2.14.5-7.fc39
Summary: Pure Go Redis server for Go unittests
RPMs:compat-golang-github-alicebob-miniredis-2-devel 
golang-github-alicebob-miniredis-devel
Size:112.14 KiB

Package: libssh2-python-0.7.1-35.fc38
Summary: Python binding for the libssh2 library
RPMs:python3-libssh2
Size:149.72 KiB

Package: php-ocramius-generated-hydrator-4.1.0-4.fc38
Summary: An object hydrator
RPMs:php-ocramius-generated-hydrator
Size:19.66 KiB

Package: php-symfony4-4.4.47-1.fc38
Summary: Symfony PHP framework (version 4)
RPMs:php-symfony4 php-symfony4-asset php-symfony4-browser-kit 
php-symfony4-cache php-symfony4-common php-symfony4-config php-symfony4-console 
php-symfony4-css-selector php-symfony4-debug php-symfony4-debug-bundle 
php-symfony4-dependency-injection php-symfony4-doctrine-bridge 
php-symfony4-dom-crawler php-symfony4-dotenv php-symfony4-error-handler 
php-symfony4-event-dispatcher php-symfony4-expression-language 
php-symfony4-filesystem php-symfony4-finder php-symfony4-form 
php-symfony4-framework-bundle php-symfony4-http-client 
php-symfony4-http-foundation php-symfony4-http-kernel php-symfony4-inflector 
php-symfony4-intl php-symfony4-ldap php-symfony4-lock php-symfony4-mailer 
php-symfony4-messenger php-symfony4-mime php-symfony4-monolog-bridge 
php-symfony4-options-resolver php-symfony4-phpunit-bridge php-symfony4-process 
php-symfony4-property-access php-symfony4-property-info 
php-symfony4-proxy-manager-bridge php-symfony4-routing php-symfony4-security 
php-symfony4-security

Re: Packaging guidelines - validation of AppStream metadata files

[Richard Hughes]

On Tue, 26 Sept 2023 at 03:16, Neal Gompa  wrote:
> So a stopgap solution was implemented: appstream-data. Richard Hughes
> maintains a local mirror of the full Fedora repositories and generates
> the appstream data from that using scripts[1] and extra data[2] to
> produce the appstream-data package[3].

That's a really good writeup, thanks. Note, I'm not the only person
who can generate metadata, and I'd *love* someone to take over the
task if they've got more time than me. We used to build the new
metadata weekly, but it's slipped to monthly, if that frequently.

The storage requirement of a "full mirror" is ~8G for centos and ~720G
for Fedora -- and although NVMe is faster, I use an external HDD. You
can also generate the metadata on laptop-class hardware -- it takes
about an hour per release or an order of magnitude faster with fast
NMVe and server class hardware. I've not tried to use
appstream-compose yet, but it might work.

Ideally this is something that could be picked up by release
engineering, but I've fought that battle and lost each time. C'est la
vie.

Richard.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Miro Hrončok]

On 27. 09. 23 12:49, Fabio Valentini wrote:

On Wed, Sep 27, 2023 at 11:56 AM Miro Hrončok  wrote:


python-rust-update-set
==
https://bugzilla.redhat.com/2220488
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.


That NEEDINFO won't help, the maintainer apparently sends bugzilla
email to /dev/null.
I had filed a PR with the upstream project to fix the test failures
months ago, but it's still pending.
And since I'd rather not see this package retired, I just backported
my PR and built the package.

https://bodhi.fedoraproject.org/updates/FEDORA-2023-8175912590
https://bodhi.fedoraproject.org/updates/FEDORA-2023-dfe9c0f49e


Thank you!

