Bug#1059825: /usr/bin/prosodyctl: prosodyctl check dns fails with stacktrace

[Joseph Nahmias]

Package: prosody
Version: 0.12.3-1
Severity: normal
File: /usr/bin/prosodyctl

Hello,

When trying to debug my prosody installation, I tried to run prosodyctl
check dns and got the following:

# prosodyctl check dns
lua5.4: /usr/bin/prosodyctl:635: attempt to index a number value
stack traceback:
[C]: in for iterator 'for iterator'
/usr/lib/prosody/util/set.lua:74: in method 'add_list'
/usr/lib/prosody/util/set.lua:97: in function 'util.set.new'
/usr/lib/prosody/util/prosodyctl/check.lua:718: in function 
'util.prosodyctl.check.check'
/usr/bin/prosodyctl:751: in upvalue 'func'
/usr/lib/prosody/util/async.lua:144: in function 

stack traceback:
[C]: in function 'error'
/usr/bin/prosodyctl:635: in local 'handler'
/usr/lib/prosody/util/async.lua:232: in method 'run'
/usr/bin/prosodyctl:754: in main chunk
[C]: in ?

Is there a dependancy missing?

Thanks,
--Joe

-- System Information:
Debian Release: 12.4
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-15-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages prosody depends on:
ii  adduser 3.134
ii  init-system-helpers 1.65.2
ii  libc6   2.36-9+deb12u3
ii  libicu7272.1-3
ii  libssl3 3.0.11-1~deb12u2
ii  lua-bitop [lua5.4-bitop]1.0.2-7
ii  lua-expat [lua5.4-expat]1.5.1-3
ii  lua-filesystem [lua5.4-filesystem]  1.8.0-3
ii  lua-sec [lua5.4-sec]1.2.0-2
ii  lua-socket [lua5.4-socket]  3.1.0-1+b1
ii  lua5.4  5.4.4-3
ii  ssl-cert1.1.2

Versions of packages prosody recommends:
ii  lua-event [lua5.4-event]0.4.6-2+b1
ii  lua-readline [lua5.4-readline]  3.2-2
ii  lua-unbound [lua5.4-unbound]1.0.0-2

Versions of packages prosody suggests:
pn  lua-dbi-mysql   
pn  lua-dbi-postgresql  
pn  lua-dbi-sqlite3 
pn  lua-zlib

-- no debconf information

Bug#1059403: collectd hugepages plugin reports spurious warnings trying to open demote

[Joseph Nahmias]

Package: collectd
Version: 5.12.0-14
Severity: normal
Tags: upstream patch

Dear Maintainer,

Thanks for packaging collectd!

After upgrading one of my servers to bookworm, I noticed that collectd
started emitting warnings about being unable to read demote files.
It seems this was reported upstream at 
https://github.com/collectd/collectd/issues/3993
and a commit was merged into main:
https://github.com/collectd/collectd/commit/4cebbfc1ed4b44644d981df996a8ca941e38e8a1

It would be great if this patch could be incorporated into the next
stable point release for bookworm.

If you agree but are short on time, I'm happy (and motivated) to do the
work.

Thanks,
--Joe

-- System Information:
Debian Release: 12.4
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-15-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages collectd depends on:
ii  collectd-core  5.12.0-14
ii  libc6  2.36-9+deb12u3
ii  librrd81.7.2-4+b8

Bug#1042803: ITP: fanwor -- action-adventures in the style of "The Legend of Zelda"

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, h...@tuxfamily.org, 
debian-devel-ga...@lists.debian.org, j...@nahmias.net

* Package name: fanwor
  Version : 1.16
  Upstream Contact: Thomas Huth 
* URL : https://fanwor.tuxfamily.org/
* License : GPL-2.0
  Programming Lang: C
  Description : action-adventure game in the style of "The Legend of Zelda"

Bug#1042718: RFP: megazeux -- cross-platform game creation system

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: Debian Games Team , 
j...@nahmias.net

* Package name: megazeux
  Version : 2.92f
* URL : https://www.digitalmzx.com/
* License : GPL-2.0
  Programming Lang: C/C++
  Description : cross-platform game creation system

MegaZeux is a game creation system created by Alexis Janson. It was
inspired by ZZT, for which Alexis and other members of Software Visions
had created several games beforehand.

Bug#1041368: RFP: libsmacker -- C library for decoding .smk Smacker Video files

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: kennedy.g...@gmail.com, debian-devel-ga...@lists.debian.org, 
j...@nahmias.net

* Package name: libsmacker
  Version : 1.2.0
  Upstream Contact: Greg Kennedy 
* URL : https://libsmacker.sourceforge.net/
* License : LGPL-2.1
  Programming Lang: C
  Description : C library for decoding .smk Smacker Video files

libsmacker is a cross-platform C library which can be used for decoding
Smacker Video files produced by RAD Game Tools. The library supports all
features of both v2 and v4 files, except that Bink Audio Compression (lossy
perceptual coding) is unsupported. For most use cases of libsmacker, this is
not a serious limitation. 

Smacker Video was the king of video middleware in the 1990s, and its
256-color compressed video format was used in over 2600 software titles.
Smacker files tend to pose a problem for "engine rewrite" projects for
legacy games: many used the .smk format for intro videos, cutscenes, and
animated textures.  What is needed is a library which supports the minimum
feature set from smackw32.dll to get an smk off a disk and the frames /
audio into a buffer in the correct order. Hence, libsmacker.

Bug#1040265: CVE-2023-36813: Multiple Authenticated SQL Injections

[Joseph Nahmias]

Package: kanboard
Severity: important
Tags: security upstream
X-Debbugs-Cc: t...@security.debian.org, j...@nahmias.net, Debian Security Team 


https://github.com/kanboard/kanboard/security/advisories/GHSA-9gvq-78jp-jxcx

Summary

During a review of this project, I found multiple SQL Injections. It appears
that in some insert and update operations, the code improperly uses the PicoDB
library to update/insert new information.

Bug#1039728: segfault when completing first level

[Joseph Nahmias]

Package: raincat
Version: 1.1.1.2-4+b3
Severity: normal
X-Debbugs-Cc: j...@nahmias.net

No idea what's going on here, but raincat segfaults when I clear the first
level...

$ raincat
libpng warning: iCCP: known incorrect sRGB profile
libpng warning: iCCP: known incorrect sRGB profile
libpng warning: iCCP: cHRM chunk does not match sRGB
libpng warning: iCCP: known incorrect sRGB profile
libpng warning: iCCP: cHRM chunk does not match sRGB
libpng warning: iCCP: known incorrect sRGB profile
libpng warning: iCCP: cHRM chunk does not match sRGB
libpng warning: iCCP: known incorrect sRGB profile
[...]
raincat: mmap 4096 bytes at (nil): Cannot allocate memory
raincat: Try specifying an address with +RTS -xm -RTS
Segmentation fault


Let me know if there are some magic debug switches which will let you get more
info.
--Joe


-- System Information:
Debian Release: 12.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug'), 
(500, 'proposed-updates-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-9-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages raincat depends on:
ii  libc6   2.36-9
ii  libffi8 3.4.4-1
ii  libgl1  1.6.0-1
ii  libglu1-mesa [libglu1]  9.0.2-1.1
ii  libglut3.12 3.4.0-1
ii  libgmp102:6.2.1+dfsg1-1.1
ii  libsdl-image1.2 1.2.12-13+b2
ii  libsdl-mixer1.2 1.2.12-17+b3
ii  libsdl1.2debian 1.2.15+dfsg2-8
ii  raincat-data1.1.1.2-4

raincat recommends no packages.

raincat suggests no packages.

-- no debconf information

Bug#1038423: ITP: maven-native -- plugin to compile c and c++ source via maven

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, mojohaus-...@googlegroups.com, 
pkg-java-maintain...@lists.alioth.debian.org, j...@nahmias.net

* Package name: maven-native
  Version : 1.0-alpha-11
  Upstream Contact: mojohaus-...@googlegroups.com,
* URL : https://www.mojohaus.org/maven-native/native-maven-plugin/
* License : Expat
  Programming Lang: Java
  Description : plugin to compile c and c++ source via maven

 This maven plugin creates a custom build lifecycle suited to compiling
 native C and C++ code using standard compilers such as gcc.
 .
 Use cases / usage examples include:
 .
  * Building a DLL with JNI.
  * Building a standard Unix shared library.
  * Building a static library, including ranlib.

Bug#1037455: ITP: narcissus -- limited Java reflection library that bypasses security restrictions

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org, 
tool.factory.he...@gmail.com, j...@nahmias.net

* Package name: narcissus
  Version : 1.0.7
  Upstream Contact: ToolFactory 
* URL : https://github.com/toolfactory/narcissus
* License : MIT
  Programming Lang: Java
  Description : limited Java reflection library that bypasses security 
restrictions

Narcissus is a JNI native code library that provides a small subset of the Java
reflection API, while bypassing all of Java's access/visibility checks,
security manager restrictions, and module strong encapsulation enforcement, by
calling methods and accessing fields through the JNI API. This allows code that
relies on reflective access to non-public classes, fields, and methods to keep
working even now that strong encapsulation is being enforced in JDK 16+.

Narcissus works on JDK 7+, however it is most useful for suppressing reflective
access warnings in JDK 9-15, and for circumventing strong encapsulation for JDK
16+, in order to keep legacy software running (for example, when legacy
software depends upon setAccessible to access a needed private field of a class
in some library).

Bug#1037444: bookworm-pu: package kanboard/1.2.26+ds-4

[Joseph Nahmias]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: kanbo...@packages.debian.org, j...@nahmias.net
Control: affects -1 + src:kanboard

[ Reason ]
Security updates for kanboard since v1.2.26.

[ Tests ]
upstream's unit test suite are run at build time and via autopkgtest.
there are also some other (superficial) autopkgtests.

[ Risks ]
All listed CVEs have targeted fixes picked from upstream github.