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2232304] RFE: epel9 branch of perl-Mozilla-PublicSuffix

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Yanko Kaneti  changed:

   What|Removed |Added

   Assignee|yan...@declera.com  |p...@city-fan.org
 Status|NEW |ASSIGNED
   Doc Type|--- |If docs needed, set a value



--- Comment #1 from Yanko Kaneti  ---
Sorry for the huge delay, I must've spaced out while receiving the notification
for this ticket.
I've added you as admin on this one and perl-HTTP-CookieJar.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2232304

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202232304%23c1
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Intention to tighten RPM crypto-policy back

[Alexander Sosedkin]

On Tue, Sep 26, 2023 at 7:40 PM Kevin Kofler via devel
 wrote:
>
> Alexander Sosedkin wrote:
> > Because of that, I'd like to revert that RPM policy relaxation
> > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/a12f7b20638be8f872ad1995c7d2edce41c227b5
> > in (f39) rawhide and align RPM security with the rest of the policy.
> >
> > Thoughts / feedback?
>
> I am still opposed, because it is still a backwards-incompatible change that
> breaks existing repositories (such as my Calcforge one) just so that someone
> can tick a checkbox on some "security" checklist.

Yes, those who want to trust that key you've generated back in 2007
will have to use LEGACY policy or relax it in some other way
unless you generate a stronger key, that's precisely my intention.
I'm sorry for putting extra work on you, this is never pleasant,
but, all things considered, I find it well worth the benefit.

If you like *your* systems insecure, I do respect that choice of yours,
and I strive to offer a convenient opt-out of "security"
that should let you lag behind the modern world by ~5 extra years.
But we do need secure *defaults*, and I hope that you see how
compromising the security of most of the of installations
at the expense of the convenience of a few packagers
doesn't seem like the right course to me.

I often joke that the four Fedora values are
"Freedom", "Friends", "Features" and "Fecurity"
but, jokes aside, "First" still made that list:
https://docs.fedoraproject.org/en-US/project/#_first
and my reading of it is that
"15 years of backwards compatibility no matter what"
is explicitly a non-goal.

Fedora defaults are already lagging significantly behind, say, RHEL-9,
but there must be some limit to accepting insecure legacy stuff by default,
and I'll keep proposing the limits I find sensible
until I get completely disappointed in this distro.
Feel free to strike down these proposals
using whatever mechanisms Fedora governance offers.
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3
rejection suggests they do work.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: 16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Fabio Valentini]

On Wed, Sep 27, 2023 at 11:56 AM Miro Hrončok  wrote:
>
> python-rust-update-set
> ==
> https://bugzilla.redhat.com/2220488
> Bugzilla ASSIGNED 2 months ago, no update since.
> Maintainer NEEDINFOed last week.

That NEEDINFO won't help, the maintainer apparently sends bugzilla
email to /dev/null.
I had filed a PR with the upstream project to fix the test failures
months ago, but it's still pending.
And since I'd rather not see this package retired, I just backported
my PR and built the package.

https://bodhi.fedoraproject.org/updates/FEDORA-2023-8175912590
https://bodhi.fedoraproject.org/updates/FEDORA-2023-dfe9c0f49e

Fabio
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Intention to tighten RPM crypto-policy back

[Peter Robinson]

On Wed, Sep 27, 2023 at 11:04 AM Alexander Sosedkin
 wrote:
>
> On Tue, Sep 26, 2023 at 7:47 PM Peter Robinson  wrote:
> >
> > On Tue, Sep 19, 2023 at 10:20 AM Alexander Sosedkin
> >  wrote:
> > >
> > > Hello,
> > >
> > > 6 months ago, there's been a F38 blocker: 
> > > https://pagure.io/fesco/issue/2960
> > > Long story short:
> > > RPM has moved to sequoia,
> > > sequoia has started respecting crypto-policies,
> > > Google repos have been signed with a 1024-bit DSA key,
> > > Google Chrome was not installable => F38 blocker.
> > > Back at the time, it's been hastily "resolved"
> > > by relaxing RPM security through crypto-policies
> > > just enough to tolerate that Google signature:
> > > https://bugzilla.redhat.com/show_bug.cgi?id=2170878
> > > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/merge_requests/129
> > >
> > > Since then it has been brought to my attention that
> > > Google has now added a 4096 bit RSA key
> > > https://www.google.com/linuxrepositories/
> > > (EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796)
> > >
> > > Because of that, I'd like to revert that RPM policy relaxation
> > > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/a12f7b20638be8f872ad1995c7d2edce41c227b5
> > > in (f39) rawhide and align RPM security with the rest of the policy.
> > >
> > > Thoughts / feedback?
> >
> > I think it should be done as a system wide change so it can have the
> > appropriate review but it seems we're better off than we were.
>
> System-wide or self-contained?

System wide as it potentially affects ability to install 3rd party software.

> I'm not altering the system-wide default,
> I'm removing the exception that was limited to rpm/dnf in scope
> to bring them in line with system-wide default;
> but rpm/dnf are kinda important.
> ___
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct: 
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: 
> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> Do not reply to spam, report it: 
> https://pagure.io/fedora-infrastructure/new_issue
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Intention to tighten RPM crypto-policy back

[Alexander Sosedkin]

On Tue, Sep 26, 2023 at 7:47 PM Peter Robinson  wrote:
>
> On Tue, Sep 19, 2023 at 10:20 AM Alexander Sosedkin
>  wrote:
> >
> > Hello,
> >
> > 6 months ago, there's been a F38 blocker: https://pagure.io/fesco/issue/2960
> > Long story short:
> > RPM has moved to sequoia,
> > sequoia has started respecting crypto-policies,
> > Google repos have been signed with a 1024-bit DSA key,
> > Google Chrome was not installable => F38 blocker.
> > Back at the time, it's been hastily "resolved"
> > by relaxing RPM security through crypto-policies
> > just enough to tolerate that Google signature:
> > https://bugzilla.redhat.com/show_bug.cgi?id=2170878
> > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/merge_requests/129
> >
> > Since then it has been brought to my attention that
> > Google has now added a 4096 bit RSA key
> > https://www.google.com/linuxrepositories/
> > (EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796)
> >
> > Because of that, I'd like to revert that RPM policy relaxation
> > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/a12f7b20638be8f872ad1995c7d2edce41c227b5
> > in (f39) rawhide and align RPM security with the rest of the policy.
> >
> > Thoughts / feedback?
>
> I think it should be done as a system wide change so it can have the
> appropriate review but it seems we're better off than we were.

System-wide or self-contained?
I'm not altering the system-wide default,
I'm removing the exception that was limited to rpm/dnf in scope
to bring them in line with system-wide default;
but rpm/dnf are kinda important.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Miro Hrončok]

Hello packagers,
here is the list of packages that still need a Python 3.12 rebuild for Fedora 
39+.

Packages on this list have broken dependencies and hence the users of Fedora 
Linux 39+ cannot install them at all.
Moreover, users of Fedora Linux 37 or 38 with the listed packages installed are 
unable to upgrade to Fedora Linux 39+.


We need to either rebuild those packages in Fedora Linux 39+ or retire+obsolete 
them to clear the upgrade path. Package retirement is not a "punishment" for 
not fixing the package, it is merely a way to allow our users to upgrade.
When a retired package is fixed after Fedora Linux 39 final release, it can be 
added back to the distribution.


The Fedora 39 Final Freeze starts on 2023-10-03 14:00 UTC -- that leaves only 6 
days to push updates via Bodhi, meaning they will not be autopushed in time.


Please, if you are planning to fix the packages, set low karma limits and ask 
another packager to test it and add karma.
Request freeze exceptions when needed: 
https://qa.fedoraproject.org/blockerbugs/propose_bug


I plan to propose "mass" retirement of the remaining packages without a 
requested freeze exception and a clear path forward a couple days after the 
freeze starts, so we have time to ship an updated fedora-obsolete-packages.


Packages broken in Rawhide by maintainer:
atkac  fail2ban
cottsaypython-bloom
dcavalca   python-mathics3 python-mathicsscript
echevemaster python-protego
hobbes1069 fail2ban freecad python-pyside2
jcaratzas  python-logutils
jkastner   freecad
luya   openshadinglanguage
matyas condor
music  openshadinglanguage
orion  fail2ban
qulogicpython-geomet
rebus  dionaea python-smbpasswd
rmattespython-bloom
salimmapython-rust-update-set
sdyroffpython-ansi
slaanesh   openshadinglanguage
tmzfail2ban
ttheisen   condor
valtri condor
zbyszekpython-igor

Details:

condor
==
https://bugzilla.redhat.com/2172684
Bugzilla ASSIGNED half a year ago, no update since.
Maintainer NEEDINFOed today.
Seems to a problem with Boost since Fedora 38.

dionaea
===
https://bugzilla.redhat.com/2219972
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

fail2ban

https://bugzilla.redhat.com/2219991
https://github.com/fail2ban/fail2ban/issues/3487
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainers NEEDINFOed last week.