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Other info ]

My first stable update, so please advise if I missed anything.
--Joe
diff -Nru kanboard-1.2.26+ds/debian/changelog 
kanboard-1.2.26+ds/debian/changelog
--- kanboard-1.2.26+ds/debian/changelog 2023-05-16 22:49:38.0 -0400
+++ kanboard-1.2.26+ds/debian/changelog 2023-06-07 20:45:40.0 -0400
@@ -1,3 +1,24 @@
+kanboard (1.2.26+ds-4) unstable; urgency=medium
+
+  * backport security fixes from kanboard v1.2.30
+ > CVE-2023-33956: Parameter based Indirect Object Referencing leading
+   to private file exposure
+ > CVE-2023-33968: Missing access control allows user to move and
+   duplicate tasks to any project in the software
+ > CVE-2023-33969: Stored XSS in the Task External Link Functionality
+ > CVE-2023-33970: Missing access control in internal task links feature
+(Closes: #1037167)
+
+ -- Joseph Nahmias   Wed, 07 Jun 2023 20:45:40 -0400
+
+kanboard (1.2.26+ds-3) unstable; urgency=medium
+
+  * backport fix for CVE-2023-32685 from kanboard v1.2.29
+
https://github.com/kanboard/kanboard/security/advisories/GHSA-hjmw-gm82-r4gv
+Based on upstream commits 26b6eeb & c9c1872. (Closes: #1036874)
+
+ -- Joseph Nahmias   Sun, 28 May 2023 21:42:46 -0400
+
 kanboard (1.2.26+ds-2) unstable; urgency=medium
 
   * properly test for lighty-enable-mod.
diff -Nru kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch 
kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch
--- kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch  1969-12-31 
19:00:00.0 -0500
+++ kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch  2023-05-28 
21:41:20.0 -0400
@@ -0,0 +1,111 @@
+Description: fix for CVE-2023-32685
+ Clipboard based cross-site scripting (blocked with default CSP)
+ https://github.com/kanboard/kanboard/security/advisories/GHSA-hjmw-gm82-r4gv
+Author: Frédéric Guillot 
+Origin: upstream
+Last-Update: 2023-05-24
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+diff --git a/assets/js/components/screenshot.js 
b/assets/js/components/screenshot.js
+index a8acd64..1130bd2 100644
+--- a/assets/js/components/screenshot.js
 b/assets/js/components/screenshot.js
+@@ -1,5 +1,4 @@
+ KB.component('screenshot', function (containerElement) {
+-var pasteCatcher = null;
+ var inputElement = null;
+ 
+ function onFileLoaded(e) {
+@@ -7,7 +6,6 @@ KB.component('screenshot', function (containerElement) {
+ }
+ 
+ function onPaste(e) {
+-// Firefox doesn't have the property e.clipboardData.items (only 
Chrome)
+ if (e.clipboardData && e.clipboardData.items) {
+ var items = e.clipboardData.items;
+ 
+@@ -24,69 +22,13 @@ KB.component('screenshot', function (containerElement) {
+ }
+ }
+ }
+-} else {
+-
+-// Handle Firefox
+-setTimeout(checkInput, 100);
+ }
+ }
+ 
+ function initialize() {
+-destroy();
+-
+-if (! window.Clipboard) {
+-// Insert the content editable at the top to avoid scrolling down 
in the board view
+-pasteCatcher = document.createElement('div');
+-pasteCatcher.id = 'screenshot-pastezone';
+-pasteCatcher.contentEditable = true;
+-pasteCatcher.style.opacity = 0;
+-pasteCatcher.style.position = 'fixed';
+-pasteCatcher.style.top = 0;
+-pasteCatcher.style.right = 0;
+-pasteCatcher.style.width = 0;
+-document.body.insertBefore(pasteCatcher, 
document.body.firstChild);
+-
+-pasteCatcher.focus();
+-
+-// Set the focus when clicked anywhere in the document
+-document.addEventListener('click', setFocus);
+-
+-// Set the focus when clicked in screenshot dropzone
+-
document.getElementById('screenshot-zone').addEventListener('click', setFocus);
+-}
+-
+ window.addEventListener('paste', onPaste, false);
+ }
+ 
+-function destroy() {
+-if (KB.exists('#screenshot-pastezone')) {
+-KB.find('#screenshot-pastezone').remove();
+-}
+-
+-document.removeEventListener('click', setFocus);
+-pasteCatcher = null;
+-   

Bug#1037082: unblock: kanboard/1.2.26+ds-3

[Joseph Nahmias]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: kanbo...@packages.debian.org, j...@nahmias.net
Control: affects -1 + src:kanboard

Please unblock package kanboard

[ Reason ]

Security fix only for CVE-2023-32685 from kanboard v1.2.29
https://github.com/kanboard/kanboard/security/advisories/GHSA-hjmw-gm82-r4gv

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

unblock kanboard/1.2.26+ds-3
diff -Nru kanboard-1.2.26+ds/debian/changelog 
kanboard-1.2.26+ds/debian/changelog
--- kanboard-1.2.26+ds/debian/changelog 2023-05-16 22:49:38.0 -0400
+++ kanboard-1.2.26+ds/debian/changelog 2023-05-28 21:42:46.0 -0400
@@ -1,3 +1,11 @@
+kanboard (1.2.26+ds-3) unstable; urgency=medium
+
+  * backport fix for CVE-2023-32685 from kanboard v1.2.29
+
https://github.com/kanboard/kanboard/security/advisories/GHSA-hjmw-gm82-r4gv
+Based on upstream commits 26b6eeb & c9c1872. (Closes: #1036874)
+
+ -- Joseph Nahmias   Sun, 28 May 2023 21:42:46 -0400
+
 kanboard (1.2.26+ds-2) unstable; urgency=medium
 
   * properly test for lighty-enable-mod.
diff -Nru kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch 
kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch
--- kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch  1969-12-31 
19:00:00.0 -0500
+++ kanboard-1.2.26+ds/debian/patches/CVE-2023-32685.patch  2023-05-28 
21:41:20.0 -0400
@@ -0,0 +1,111 @@
+Description: fix for CVE-2023-32685
+ Clipboard based cross-site scripting (blocked with default CSP)
+ https://github.com/kanboard/kanboard/security/advisories/GHSA-hjmw-gm82-r4gv
+Author: Frédéric Guillot 
+Origin: upstream
+Last-Update: 2023-05-24
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+diff --git a/assets/js/components/screenshot.js 
b/assets/js/components/screenshot.js
+index a8acd64..1130bd2 100644
+--- a/assets/js/components/screenshot.js
 b/assets/js/components/screenshot.js
+@@ -1,5 +1,4 @@
+ KB.component('screenshot', function (containerElement) {
+-var pasteCatcher = null;
+ var inputElement = null;
+ 
+ function onFileLoaded(e) {
+@@ -7,7 +6,6 @@ KB.component('screenshot', function (containerElement) {
+ }
+ 
+ function onPaste(e) {
+-// Firefox doesn't have the property e.clipboardData.items (only 
Chrome)
+ if (e.clipboardData && e.clipboardData.items) {
+ var items = e.clipboardData.items;
+ 
+@@ -24,69 +22,13 @@ KB.component('screenshot', function (containerElement) {
+ }
+ }
+ }
+-} else {
+-
+-// Handle Firefox
+-setTimeout(checkInput, 100);
+ }
+ }
+ 
+ function initialize() {
+-destroy();
+-
+-if (! window.Clipboard) {
+-// Insert the content editable at the top to avoid scrolling down 
in the board view
+-pasteCatcher = document.createElement('div');
+-pasteCatcher.id = 'screenshot-pastezone';
+-pasteCatcher.contentEditable = true;
+-pasteCatcher.style.opacity = 0;
+-pasteCatcher.style.position = 'fixed';
+-pasteCatcher.style.top = 0;
+-pasteCatcher.style.right = 0;
+-pasteCatcher.style.width = 0;
+-document.body.insertBefore(pasteCatcher, 
document.body.firstChild);
+-
+-pasteCatcher.focus();
+-
+-// Set the focus when clicked anywhere in the document
+-document.addEventListener('click', setFocus);
+-
+-// Set the focus when clicked in screenshot dropzone
+-
document.getElementById('screenshot-zone').addEventListener('click', setFocus);
+-}
+-
+ window.addEventListener('paste', onPaste, false);
+ }
+ 
+-function destroy() {
+-if (KB.exists('#screenshot-pastezone')) {
+-KB.find('#screenshot-pastezone').remove();
+-}
+-
+-document.removeEventListener('click', setFocus);
+-pasteCatcher = null;
+-}
+-
+-function setFocus() {
+-if (pasteCatcher !== null) {
+-pasteCatcher.focus();
+-}
+-}
+-
+-function checkInput() {
+-var child = pasteCatcher.childNodes[0];
+-
+-if (child) {
+-// If the user pastes an image, the src attribute
+-// will represent the image as a base64 encoded string.
+-if (child.tagName === 'IMG') {
+-createImage(child.src);
+-}
+-}
+-
+-pasteCatcher.innerHTML = '';
+-}
+-
+ function createImage(blob) {
+ var pastedImage = new Image();
+ pastedImage.src = blob;
+@@ -102,14 +44,9 @@ KB.component('screenshot', function (containerElement) {
+ zone.className = 'scree

Bug#1036205: unblock: kanboard/1.2.26+ds-2

[Joseph Nahmias]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: kanbo...@packages.debian.org, j...@nahmias.net
Control: affects -1 + src:kanboard

Please unblock package kanboard

[ Reason ]

  - Fix RC bug #1035598, caused by improper quoting in the test for
lighty-enable-mod
  - Fix a few issues discovered with the debian patch to use the newer version
of symfony that is in bookworm, which break common use cases /
configurations (including the package default one).
  - Fix an oversight in the default lighttpd configuration provided with
kanboard which doesn't exempt the jsonrpc API endpoint from redirection to
the login page.
  - Add autopkgtests to cover the above issues.

[ Impact ]

RC bug will cause kanboard to be removed from bookworm.

[ Tests ]

I've added a basic autopkgtest to test the jsonrpc API endpoint using
the default (lighttpd) config.

Added an autopkgtest to specifically test the installation of kanboard
with apache.

Did NOT add a similar jsonrpc autopkgtest for running under apache, as
this would require shipping a default config for apache, which feels like
too much of a new feature and thus unsuitable for an unblock at this point
of the release cycle. However, if the RT would be willing to include this
I'd be happy to do so; otherwise, I plan to defer until trixie opens.

[ Risks ]

Kanboard is a leaf package.
Fixes are targetted and address important/RC issues.
Autopkgtests are included to cover the issues and insure against regressions.

[ Checklist ]

  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

[ Other info ]

unblock kanboard/1.2.26+ds-2


This is my first unblock request in quite some time. Any feedback you wish to
provide would be greatly appreciated!
Thanks for all you do to make Debian,
--Joe
diff -Nru kanboard-1.2.26+ds/debian/35-kanboard.conf 
kanboard-1.2.26+ds/debian/35-kanboard.conf
--- kanboard-1.2.26+ds/debian/35-kanboard.conf  2022-07-22 12:48:59.0 
-0400
+++ kanboard-1.2.26+ds/debian/35-kanboard.conf  2023-05-15 21:45:51.0 
-0400
@@ -7,6 +7,7 @@
 alias.url += ( "/kanboard/" => "/usr/share/kanboard/" )
 index-file.names += ( "index.php" )
 url.rewrite-once = (
+"^/kanboard/jsonrpc\.php" => "",
 "^/kanboard/assets/.+" => "",
 "^/kanboard/favicon\..*$" => "",
 "" => "/kanboard/index.php${qsa}",
diff -Nru kanboard-1.2.26+ds/debian/changelog 
kanboard-1.2.26+ds/debian/changelog
--- kanboard-1.2.26+ds/debian/changelog 2023-01-14 19:54:15.0 -0500
+++ kanboard-1.2.26+ds/debian/changelog 2023-05-16 22:49:38.0 -0400
@@ -1,3 +1,23 @@
+kanboard (1.2.26+ds-2) unstable; urgency=medium
+
+  * properly test for lighty-enable-mod.
+This fixes a bug in how the postinst/prerm maint scripts check whether
+to enable kanboard for lighttpd, which caused it to fail when lighttpd
+was not installed. (Closes: #1035598)
+  * adapt some more areas to the new Symfony EventDispatcher API
+fix a couple of spots where we missed updating to the new dispatch() API:
+- standard db-based Auth
+- jsonrpc Auth
+  * do not redirect access to Kanboard's JSONRPC API.
+It uses its own authentication and shouldn't be bounced to the standard
+login page.
+  * add autopkgtest to ensure Kanboard JSONRPC API (minimally) works
+  * add apache install autopkgtest
+  * test(jsonrpc): make curl report errors in a cleaner way
+  * test(jsonrpc): add php-fpm as test dep
+
+ -- Joseph Nahmias   Tue, 16 May 2023 22:49:38 -0400
+
 kanboard (1.2.26+ds-1) unstable; urgency=medium
 
   * [1f43019] New upstream version 1.2.26+ds
diff -Nru kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch 
kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch
--- kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch  
2022-07-24 09:00:23.0 -0400
+++ kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch  
2023-05-15 21:45:51.0 -0400
@@ -623,3 +623,41 @@
  
  return false;
  }
+--- a/app/Api/Middleware/AuthenticationMiddleware.php
 b/app/Api/Middleware/AuthenticationMiddleware.php
+@@ -7,6 +7,7 @@ use JsonRPC\Exception\AuthenticationFail
+ use JsonRPC\MiddlewareInterface;
+ use Kanboard\Auth\ApiAccessTokenAuth;
+ use Kanboard\Core\Base;
++use Symfony\Contracts\EventDispatcher\Event;
+ 
+ /**
+  * Class AuthenticationApiMiddleware
+@@ -28,7 +29,7 @@ class AuthenticationMiddleware extends B
+  */
+ public function execute($username, $password, $procedureName)
+ {
+-$this->dispatcher->dispatch('app.bootstrap');
++$this->dispatcher->dispatch(new Event, 'app.bootstrap');
+ session_set('scope', 'API');

Bug#1033278: wine: Battle.Net: The application failed to start because no Qt platform plugin could be initialized

[Joseph Nahmias]

Package: wine
Version: 8.0~repack-4
Severity: normal
X-Debbugs-Cc: j...@nahmias.net

Hello,

I just upgraded from bullseye to bookworm and now Battle.Net / Hearthstone
refuses to start. Instead it shows this error message:

The application failed to start because no Qt
platform plugin could be initialized. Reinstalling
the application may fix this problem.

Was there some change in the wine packaging that would cause this error?
Would additional logs/debug info be useful to troubleshoot?

Thanks,
--Joe

-- Package-specific info:
/usr/bin/wine points to /usr/bin/wine-stable.

-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'testing-security'), (500, 
'testing-debug'), (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'proposed-updates-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages wine depends on:
ii  wine32  8.0~repack-4
ii  wine64  8.0~repack-4

wine recommends no packages.

Versions of packages wine suggests:
pn  dosbox
ii  icoextract-thumbnailer [exe-thumbnailer]  0.1.4-1
pn  playonlinux   
pn  q4wine
pn  winbind   
pn  wine-binfmt   
pn  winetricks

Versions of packages libwine depends on:
ii  libasound2   1.2.8-1+b1
ii  libc62.36-8
ii  libcapi20-3  1:3.27-3+b1
ii  libfontconfig1   2.14.1-4
ii  libfreetype6 2.12.1+dfsg-4
ii  libglib2.0-0 2.74.6-1
ii  libgphoto2-6 2.5.30-1
ii  libgphoto2-port122.5.30-1
ii  libgstreamer-plugins-base1.0-0   1.22.0-3
ii  libgstreamer1.0-01.22.0-2
ii  libpcap0.8   1.10.3-1
ii  libpulse016.1+dfsg1-2+b1
ii  libudev1 252.6-1
ii  libunwind8   1.6.2-3
ii  libusb-1.0-0 2:1.0.26-1
ii  libx11-6 2:1.8.4-2
ii  libxext6 2:1.3.4-1+b1
ii  libz-mingw-w64   1.2.13+dfsg-1
ii  ocl-icd-libopencl1 [libopencl1]  2.3.1-1

Versions of packages libwine recommends:
ii  fonts-liberation   1:1.07.4-11
ii  fonts-wine 8.0~repack-4
ii  gstreamer1.0-plugins-good  1.22.0-5
ii  libasound2-plugins 1.2.7.1-1
ii  libcups2   2.4.2-2
ii  libdbus-1-31.14.6-1
ii  libgl1 1.6.0-1
ii  libgl1-mesa-dri22.3.3-1
ii  libgnutls303.7.9-1
ii  libgssapi-krb5-2   1.20.1-1
ii  libkrb5-3  1.20.1-1
ii  libodbc2   2.3.11-2
ii  libosmesa6 22.3.3-1
ii  libsdl2-2.0-0  2.26.4+dfsg-1
ii  libv4l-0   1.22.1-5+b1
ii  libvulkan1 1.3.239.0-1
ii  libxcomposite1 1:0.4.5-1
ii  libxcursor11:1.2.1-1
ii  libxfixes3 1:6.0.0-2
ii  libxi6 2:1.8-1+b1
ii  libxinerama1   2:1.1.4-3
ii  libxrandr2 2:1.5.2-2+b1
ii  libxrender11:0.9.10-1.1
ii  libxxf86vm11:1.1.4-1+b2

Versions of packages libwine suggests:
ii  cups-bsd   2.4.2-2
ii  gstreamer1.0-libav 1.22.0-2
ii  gstreamer1.0-plugins-bad   1.22.0-4
ii  gstreamer1.0-plugins-ugly  1.22.0-2
pn  ttf-mscorefonts-installer  

Versions of packages wine32 depends on:
ii  libc62.36-8
ii  libwine  8.0~repack-4

wine32 recommends no packages.

Versions of packages wine32 suggests:
pn  wine32-preloader  

Versions of packages wine64 depends on:
ii  libc62.36-8
ii  libwine  8.0~repack-4

Versions of packages wine64 recommends:
ii  wine32  8.0~repack-4

Versions of packages wine64 suggests:
pn  wine64-preloader  

Versions of packages wine is related to:
pn  dxvk 
pn  dxvk-wine32-development  
pn  dxvk-wine64-development  
ii  fonts-wine   8.0~repack-4

-- no debconf information

Bug#1032119: ITP: ldaptive -- simple, extensible Java API for interacting with LDAP servers

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org, 
debian-secur...@lists.debian.org, j...@nahmias.net
Control: block 1031807 by -1

* Package name: ldaptive
  Version : 2.1.1
  Upstream Authors: Daniel Fisher , Marvin S. Addison 

* URL : https://www.ldaptive.org/
* License : Apache-2 OR LGPL-3
  Programming Lang: Java
  Description : simple, extensible Java API for interacting with LDAP 
servers

 Ldaptive is a simple, extensible Java API for interacting with LDAP
 servers. It was designed to provide easy LDAP integration for application
 developers. Features include:
 .
   * Netty based asynchronous networking
   * Reactive API
   * Connection pooling
   * Authentication API with support for password policy
   * JAAS modules for authentication and authorization
   * SSL/startTLS support with easy configuration of trust and key material
   * Input/output of LDIF
   * Supported controls:
 * Authorization Identity (RFC 3829)
 * Content Synchronization (RFC 4533)
 * Entry Change Notification (draft-ietf-ldapext-psearch-03)
 * ManageDsaIT (RFC 3296)
 * Matched Values (RFC 3876)
 * Paged Results (RFC 2696)
 * Password Policy (draft-behera-ldap-password-policy-10 and
   draft-vchu-ldap-pwd-policy-00)
 * Persistent Search (draft-ietf-ldapext-psearch-03)
 * Proxy Authorization (RFC 4370)
 * Server Side Sorting (RFC 2891)
 * Session Tracking (draft-wahl-ldap-session-03)
 * Tree Delete (draft-armijo-ldap-treedelete)
 * Virtual List View (draft-ietf-ldapext-ldapv3-vlv-09)

Bug#1032050: ITP: cryptacular -- high level, general purpose Java cryptographic library

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org, 
j...@nahmias.net, cryptacu...@googlegroups.com
Control: -1 blocks 1031807

* Package name: cryptacular
  Version : 1.2.5
  Upstream Authors: Daniel Fisher , Marvin S. Addison 

* URL : https://www.cryptacular.org/
* License : Apache-2.0 OR LGPL-3.0
  Programming Lang: Java
  Description : high level, general purpose Java cryptographic library

 General-purpose Java cryptograhic library, which complements the Bouncy
 Castle libraries, that has the following design goals:
 .
  * Flexible JCE provider. Prefers the Bouncy Castle Java Provider, but
can fall back to other providers defined in the environment for
algorithms not implemented by BC.
  * Ease of use for common cryptographic operations. A one liner
highlights this well; the following prints the MD5 hash of a password
as a string of HEX characters:
System.out.println(new MD5().digest(passBytes, new HexConverter()));
  * Convenient and performant handling of cryptographic operations on
large data streams.
  * Support for base-64 and hexadecimal encoding of ciphertext input/output.
  * Support for I/O operations on cryptographic primitives including
generating and writing symmetric encryption keys, public/private key
pairs, and X.509 certificates. Both PEM and DER encoding is handled
conveniently.
  * Command line interface for each class of cryptographic operation
(digest, symmetric encryption, public-key encryption, message signing,
etc). A command line interface for keystore operations is also
included, which is notable as it supports features above and beyond
the the Java keytool utility.
 .
 It is important to note that no cryptographic algorithms are implemented;
 Bouncy Castle provides all cryptographic algorithms where required.

Bug#1031807: ITP: java-opensaml -- Shibboleth Project's OpenSAML java libraries

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-j...@lists.debian.org, 
debian-security-to...@lists.debian.org, j...@nahmias.net, d...@shibboleth.net
Control: block 1031769 by -1

* Package name: java-opensaml
  Version : 4.3.0
  Upstream Author : Shibboleth 
* URL : https://shibboleth.atlassian.net/wiki/spaces/OS30/overview
* License : Apache 2
  Programming Lang: Java
  Description : Shibboleth Project's OpenSAML java libraries

 OpenSAML is a set of open source C++ & Java libraries used in support
 of the Shibboleth Project's implementation of the Security Assertion
 Markup Language (SAML).

 OpenSAML 4, the current Java library version, is based on Java 11, and
 supports SAML 1.0, 1.1, and 2.0. Additionally, various development groups
 have found the framework created to support OpenSAML useful for their own
 work and the Java codebase includes some code supporting WS-Addressing,
 WS-Security, WS-Trust and XACML.

 The OpenSAML libraries do not provide a complete SAML identity or service
 provider. If you are looking for such software you should check out the
 Shibboleth project instead. Also, these libraries will not teach you any
 of the specifications listed above. The libraries are meant solely to
 support individuals who have taken the time to read and understand the
 specifications and are not in general a good solution for those looking
 for a quick way to implement SAML.

Bug#1031769: ITP: oauth2-oidc-sdk -- OAuth 2.0 SDK for Java

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, j...@nahmias.net, 
debian-j...@lists.debian.org, supp...@connect2id.com, v...@connect2id.com

* Package name: oauth2-oidc-sdk
  Version : 9.43.1
  Upstream Author : Connect2id Ltd 
  Upstream Author : Vladimir Dzhuvinov 
* URL : 
https://connect2id.com/products/nimbus-oauth-openid-connect-sdk
* URL : 
https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/
* License : Apache-2
  Programming Lang: Java
  Description : OAuth 2.0 SDK for Java


This library is your starting point for developing OAuth 2.0 / 2.1 and OpenID 
Connect applications in Java. It provides ready and simple to use classes for 
dealing with tokens and representing the protocol messages, ensuring standards 
compliance and thus interoperability.

 *  Comprehensive Java library for developing OAuth 2.0 and OpenID Connect 
clients and servers
 *  Standards compliant, robust and extensible
 *  Open source (Apache 2.0 licence)

The OAuth 2.0 and OpenID Connect standards permit application-specific profiles 
and extensions, and this library also caters for that, with suitable interfaces 
and base classes where required.

Bug#1028923: RFP: duelyst -- digital collectible card and turn-based strategy hybrid game

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, debian-ga...@lists.debian.org, 
pkg-javascript-de...@lists.alioth.debian.org

* Package name: duelyst
  Version : 1.97.11
  Upstream Author : Counterplay Games
* URL : https://github.com/open-duelyst/duelyst
* License : CC0
  Programming Lang: JavaScript
  Description : digital collectible card and turn-based strategy hybrid game

In Duelyst, two players battle across a tactical battlefield, taking turns in
which they play and position minions and spells, represented by cards drawn
from a custom built deck, until one of the players eliminates the enemy
general. There are six factions in Duelyst, each with its own unique
characteristics that affect strategy and gameplay of the decks the player
builds.

The game offers a practice mode, puzzle-like challenges, a ranked season ladder
and a draft-style tournament mode.

Game client, server, and assets have all open-sourced.

Bug#1020961: RFP: crontab-ui -- web interface for managing scheduled jobs (crontab)

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, a...@adobe.com, Debian Javascript Maintainers 


* Package name: crontab-ui
  Version : 0.3.16
  Upstream Author : Suresh Alse
* URL : https://github.com/alseambusher/crontab-ui
* License : MIT
  Programming Lang: JavaScript
  Description : web interface for managing scheduled jobs (crontab)

Key features of Crontab UI:
 *  Easy setup. You can even import from existing crontab.
 *  Safe adding, deleting or pausing jobs. Easy to maintain hundreds of jobs.
 *  Backup your crontabs.
 *  Export crontab and deploy on other machines without much hassle.
 *  Error log support.
 *  Mailing and hooks support.

Bug#1016567: python3-wtforms: missing compiled message files

[Joseph Nahmias]

Package: python3-wtforms
Version: 2.2.1-1
Severity: normal
X-Debbugs-Cc: j...@nahmias.net

Hello,

It seems that the wtforms.mo compiled gettext message catalogs are no
longer being generated and distributed in the python3-wtforms package.
They do exist in 2.1-1 (stretch). This causes an issue if a python
program which uses wtforms tries to respect the declared locale. For
example, I see the following error in the wtforms-alchemy testsuite:

 TestModelFormFactory.test_class_meta_wtforms2 _

self = 

def test_class_meta_wtforms2(self):
if LooseVersion(wtforms.__version__) < LooseVersion('2'):
return  # skip test for wtforms < 2

self.init()

class SomeForm(Form):
class Meta:
locales = ['fr']
foo = 9

class OtherForm(SomeForm):
class Meta:
pass

class TestCustomBase(model_form_factory(SomeForm)):
class Meta:
model = self.ModelTest

>   form = TestCustomBase()

tests/test_model_form_factory.py:112: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
/usr/lib/python3/dist-packages/wtforms/form.py:212: in __call__
return type.__call__(cls, *args, **kwargs)
wtforms_alchemy/__init__.py:290: in __init__
super(ModelForm, self).__init__(*args, **kwargs)
/usr/lib/python3/dist-packages/wtforms/form.py:272: in __init__
super(Form, self).__init__(self._unbound_fields, meta=meta_obj, 
prefix=prefix)
/usr/lib/python3/dist-packages/wtforms/form.py:44: in __init__
translations = self._get_translations()
/usr/lib/python3/dist-packages/wtforms/form.py:85: in _get_translations
return self.meta.get_translations(self)
/usr/lib/python3/dist-packages/wtforms/meta.py:108: in get_translations
translations = self.translations_cache[locales] = 
i18n.get_translations(locales)
/usr/lib/python3/dist-packages/wtforms/i18n.py:37: in get_translations
translations = getter(languages)
/usr/lib/python3/dist-packages/wtforms/i18n.py:25: in 
get_builtin_gnu_translations
return gettext.translation('wtforms', messages_path(), languages)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

domain = 'wtforms', localedir = '/usr/lib/python3/dist-packages/wtforms/locale'
languages = ('fr',), class_ = 
fallback = False, codeset = ['unspecified']

def translation(domain, localedir=None, languages=None,
class_=None, fallback=False, codeset=_unspecified):
if class_ is None:
class_ = GNUTranslations
mofiles = find(domain, localedir, languages, all=True)
if not mofiles:
if fallback:
return NullTranslations()
from errno import ENOENT
>   raise FileNotFoundError(ENOENT,
'No translation file found for domain', 
domain)
E   FileNotFoundError: [Errno 2] No translation file found for domain: 
'wtforms'

/usr/lib/python3.10/gettext.py:607: FileNotFoundError


Please add this back into the package.
Thanks,
--Joe

Bug#1016507: ITP: python-intervals -- tools for handling intervals (ranges of comparable objects) in python

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-pyt...@lists.debian.org, 
j...@nahmias.net, kon...@fastmonkeys.com

* Package name: python-intervals
  Version : 0.9.2
  Upstream Author : Konsta Vesterinen 
* URL : https://github.com/kvesteri/intervals
* License : BSD
  Programming Lang: Python
  Description : tools for handling intervals (ranges of comparable objects) 
in python

 This package provides objects, methods, constructors and functions for
 representing and manipulating mathematical intervals. Included are
 factory methods for creating intervals objects, comparison operators,
 set operators, and arithmetic functions.

Bug#1016504: ITP: wtforms-components -- various additional fields, validators and widgets for WTForms

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-pyt...@lists.debian.org, 
j...@nahmias.net, kon...@fastmonkeys.com

* Package name: wtforms-components
  Version : 0.10.5
  Upstream Author : Konsta Vesterinen 
* URL : https://github.com/kvesteri/wtforms-components
* License : BSD
  Programming Lang: Python
  Description : various additional fields, validators and widgets for 
WTForms

 WTForms-Components provides enhanced versions of some WTForms HTML5
 fields and some additional new fields and validatiors.
 These enhancements include:
 .
  * DateTimeField
  * IntegerField
  * SelectField
  * SelectMultipleField
  * ColorField
  * NumberRangeField
  * PassiveHiddenField
  * Read-only fields
  * DateRange validator
  * Email validator
  * If validator
  * Unique Validator

Bug#1016462: ITP: wtforms-test -- unit test helpers for WTForms forms

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-pyt...@lists.debian.org, 
j...@nahmias.net, kon...@fastmonkeys.com

* Package name: wtforms-test
  Version : 0.1.1
  Upstream Author : Konsta Vesterinen 
* URL : https://github.com/kvesteri/wtforms-test
* License : BSD
  Programming Lang: Python
  Description : pytest helpers for WTForms

 WTForms-Test provides various pytest unittest helpers for testing WTForms
 based forms. Includes checks for a field's existence on a form, and various
 attributes on a field such as: validators, min/max length, description,
 optional/required, etc...

Bug#1016461: ITP: wtforms-alchemy -- Tools for creating WTForms forms from SQLAlchemy models

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-pyt...@lists.debian.org, 
j...@nahmias.net, kon...@fastmonkeys.com

* Package name: wtforms-alchemy
  Version : 0.18.0
  Upstream Author : Konsta Vesterinen 
* URL : https://github.com/kvesteri/wtforms-alchemy
* License : BSD
  Programming Lang: Python
  Description : Tools for creating WTForms forms from SQLAlchemy models

 WTForms-Alchemy provides a helper class that let you create a Form class
 from a SQLAlchemy model. It does not try to replace all the functionality
 of wtforms.ext.sqlalchemy, only the model_form function of
 wtforms.ext.sqlalchemy by a much better solution. Other functionality of
 .ext.sqlalchemy such as QuerySelectField and QuerySelectMultipleField can be
 used along with WTForms-Alchemy.
 .
 The benefits of WTForms-Alchemy ModelForm over wtforms.ext.sqlachemy’s
 model_form include:
 .
  * Provides explicit declaration of ModelForms (much easier to override
certain columns)
  * Form generation supports Unique and NumberRange validators
  * Form inheritance support (along with form configuration inheritance)
  * Automatic SelectField type coercing based on underlying column type
  * By default uses wtforms_components SelectField for fields with choices.
This field understands None values and renders nested datastructures as
optgroups.
  * Provides better Unique validator
  * Supports custom user defined types as well as type decorators
  * Supports SQLAlchemy-Utils datatypes
  * Supports ModelForm model relations population
  * Smarter field exclusion
  * Smarter field conversion
  * Understands join table inheritance
  * Better configuration

Bug#1016460: ITP: wtforms-json -- smart json support for WTForms

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-pyt...@lists.debian.org, 
kon...@fastmonkeys.com, j...@nahmias.net

* Package name: wtforms-json
  Version : 0.3.5
  Upstream Author : Konsta Vesterinen 
* URL : https://github.com/kvesteri/wtforms-json
* License : BSD
  Programming Lang: Python
  Description : smart json support for WTForms

 WTForms-JSON is a WTForms extension for JSON data handling. It:
 .
  * Adds support for booleans (WTForms doesn’t know how to handle
False boolean values)
  * Adds support for None type FormField values
  * Adds support for None type Field values
  * Support for patch data requests with patch_data Form property
  * Function for converting JSON data into dict that WTForms
understands (flatten_json() function)

This package is a dependency for superset.
I plan to maintain this as part of the Debian Python Team (DPT).

Bug#1016172: RFP: snapdrop -- local file sharing webapp

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, pkg-javascript-de...@lists.alioth.debian.org

* Package name: snapdrop
  Version : 0
  Upstream Author : Robin Linus
* URL : https://github.com/RobinLinus/snapdrop
* License : GPL3
  Programming Lang: Javascript
  Description : local file sharing webapp

Snapdrop enables peer-to-peer filesharing using the users' browser.

Bug#1016147: lintian: false positive missing-build-dependency-for-dh-addon python3 when using dh-sequence-python3

[Joseph Nahmias]

Package: lintian
Version: 2.115.1~bpo11+1
Severity: normal
X-Debbugs-Cc: j...@nahmias.net

Hello,

A common way to use the pybuild debhelper addon is to build-dep on
dh-sequence-python3, which is provided by the dh-python package. Please
update the test to accept this as a valid fulfillment of the requirement.

One package that I see this error with is flask-appbuilder 4.1.3+ds-1.

Thanks,
--Joe

Bug#362012: tdsodbc: improved debconf handling for driver registration

[Joseph Nahmias]

Package: tdsodbc
Version: 1.3.6-1.1
Followup-For: Bug #362012
X-Debbugs-Cc: j...@nahmias.net

Hello,

I recently got bit by this when setting up a new machine to connect to MSSQL.

On Tue, 11 Apr 2006 14:02:02 -0700 Steve Langasek  wrote:
> I agree that the ODBC driver handling needs to be reworked.  I would like
> the drivers to be managed by default, but there are currently some bugs in
> the handling and I also have to make sure I'm handling this in a
> policy-compliant manner.

It's been a while now, any updates?

Can you list your specific concerns?
I'd be happy to work on a patch for this if I knew what would be acceptable.

Thanks,
--Joe

Bug#1014408: RFP: echarts -- powerful, interactive charting and data visualization library for browser

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, d...@echarts.apache.org, 
pkg-javascript-de...@lists.alioth.debian.org

* Package name: echarts
  Version : 5.3.3
  Upstream Author : d...@echarts.apache.org
* URL : https://echarts.apache.org/
* License : Apache 2.0
  Programming Lang: JS / Typescript
  Description : powerful, interactive charting and data visualization 
library for browser

Apache ECharts is a free, powerful charting and visualization library offering
an easy way of adding intuitive, interactive, and highly customizable charts to
your commercial products. It is written in pure JavaScript and based on
zrender, which is a whole new lightweight canvas library.

Apache EChartsTM is an open-sourced JavaScript visualization tool, which can
run fluently on PC and mobile devices. It is compatible with most modern Web
Browsers, e.g., IE9/10/11, Chrome, Firefox, Safari and so on. ECharts depends
on ZRender, a graphic rendering engine, to create intuitive, interactive, and
highly-customizable charts.

Bug#1013962: please include serial module in signed grub-efi package

[Joseph Nahmias]

Package: grub-efi-amd64-bin
Version: 2.06-3
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net

Hello,

I was trying to debug why the grub menu was not showing up on my VMs
(emulated) serial console. I ended up dropping to the grub command-line
and running:

  grub> serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
  error: prohibited by secure boot policy.

Please add the grub serial module to enable this important
functionality when using secure boot!

Much appreciated,
--Joe


-- Package-specific info:

-- System Information:
Debian Release: bookworm/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.18.0-2-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages grub-efi-amd64-bin depends on:
ii  grub-common  2.06-3

Versions of packages grub-efi-amd64-bin recommends:
ii  efibootmgr 17-1
ii  grub-efi-amd64-signed  1+2.06+3

grub-efi-amd64-bin suggests no packages.

-- no debconf information

Bug#1012455: ITP: gregwar-captcha -- PHP library to generate CAPTCHAs

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, j...@nahmias.net, 
pkg-php-p...@lists.alioth.debian.org, Grégoire Passault , 
Jeremy Livingston 

* Package name: gregwar-captcha
  Version : 1.1.9
  Upstream Author : Grégoire Passault 
  Upstream Author : Jeremy Livingston 
* URL : https://github.com/Gregwar/Captcha
* License : MIT
  Programming Lang: PHP
  Description : PHP library to generate CAPTCHAs
 The gregwar/captcha package offers a library for generating and validating a
 Completely Automated Public Turing test to tell Computers and Humans Apart
 (aka CAPTCHA).

Dependency of KanBoard.
Will be maintained within PHP Team.

I will remove the embedded fonts and depend on some that are already packaged
in Debian.

Bug#1012403: python3-python-flask-jwt-extended,python3-flask-jwt-extended: duplicate packages

[Joseph Nahmias]

Control: retitle -1 RM: flask-jwt-extended -- ROM; duplicate pacakge

On Mon, Jun 06, 2022 at 07:19:42PM -0300, Emmanuel Arias wrote:
> Hi,
> 
> I cc Joseph.
> 
> Joseph, flask-jwt-extended is in Debian from some time ago
> https://tracker.debian.org/pkg/python-flask-jwt-extended.
> 
> On Mon, Jun 6, 2022 at 11:15 AM Andreas Beckmann  wrote:
> 
> > Package: python3-python-flask-jwt-extended,python3-flask-jwt-extended
> > Version: 4.4.0-1
> > Severity: serious
> >
> > looks like a duplicate package was just uploaded to the archive.
> >
> > Andreas
> >
> >

Sorry, don't know how I missed this. Please go ahead and RM my package.
--Joe

Bug#1012239: ITP: christianriesen-otp -- PHP library to check HOTP and TOTP one time passwords

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, j...@nahmias.net, 
chris.rie...@gmail.com, pkg-php-p...@lists.alioth.debian.org

* Package name: christianriesen-otp
  Version : 1.4.3
  Upstream Author : Christian Riesen 
* URL : https://github.com/ChristianRiesen/otp
* License : MIT
  Programming Lang: PHP
  Description : PHP library to check HOTP and TOTP one time passwords

 Implements hotp according to RFC4226 and totp according to RFC6238 (only
 sha1 algorithm). Once you have a secret, you can use it directly in this
 class to create the passwords themselves (mainly for debugging use) or use
 the check functions to safely check the validity of the keys. The checkTotp
 function also includes a helper to battle timedrift.
 .
 Also includes a static GoogleAuthenticator function class to generate a
 correct url for the QR code, so you can easy scan it with your device.
 Google Authenticator is available as application for iPhone and Android.
 This removes the burden to create such an app from the developers of
 websites by using this set of classes.

Dependency of KanBoard.
Will be maintained within PHP Team.

Bug#1012182: ITP: eluceo-ical -- PHP library to create iCal calendars and ICS files

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, j...@nahmias.net, 
pkg-php-p...@lists.alioth.debian.org, mar...@eluceo.de

* Package name: eluceo-ical
  Version : 0.16.1
  Upstream Author : Markus Poerschke 
* URL : https://ical.poerschke.nrw/
* License : MIT
  Programming Lang: PHP
  Description : PHP library to create iCal calendars and ICS files

This package offers a abstraction layer for creating iCalendars. The output
will follow RFC 5545 as best as possible.

The following components are supported at this time:
.
VCALENDAR
VEVENT
VALARM
VTIMEZONE

Dependency of KanBoard.
Will be maintained within PHP Team.

Bug#1012159: ITP: matthiasmullie-minify -- concatenates and minifies CSS and JavaScript code

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, j...@nahmias.net, 
pkg-php-p...@lists.alioth.debian.org, min...@mullie.eu

* Package name: matthiasmullie-minify
  Version : 1.3.68
  Upstream Author : Matthias Mullie 
* URL : https://github.com/matthiasmullie/minify
* License : MIT
  Programming Lang: PHP
  Description : concatenates and minifies CSS and JavaScript code

 Removes whitespace, strips comments, combines files (incl. @import statements
 and small assets in CSS files), and optimizes/shortens a few common
 programming patterns.

Dependency of KanBoard.
Will be maintained within PHP Team.

Bug#1012157: ITP: matthiasmullie-path-converter -- PHP library to generate relative path from one file to another

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, j...@nahmias.net, 
pathconver...@mullie.eu, pkg-php-p...@lists.alioth.debian.org

* Package name: matthiasmullie-path-converter
  Version : 1.1.3
  Upstream Author : Matthias Mullie 
* URL : https://github.com/matthiasmullie/path-converter
* License : MIT
  Programming Lang: PHP
  Description : PHP library to generate relative path from one file to 
another

 This library for PHP calculates the relative path traversal from one file
 to another.

Dependency of KanBoard.
Will be maintained within PHP Team.

Bug#1011321: ITP: flask-jwt-extended -- Flask extension that provides JWT support

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-pyt...@lists.debian.org, 
j...@nahmias.net, lily.gilb...@hey.com

* Package name: flask-jwt-extended
  Version : 4.4.0
  Upstream Author : Lily Acadia Gilbert 
* URL : https://github.com/vimalloc/flask-jwt-extended
* License : Expat
  Programming Lang: Python
  Description : Flask extension that provides JWT support

 Flask-JWT-Extended not only adds support for using JSON Web Tokens (JWT) to
 Flask for protecting routes, but also many helpful (and optional) features
 built in to make working with JSON Web Tokens easier. These include:
 .
  * Adding custom claims to JSON Web Tokens
  * Automatic user loading (current_user).
  * Custom claims validation on received tokens
  * Refresh tokens
  * First class support for fresh tokens for making sensitive changes.
  * Token revoking/blocklisting
  * Storing tokens in cookies and CSRF protection


Needed as a dependency of Flask-AppBuilder.
I plan to maintain this as part of the Debian Python Team (DPT).

Bug#1010902: RFP: mlb-statsapi -- python module wrapping the MLB Statistics API

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, t...@toddrob.com, debian-pyt...@lists.debian.org

* Package name: mlb-statsapi
  Version : 1.4.2
  Upstream Author : Todd Roberts 
* URL : https://github.com/toddrob99/MLB-StatsAPI
* License : GPL-3
  Programming Lang: Python
  Description : python module wrapping the MLB Statistics API

Good candidate for the Debian Python Team [DPT]

Bug#1009695: does not follow symlinks

[Joseph Nahmias]

Package: eyed3
Version: 0.8.10-4
Severity: normal
File: /usr/bin/eyeD3
X-Debbugs-Cc: j...@nahmias.net

Hello,

eyeD3 works properly when given a direct path to an MP3 file. However, if you
have a symlink to an MP3, eyeD3 fails to follow the symlink and doesn't read
the data from the linked to MP3 file.  For example:

$ eyeD3 -Q test.mp3
/tmp/foobar/test.mp3[ 7.30 MB ]

Time: 03:02 MPEG1, Layer III[ 320 kb/s @ 44100 Hz - Joint stereo ]

ID3 v2.3: 7 frames

$ ln -s test.mp3 link.mp3
$ ls -laFq link.mp3
lrwxrwxrwx 1 joe joe 8 Apr 14 07:59 link.mp3 -> test.mp3
$ eyeD3 -l debug link.mp3
eyed3:DEBUG: command line args: Namespace(log_level=[['debug']], 
debug_profile=False, debug_pdb=False, excludes=None, fs_encoding='utf-8', 
paths=['link.mp3'], list_plugins=False, plugin=, config=None, backup=False, quiet=False, no_color=False, 
no_config=False, artist=None, album=None, album_artist=None, title=None, 
track=None, track_total=None, track_offset=None, composer=None, disc_num=None, 
disc_total=None, genre=None, non_std_genres=False, release_year=None, 
simple_comment=None, rename_pattern=None, tag_version=(3, None, None), 
convert_version=None, release_date=None, orig_release_date=None, 
recording_date=None, encoding_date=None, tagging_date=None, publisher=None, 
play_count=None, bpm=None, unique_file_ids=[], comments=[], remove_comment=[], 
remove_all_comments=False, lyrics=[], remove_lyrics=[], 
remove_all_lyrics=False, text_frames=[], user_text_frames=[], url_frames=[], 
user_url_frames=[], images=[], remove_image=[], remove_all_images=False, 
write_images_dir=None, objects=[], remove_object=[], write_objects_dir=None, 
remove_all_objects=False, popularities=[], remove_popularity=[], 
remove_v1=False, remove_v2=False, remove_all=False, remove_fids=[], 
max_padding=True, text_encoding=None, force_update=False, verbose=False, 
preserve_file_time=False)
eyed3:DEBUG: plugin is: 
eyed3.core:DEBUG: Loading file: /tmp/foobar/link.mp3
eyed3.core:DEBUG: File mime-type: inode/symlink
Nothing to do
$


-- System Information:
Debian Release: 11.3
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug'), 
(500, 'proposed-updates-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-13-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages eyed3 depends on:
ii  python33.9.2-3
ii  python3-eyed3  0.8.10-4
ii  python3-pkg-resources  52.0.0-4

eyed3 recommends no packages.

eyed3 suggests no packages.

-- no debconf information

Bug#1008676: RFP: danecheck -- DANE SMTP checker

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, postfix-us...@dukhovni.org, 
debian-hask...@lists.debian.org

* Package name: danecheck
  Version : 1.1.0
  Upstream Author : Viktor Dukhovni 
* URL : https://github.com/vdukhovni/danecheck
* License : BSD
  Programming Lang: Haskell
  Description : DANE SMTP checker

This is a tool to check DANE TLSA security for SMTP.

Features:
 *  Test the local resolver configuration by verifying the validity of the
root zone DNSKEY and SOA RRSets.
 *  Test whether DNSSEC is enabled for a given TLD.
 *  Check whether an email domain is fully protected (across all of its MX
hosts) by DANE TLSA records, and whether these match the actual
certificate chains seen at each IP address of each MX host.
 *  Perform certificate chain verification at a time offset from the current
time to ensure that that certificates are not about to expire too soon.

A non-zero exit status is returned if any DNS lookups fail or if the MX records
or MX hosts are in an unsigned zone, or if for one of the MX hosts no
associated secure TLSA records are found. A non-zero exit status is also
returned if any of the SMTP connections fail to establish a TLS connection or
yield a certificate chain that does not match the TLSA records.


Packaging note:

I do not know haskell, so wouldn't really be a good maintainer, thus submitting
this as an RFP. 

Bug#1008646: generic php-fpm.sock not created on sysvinit systems

[Joseph Nahmias]

Package: php7.4-fpm
Version: 7.4.28-1+deb11u1
Severity: normal
File: /etc/init.d/php7.4-fpm
Tags: patch
X-Debbugs-Cc: j...@nahmias.net

Hello,

I've noticed that the php7.4-fpm package doesn't create the generic socket file
/run/php/php-fpm.sock (managed by alternatives) when using sysvinit. It seems
this was rolled into the systemd service unit file, but wasn't added to the
sysvinit script. Here's a patch that adds it (along with an related bugfix
for the permissions of the /run/php directory):

--- /etc/init.d/php7.4-fpm.orig 2021-10-23 21:53:50.0 +
+++ /etc/init.d/php7.4-fpm  2022-03-30 02:31:05.339118410 +
@@ -49,6 +49,7 @@
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS 2>/dev/null \
|| return 2
+   /usr/lib/php/php-fpm-socket-helper install /run/php/php-fpm.sock 
/etc/php/7.4/fpm/pool.d/www.conf 74
# Add code here, if necessary, that waits for the process to be ready
# to handle requests from services started subsequently which depend
# on this one.  As a last resort, sleep for some time.
@@ -77,6 +78,7 @@
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
+   /usr/lib/php/php-fpm-socket-helper remove /run/php/php-fpm.sock 
/etc/php/7.4/fpm/pool.d/www.conf 74
return "$RETVAL"
 }

@@ -96,7 +98,7 @@
 case "$1" in
 start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
-   mkdir --mode=07500 /run/php
+   mkdir --parents --mode=0755 /run/php
chown www-data:www-data /run/php
case "$?" in
0)


-- System Information:
Debian Release: 11.2
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug'), 
(500, 'proposed-updates-debug')
Architecture: i386 (i686)

Kernel: Linux 5.10.0-10-686-pae (SMP w/1 CPU thread)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages php7.4-fpm depends on:
ii  libacl1 2.2.53-10
ii  libapparmor12.13.6-10
ii  libargon2-1 0~20171227-0.2
ii  libc6   2.31-13+deb11u2
ii  libmagic1   1:5.39-3
ii  libpcre2-8-010.36-2
ii  libsodium23 1.0.18-1
ii  libssl1.1   1.1.1k-1+deb11u1
ii  libsystemd0 247.3-6
ii  libxml2 2.9.10+dfsg-6.7
ii  mime-support3.66
ii  php7.4-cli  7.4.28-1+deb11u1
ii  php7.4-common   7.4.28-1+deb11u1
ii  php7.4-json 7.4.28-1+deb11u1
ii  php7.4-opcache  7.4.28-1+deb11u1
ii  procps  2:3.3.17-5
ii  tzdata  2021a-1+deb11u2
ii  ucf 3.0043
ii  zlib1g  1:1.2.11.dfsg-2

php7.4-fpm recommends no packages.

Versions of packages php7.4-fpm suggests:
pn  php-pear  

Versions of packages php7.4-common depends on:
ii  libc6   2.31-13+deb11u2
ii  libffi7 3.3-6
ii  libssl1.1   1.1.1k-1+deb11u1
ii  php-common  2:76
ii  ucf 3.0043


-- no debconf information

Bug#1008232: RFP: soapui -- API and web service testing tool

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, debian-j...@lists.debian.org

* Package name: soapui
  Version : 5.7.0
  Upstream Author : Smartbear
* URL : https://github.com/SmartBear/soapui
* URL : http://www.soapui.org/
* License : EUPL
  Programming Lang: Java
  Description : API and web service testing tool

SoapUI is a free and open source cross-platform functional testing solution for
APIs and web services.  SoapUI allows you to easily and rapidly create and
execute automated functional, regression, and load tests. In a single test
environment, it provides complete test coverage - from SOAP and REST-based
Web services, to JMS enterprise messaging layers, databases, Rich Internet
Applications, and much more.
 * Functional Testing
 * Service Simulation
 * Security testing
 * Load Testing
 * Technology Support
 * Automation
 * Analytics

Bug#1008183: RFP: hoppscotch -- Web API development environment

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, supp...@hoppscotch.io, 
pkg-javascript-de...@lists.alioth.debian.org

* Package name: hoppscotch
  Version : 2.2.1
  Upstream Author : Hoppscotch 
* URL : https://github.com/hoppscotch/hoppscotch
* License : MIT
  Programming Lang: Javascript
  Description : Web API development environment

Hoppscotch is light-weight, web based API development suite. It was built from
ground up with ease of use and accessibility in mind providing all the
functionality needed for API developers with minimalist, unobtrusive UI. It is
free-to-use and as an added perk completely Open Source!

### **Features**

❤️ **Lightweight:** Crafted with minimalistic UI design.

⚡️ **Fast:** Send requests and get/copy responses in real-time.

**HTTP Methods**

- `GET` - Requests retrieve resource information
- `POST` - The server creates a new entry in a database
- `PUT` - Updates an existing resource
- `PATCH` - Very similar to `PUT` but makes a partial update on a resource
- `DELETE` - Deletes resource or related component
- `HEAD` - Retrieve response headers identical to those of a GET request, but 
without the response body.
- `CONNECT` - Establishes a tunnel to the server identified by the target 
resource
- `OPTIONS` - Describe the communication options for the target resource
- `TRACE` - Performs a message loop-back test along the path to the target 
resource
- `` - Some APIs use custom request methods such as `LIST`. Type in 
your custom methods.

 **PWA:** Install as a Progressive Web App on your device.

- Instant loading with Service Workers
- Offline support
- Low RAM/memory and CPU usage
- Add to Home Screen
- Desktop PWA

 **Request:** Retrieve response from endpoint instantly.

1. Choose `method`
2. Enter `URL`
3. Send

- Copy/share public "Share URL"
- Generate/copy request code snippets for 10+ languages and frameworks
- Import `cURL`
- Label requests

 **WebSocket:** Establish full-duplex communication channels over a single TCP 
connection.

 **Server-Sent Events:** Receive a stream of updates from a server over an 
HTTP connection without resorting to polling.

 **Socket.IO:** Send and Receive data with SocketIO server.

烈 **MQTT:** Subscribe and Publish to topics of an MQTT Broker.

 **GraphQL:** GraphQL is a query language for APIs and a runtime for 
fulfilling those queries with your existing data.

- Set endpoint and get schema
- Multi-column docs
- Set custom request headers
- Query schema
- Get query response

 **Authorization:** Allows to identify the end-user.

- None
- Basic
- Bearer Token
- OAuth 2.0
- OIDC Access Token/PKCE

 **Headers:** Describes the format the body of your request is being sent as.

 **Parameters:** Use request parameters to set varying parts in simulated 
requests.

 **Request Body:** Used to send and receive data via the REST API.

- Set `Content Type`
- FormData, JSON, and many more
- Toggle between key-value and RAW input parameter list

 **Response:** Contains the status line, headers, and the message/response 
body.

- Copy response to clipboard
- Download response as a file
- View response headers
- View raw and preview of HTML, image, JSON, XML responses

⏰ **History:** Request entries are synced with cloud / local session storage to 
restore with a single click.

 **Collections:** Keep your API requests organized with collections and 
folders. Reuse them with a single click.

- Unlimited collections, folders, and requests
- Nested folders
- Export and import as a file or GitHub gist

_Collections are synced with cloud / local session storage_

 **Proxy:** Enable Proxy Mode from Settings to access blocked APIs.

- Hide your IP address
- Fixes [`CORS`](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) 
(Cross-Origin Resource Sharing) issues
- Access APIs served in non-HTTPS (`http://`) endpoints
- Use your Proxy URL

 **Pre-Request Scripts β:** Snippets of code associated with a request that is 
executed before the request is sent.

- Set environment variables
- Include timestamp in the request headers
- Send a random alphanumeric string in the URL parameters
- Any JavaScript functions

 **API Documentation:** Create and share dynamic API documentation easily, 
quickly.

1. Add your requests to Collections and Folders
2. Export Collections and easily share your APIs with the rest of your team
3. Import Collections and Generate Documentation on-the-go


✅ **Post-Request Tests β:** Write tests associated with a request that is 
executed after the request's response.

- Check the status code as an integer
- Filter response headers
- Parse the response data
- Set environment variables
- Write JavaScript code

 **Environments** : Environment variables allow you to store and reuse values 
in your requests and scripts.

- Unlimited environments and variables
- Initialize through the pre-request script
- Export as / import from GitHub gist

Bug#1006598: RFP: tlpui -- GTK user interface for laptop power management

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net

* Package name: tlpui
  Version : 1.5.0
  Upstream Author : Daniel Christophis - 
* URL : https://github.com/d4nj1/TLPUI
* License : GPL v2 or later
  Programming Lang: Python
  Description : GTK user interface for laptop power management

TLP is an advanced power management tool for optimizing battery life on laptops
running Linux. Its default configuration is usually enough to see an
improvement in battery life, however, TLP offers a wide range of configuration
options which can be changed by editing its configuration file.
  * Supports TLP versions 0.8-1.5 Configuration can be read and displayed Shows
  * information about configuration changes (defaults/unsaved and dropin/user
  * config) Changes can be saved with user and sudo permissions (e.g.
  * /etc/default/tlp or /etc/tlp.conf) tlp-stat can be load in ui (simple and
  * complete)
TLP is a command line tool and it doesn't come with a graphical user interface,
but there is a third-party GTK GUI (written in Python) interface for TLP,
called TLPUI.

Bug#1005415: RFP: wavedrom -- Digital timing diagram editor & rendering engine

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, pkg-javascript-de...@lists.alioth.debian.org, 
waved...@googlegroups.com

* Package name: wavedrom
  Version : 2.8.3
  Upstream Author : Aliaksei Chapyzhenka 
* URL : https://wavedrom.com/
* License : MIT
  Programming Lang: JavaScript / Node
  Description : Digital timing diagram editor & rendering engine

WaveDrom is a Free and Open Source online digital timing diagram (waveform)
rendering engine that uses javascript, HTML5 and SVG to convert a WaveJSON
input text description into SVG vector graphics.

WaveJSON is an application of the JSON format. The purpose of WaveJSON is to
provide a compact exchange format for digital timing diagrams utilized by
digital HW / IC engineers.

The engine is using WaveDromSkin skin mechanism to render a complete picture.

Bug#1003092: RFP: vim-bracketed-paste -- plugin to handle bracketed-paste-mode in vim

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, team+...@tracker.debian.org

* Package name: vim-bracketed-paste
* URL : https://github.com/ConradIrwin/vim-bracketed-paste
* License : MIT
  Programming Lang: VIM
  Description : plugin to handle bracketed-paste-mode in vim

vim-bracketed-paste enables transparent pasting into vim.
(i.e. no more :set paste!)
Requires a modern xterm-compatible terminal emulator that supports bracketed
paste mode. xterm, urxvt, iTerm2, gnome-terminal (and other terminals using
libvte) are known to work.

Bug#1001996: ITP: 1oom -- Master of Orion engine

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: je...@debian.org

Subject: ITP: 1oom -- Master of Orion engine
Package: wnpp
Owner:  
Severity: wishlist

* Package name: 1oom
  Version : 1.0
  Upstream Author : Kilgore Trout Mask Replicant 

* URL : https://kilgoretroutmaskreplicant.gitlab.io/plain-html/
* License : GPL-2.0+
  Programming Lang: C
  Description : Master of Orion engine
 This package provides an open source re-implementaiton of the game engine
 for Master of Orion (1993).
 .
 Note: This package only contains the engine. You will need the original
 game files (*.LBX) in order to play.

Remark: This package is maintained by Joseph Nahmias at
   https://salsa.debian.org/games-team/1oom

Bug#1001775: ITP: textarea-caret.js -- JS library to get the xy coords of a textarea or input's caret

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, 
pkg-javascript-de...@lists.alioth.debian.org, j...@nahmias.net, 
m...@jongleberry.com
Control: block 790814 by -1

* Package name: textarea-caret.js
  Version : 3.0.2
  Upstream Author : Jonathan Ong 
* URL : https://github.com/component/textarea-caret-position
* License : Expat
  Programming Lang: Javascript

Description: JS library to get the xy coords of a textarea or input's caret
 Javascript library which finds the top and left coordinates of the caret in
 a  or , in pixels. Useful for textarea
 autocompletes like GitHub or Twitter, or for single-line autocompletes like
 the name drop-down in Twitter or Facebook's search or the company dropdown
 on Google Finance.
 .
 Features include:
  * supports s and  elements
  * pixel precision with any combination of paddings, margins, borders,
heights vs. line-heights etc.
  * keyboard, mouse support and touch support
  * no dependencies whatsoever
  * browser compatibility: Chrome, Safari, Firefox, Opera, IE9+
  * supports any font family and size, as well as text-transforms
  * not confused by horizontal or vertical scrollbars in the textarea
  * supports hard returns, tabs (except on IE) and consecutive spaces in
the text
  * correct position on lines longer than the columns in the text area
  * no problem getting the correct position when the input text is scrolled
(i.e. the first visible character is no longer the first in the text)
  * no "ghost" position in the empty space at the end of a line when wrapping
long words in a 
  * RTL (right-to-left) support

Bug#1001308: RFP: nova-the-squirrel -- Nova the Squirrel platform arcade game

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net, bushyt...@novasquirrel.com, 
debian-devel-ga...@lists.debian.org

* Package name: nova-the-squirrel
  Version : 1.0.6
  Upstream Author : NovaSquirrel 
* URL : https://novasquirrel.itch.io/nova-the-squirrel
* License : GPL3+
  Programming Lang: ASM
  Description : Nova the Squirrel platform arcade game

 Nova the Squirrel is a platformer game for the NES that draws inspiration
 from a lot of different games -- especially the Super Mario Bros series.
 It features ability copying and focuses on interesting puzzle mechanics.
 .
  * 33 different levels across 5 worlds, and 7 bosses to fight
  * Copy the abilities of your enemies. (10 in all!)
  * Over 35 different types of enemies, plus variants.
  * Interesting puzzle mechanics.
  * A collectible in every level for those wanting a challenge.
  * A few bonus challenge levels after the main game.

Bug#1001228: ITP: jupyter-kernel-test -- tool to test Jupyter kernels

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-pyt...@lists.debian.org, 
j...@nahmias.net

* Package name: jupyter-kernel-test
  Version : 0.4.2
  Upstream Author : Jupyter Development Team 
* URL : https://github.com/jupyter/jupyter_kernel_test
* License : BSD
  Programming Lang: Python
  Description : tool to test Jupyter kernels

jupyter_kernel_test is a tool for testing Jupyter kernels. It tests kernels
for successful code execution and conformance with the Jupyter Messaging
Protocol (currently 5.0).

Bug#1001134: RFP: lerna -- A tool for managing JavaScript projects with multiple packages.

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net

* Package name: lerna
  Version : 4.0.0
  Upstream Author : Lerna Contributors
* URL :  , 
* License : MIT
  Programming Lang: Javascript
  Description : A tool for managing JavaScript projects with multiple 
packages.

Splitting up large codebases into separate independently versioned packages is
extremely useful for code sharing. However, making changes across many
repositories is messy and difficult to track, and testing across repositories
becomes complicated very quickly.

To solve these (and many other) problems, some projects will organize their
codebases into multi-package repositories (sometimes called monorepos).
Projects like Babel, React, Angular, Ember, Meteor, Jest, and many others
develop all of their packages within a single repository.

Lerna is a tool that optimizes the workflow around managing multi-package
repositories with git and npm.

Lerna can also reduce the time and space requirements for numerous copies of
packages in development and build environments - normally a downside of
dividing a project into many separate NPM packages. See the hoist documentation
for details.

Bug#1000295: ITP: odpi -- ODPI-C: Oracle Database Programming Interface for Drivers and Applications

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, j...@nahmias.net

* Package name: odpi
  Version : 4.3.0
  Upstream Author : Oracle
* URL : https://github.com/oracle/odpi
* License : Apache
  Programming Lang: C
  Description : ODPI-C: Oracle Database Programming Interface for Drivers 
and Applications

 Oracle Database Programming Interface for C (ODPI-C) is an open source
 library of C code that simplifies access to Oracle Database for applications
 written in C or C++. It is a wrapper over Oracle Call Interface (OCI) that
 makes applications and language interfaces easier to develop.
 .
 ODPI-C supports basic and advanced features of Oracle Database and Oracle
 Client. See the homepage for a list.

Note: this package will go into the contrib archive section as it requires
the non-free Oracle client.

Bug#999506: RFP: pytest-tornasync -- pytest plugin for testing Tornado apps using native coroutine tests

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: sapientdust+pytest-tornas...@gmail.com, 
debian-pyt...@lists.debian.org

* Package name: pytest-tornasync
  Version : 0.5.0
  Upstream Author : eukaryote 
* URL : https://github.com/eukaryote/pytest-tornasync
* License : MIT
  Programming Lang: Python
  Description : pytest plugin for testing Tornado apps using native 
coroutine tests

 A simple pytest plugin that provides some helpful fixtures for testing Tornado
 (version 5.0 or newer) apps and easy handling of plain (undecoratored) native
 coroutine tests (Python 3.5+).
 .
 Why another Tornado pytest plugin when the excellent pytest-tornado already
 exists? The main reason is that I didn't want to have to decorate every test
 coroutine with @pytest.mark.gen_test. This plugin doesn't have anything like
 gen_test. Defining a test with async def and a name that begins with test_ is
 all that is required.

Bug#999501: need wheel of newer setuptools for virtualenv

[Joseph Nahmias]

Package: python-pip-whl
Version: 20.3.4-4
Severity: normal
File: /usr/share/python-wheels/setuptools-44.1.1-py2.py3-none-any.whl

Hello,

I am working on packaging jupyter-packaging. In order to run its test suite, I
am trying to have it use tox. However, the standard virtualenv populates using
the setuptools wheel in /usr/share/python-wheels/ which is built from the
python2 version of the module. I need a newer version of setuptools for my use
case. It should be possible to include an additional wheel for the latest
version from python3-setuptools in addition to the current one.

Thanks,
--Joe


-- System Information:
Debian Release: 11.1
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug'), 
(500, 'proposed-updates-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-9-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python-pip-whl depends on:
ii  ca-certificates  20210119

python-pip-whl recommends no packages.

python-pip-whl suggests no packages.

-- no debconf information

Bug#999336: RFP: jupyter-packaging -- tools to help build and install Jupyter Python packages

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: jupy...@googlegroups.com, debian-pyt...@lists.debian.org

* Package name: jupyter-packaging
  Version : 0.11.0
  Upstream Author : Jupyter Development Team 
* URL : https://github.com/jupyter/jupyter-packaging/
* License : BSD
  Programming Lang: Python
  Description : tools to help build and install Jupyter Python packages

Python packaging tools used by the Jupyter project that handle pre-build
steps such as JavaScript/npm/yarn building and installation steps.

Bug#998865: RFP: jupyter-server-mathjax -- Jupyter Server extension for serving Mathjax

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: jupy...@googlegroups.com, debian-pyt...@lists.debian.org

* Package name: jupyter-server-mathjax
  Version : 0.2.3
  Upstream Author : Jupyter Development Team 
* URL : https://github.com/jupyter-server/jupyter_server_mathjax
* License : BSD-3-Clause
  Programming Lang: Python / JavaScript
  Description : Jupyter Server extension for serving MathJax

Adds a static endpoint to Jupyter Server for serving MathJax.

Bug#998157: RFP: osticket -- helpdesk and user support ticketing system

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: debian-weba...@lists.debian.org

* Package name: osticket
  Version : 1.15.4
  Upstream Author : Peter Rotich 
* URL : https://www.osticket.com/
* License : GPL-2
  Programming Lang: PHP
  Description : helpdesk and user support ticketing system

osTicket is a widely-used open source support ticket system. It seamlessly
integrates inquiries created via email, phone and web-based forms into a
simple easy-to-use multi-user web interface. Manage, organize and archive
all your support requests and responses in one place while providing your
customers with accountability and responsiveness they deserve.

Bug#998153: ITP: polyline -- Python library to encode/decode polylines

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 
X-Debbugs-Cc: debian-de...@lists.debian.org, Frederick Jansen 
, debian-pyt...@lists.debian.org, Bruno M. Custódio 


* Package name: polyline
  Version : 1.4.0
  Upstream Author : Frederick Jansen 
* URL : https://github.com/frederickjansen/polyline
* License : MIT
  Programming Lang: Python
  Description : Python library to encode/decode polylines

Implements Google's encoded polyline algorithm format.  Encodes from / decodes
into [lat, lng] coordinate pairs.  Can also encode a GeoJSON object to a
GeoJSON LineString, and vice-versa.  Based on / compatible with Google's
mapbox.

Bug#998034: RFP: cachelib -- collection of cache libraries in the same API interface

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: cont...@palletsprojects.com, debian-pyt...@lists.debian.org

* Package name: cachelib
  Version : 0.4.1
  Upstream Author : cont...@palletsprojects.com
* URL : https://github.com/pallets/cachelib/
* License : BSD
  Programming Lang: python
  Description : collection of cache libraries in the same API interface

This package provides a uniform API over a number of different caching backends
including:
.
  * Memory
  * File
  * Redis
  * Memcached
  * uWSGI

Bug#998029: RFP: flask-appbuilder -- simple and rapid application development framework

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: danielvazgas...@gmail.com, debian-pyt...@lists.debian.org

* Package name: flask-appbuilder
  Version : 3.3.4
  Upstream Author : Daniel Vaz Gaspar 
* URL : https://github.com/dpgaspar/flask-appbuilder/
* License : BSD
  Programming Lang: Python
  Description : simple and rapid application development framework

Simple and rapid application development framework, built on top of Flask.
includes detailed security, auto CRUD generation for your models, google charts
and much more. Extensive configuration of all functionality, easily integrate
with normal Flask/Jinja2 development.

Bug#996193: SyntaxWarning: "is" with a literal.

[Joseph Nahmias]

Package: pithos
Version: 1.1.2-1.1
Severity: normal
File: /usr/share/pithos/pithos/SearchDialog.py


Hello,

While upgrading one of my systems from buster to bullseye, I saw the following 
in the output:

Setting up python3 (3.9.2-3) ...
running python rtupdate hooks for python3.9...
/usr/share/pithos/pithos/SearchDialog.py:83: SyntaxWarning: "is" with a 
literal. Did you mean "=="?
  if i.resultType is 'song':
/usr/share/pithos/pithos/SearchDialog.py:85: SyntaxWarning: "is" with a 
literal. Did you mean "=="?
  elif i.resultType is 'artist':
running python post-rtupdate hooks for python3.9...


Seems like an easy enough fix.
Hope this helps,
--Joe

-- System Information:
Debian Release: 11.1
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug'), 
(500, 'proposed-updates-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-17-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pithos depends on:
ii  gir1.2-gst-plugins-base-1.0  1.18.4-2
ii  gir1.2-gstreamer-1.0 1.18.4-2.1
ii  gir1.2-gtk-3.0   3.24.24-4
ii  gstreamer1.0-plugins-bad 1.18.4-3
ii  gstreamer1.0-plugins-good1.18.4-2
ii  python3  3.9.2-3
ii  python3-gi   3.38.0-2
ii  python3-gi-cairo 3.38.0-2
ii  python3-pkg-resources52.0.0-4

Versions of packages pithos recommends:
ii  adwaita-icon-theme [gnome-icon-theme-symbolic]  3.38.0-1
ii  gir1.2-appindicator3-0.10.4.92-7
ii  gir1.2-keybinder-3.00.3.2-1.1
ii  gir1.2-notify-0.7   0.7.9-3
ii  python3-dbus1.2.16-5
ii  python3-pylast  4.1.0-1

pithos suggests no packages.

-- no debconf information

Bug#995875: SSL error when trying to retrieve bug reports

[Joseph Nahmias]

Package: apt-listbugs
Version: 0.1.28
Severity: important

Hello,

When trying to run apt dist-upgrade with apt-listbugs installed, I now see the 
following error:

[snip]
Do you want to continue? [Y/n]
Retrieving bug reports... 0% Fail
Error retrieving bug reports from the server with the following error message:
E: SSL_connect returned=1 errno=0 state=error: certificate verify failed 
(certificate has expired)
It could be because your network is down, or because of broken proxy servers, 
or the BTS server itself is down. Check network configuration and try again

I am able to access bugs.debian.org from this machine without any SSL errors,
so I presume the issue is somewhere in the SSL verification code used by
apt-listbugs. Feel free to clone/reassign/block as appropriate.

Thanks,
--Joe

-- System Information:
Debian Release: 10.10
  APT prefers oldstable
  APT policy: (990, 'oldstable'), (500, 'oldstable-proposed-updates-debug'), 
(500, 'oldstable-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-17-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apt-listbugs depends on:
ii  apt 1.8.2.3
ii  ruby1:2.5.1
ii  ruby-debian 0.3.9+b8
ii  ruby-gettext3.2.9-1
ii  ruby-soap4r 2.0.5-4
ii  ruby-unicode0.4.4-2+b9
ii  ruby-xmlparser  0.7.3-3+b2

Versions of packages apt-listbugs recommends:
ii  ruby-httpclient  2.8.3-2
ii  s6   2.7.2.2-3

Versions of packages apt-listbugs suggests:
ii  firefox-esr [www-browser]  78.15.0esr-1~deb10u1
ii  lynx [www-browser] 2.8.9rel.1-3+deb10u1
ii  midori [www-browser]   7.0-2
ii  reportbug  7.5.3~deb10u1
ii  sensible-utils 0.0.12
ii  w3m [www-browser]  0.5.3-37
ii  xdg-utils  1.1.3-1+deb10u1

-- no debconf information

Bug#995686: RFP: superset -- modern data exploration and visualization platform

[Joseph Nahmias]

Package: wnpp
Severity: wishlist

* Package name: superset
  Version : 1.3.1
  Upstream Author : d...@superset.apache.org
* URL : https://superset.apache.org/
* License : Apache-2.0
  Programming Lang: Python
  Description : modern data exploration and visualization platform

Superset is fast, lightweight, intuitive, and loaded with options that make it
easy for users of all skill sets to explore and visualize their data, from
simple line charts to highly detailed geospatial charts.

Bug#991717: ITP: mssql-jdbc -- Microsoft JDBC Driver for SQL Server

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: mssql-jdbc
  Version : 9.2.1
  Upstream Author : Microsoft SQL Server Team
* URL : https://github.com/Microsoft/mssql-jdbc
* License : MIT
  Programming Lang: Java
  Description : Microsoft JDBC Driver for SQL Server

The Microsoft JDBC Driver for SQL Server is a Type 4 JDBC driver for Java
that provides database connectivity with SQL Server through the standard
JDBC application program interfaces (APIs).

This is an optional dependency for DBeaver which I plan to package under
the auspices of the Debian Java team.

Bug#990214: unblock: dovecot-fts-xapian/1.4.9a