freecad
===
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.
Blocked on pyside2.

openshadinglanguage
===
https://bugzilla.redhat.com/2220055
Seems to be actively progressing, blocked on this clang15 PR:
https://src.fedoraproject.org/rpms/clang15/pull-request/1

python-ansi
===
https://bugzilla.redhat.com/2220110
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainers NEEDINFOed last week.
The fix of FTBFS is trivial (BR python3-setuptools, as described in 
https://bugzilla.redhat.com/2155030 in December 2022).
However, package has no %check, so I am reluctant to fix it myself, not knowing 
if it even works.


python-bloom

https://bugzilla.redhat.com/2220133
Maintainer said to retire it last week.

python-geomet
=
https://bugzilla.redhat.com/2220250
https://github.com/geomet/geomet/issues/92
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-igor
===
https://bugzilla.redhat.com/2220275
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-logutils
===
https://bugzilla.redhat.com/2220313
https://src.fedoraproject.org/rpms/python-logutils/pull-request/2
PR opened a month ago, no progress since.
New maintainer NEEDINFOed this week.

python-mathics3
===
https://bugzilla.redhat.com/2220323
https://src.fedoraproject.org/rpms/python-mathics3/pull-request/2 (still fails)
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-mathicsscript

https://bugzilla.redhat.com/2220324
Depends on mathics3
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-protego
==
https://bugzilla.redhat.com/2240746
Built in Fedora 39 only (the f39 branch is ahead of rawhide).
I'd normally just go ahead and merge the branches myself,
but the "fix" was to remove all the tests and add redundant manual Requires,
so I am reluctant to do that.

python-pyside2
==
https://bugzilla.redhat.com/2155447
https://bugzilla.redhat.com/2220452
https://bugreports.qt.io/browse/PYSIDE-2388 (WONTFIX)
Upstream no longer cares about this pyside2 version.
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-rust-update-set
==
https://bugzilla.redhat.com/2220488
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-smbpasswd

https://bugzilla.redhat.com/2154979
Bugzilla ASSIGNED 8 months 

16 packages still need a Python 3.12 rebuild, final freeze in 6 days

[Miro Hrončok]

Hello packagers,
here is the list of packages that still need a Python 3.12 rebuild for Fedora 
39+.

Packages on this list have broken dependencies and hence the users of Fedora 
Linux 39+ cannot install them at all.
Moreover, users of Fedora Linux 37 or 38 with the listed packages installed are 
unable to upgrade to Fedora Linux 39+.


We need to either rebuild those packages in Fedora Linux 39+ or retire+obsolete 
them to clear the upgrade path. Package retirement is not a "punishment" for 
not fixing the package, it is merely a way to allow our users to upgrade.
When a retired package is fixed after Fedora Linux 39 final release, it can be 
added back to the distribution.


The Fedora 39 Final Freeze starts on 2023-10-03 14:00 UTC -- that leaves only 6 
days to push updates via Bodhi, meaning they will not be autopushed in time.


Please, if you are planning to fix the packages, set low karma limits and ask 
another packager to test it and add karma.
Request freeze exceptions when needed: 
https://qa.fedoraproject.org/blockerbugs/propose_bug


I plan to propose "mass" retirement of the remaining packages without a 
requested freeze exception and a clear path forward a couple days after the 
freeze starts, so we have time to ship an updated fedora-obsolete-packages.


Packages broken in Rawhide by maintainer:
atkac  fail2ban
cottsaypython-bloom
dcavalca   python-mathics3 python-mathicsscript
echevemaster python-protego
hobbes1069 fail2ban freecad python-pyside2
jcaratzas  python-logutils
jkastner   freecad
luya   openshadinglanguage
matyas condor
music  openshadinglanguage
orion  fail2ban
qulogicpython-geomet
rebus  dionaea python-smbpasswd
rmattespython-bloom
salimmapython-rust-update-set
sdyroffpython-ansi
slaanesh   openshadinglanguage
tmzfail2ban
ttheisen   condor
valtri condor
zbyszekpython-igor

Details:

condor
==
https://bugzilla.redhat.com/2172684
Bugzilla ASSIGNED half a year ago, no update since.
Maintainer NEEDINFOed today.
Seems to a problem with Boost since Fedora 38.

dionaea
===
https://bugzilla.redhat.com/2219972
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

fail2ban

https://bugzilla.redhat.com/2219991
https://github.com/fail2ban/fail2ban/issues/3487
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainers NEEDINFOed last week.

freecad
===
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.
Blocked on pyside2.

openshadinglanguage
===
https://bugzilla.redhat.com/2220055
Seems to be actively progressing, blocked on this clang15 PR:
https://src.fedoraproject.org/rpms/clang15/pull-request/1

python-ansi
===
https://bugzilla.redhat.com/2220110
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainers NEEDINFOed last week.
The fix of FTBFS is trivial (BR python3-setuptools, as described in 
https://bugzilla.redhat.com/2155030 in December 2022).
However, package has no %check, so I am reluctant to fix it myself, not knowing 
if it even works.


python-bloom

https://bugzilla.redhat.com/2220133
Maintainer said to retire it last week.

python-geomet
=
https://bugzilla.redhat.com/2220250
https://github.com/geomet/geomet/issues/92
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-igor
===
https://bugzilla.redhat.com/2220275
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-logutils
===
https://bugzilla.redhat.com/2220313
https://src.fedoraproject.org/rpms/python-logutils/pull-request/2
PR opened a month ago, no progress since.
New maintainer NEEDINFOed this week.

python-mathics3
===
https://bugzilla.redhat.com/2220323
https://src.fedoraproject.org/rpms/python-mathics3/pull-request/2 (still fails)
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-mathicsscript

https://bugzilla.redhat.com/2220324
Depends on mathics3
Bugzilla ASSIGNED a month ago, no update since.
Maintainer NEEDINFOed last week.

python-protego
==
https://bugzilla.redhat.com/2240746
Built in Fedora 39 only (the f39 branch is ahead of rawhide).
I'd normally just go ahead and merge the branches myself,
but the "fix" was to remove all the tests and add redundant manual Requires,
so I am reluctant to do that.

python-pyside2
==
https://bugzilla.redhat.com/2155447
https://bugzilla.redhat.com/2220452
https://bugreports.qt.io/browse/PYSIDE-2388 (WONTFIX)
Upstream no longer cares about this pyside2 version.
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-rust-update-set
==
https://bugzilla.redhat.com/2220488
Bugzilla ASSIGNED 2 months ago, no update since.
Maintainer NEEDINFOed last week.

python-smbpasswd

https://bugzilla.redhat.com/2154979
Bugzilla ASSIGNED 8 months 

Re: F39 Change Proposal: Allow Removal of tzdata (System-Wide)

[Peter Robinson]

On Wed, Sep 27, 2023 at 6:24 AM Remi Collet  wrote:
>
> Le 26/09/2023 à 19:32, Carlos O'Donell a écrit :
>
> >> In version 8.3 (F40) we'll includes the UTC definition
> >> in our patch to use system tzdata, UTC being use
> >> as the fallback value.
> >
> > I'm curious; what does this patch look like?
>
> (trivial) patch to our system tzdata patch attached
>
> In short, if file is missing use bundled content
>
> Full patch for PHP 8.3:
> https://git.remirepo.net/cgit/rpms/scl-php83/php.git/plain/php-8.3.0-systzdata-v24.patch
>
> Remi
>
>
> P.S. IMHO, allowing removal of tzdata for PHP doesn't make any sense
> as most app will fail badly (runtime exception) because of missing
> TZ when upstream use a bundle copy of the full database, so this can
> never happen, so this will create another RPM specific problem

Can't you just explicitly require tzdata?
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Unretiring & claiming xss-lock

[Jani Juhani Sinervo]

Hello.

As per [0], I (FAS: sham1) am planning to unretire and claim the X11
screensaver utility `xss-lock`.

Having been retired for more than 8 weeks on its rawhide branch, due to
having been orphaned, means that a new package review is needed for the
package, which can be found at [1].

[0]:
https://docs.fedoraproject.org/en-US/package-maintainers/Package_Retirement_Process/#claiming

[1]:
https://bugzilla.redhat.com/show_bug.cgi?id=2240906
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue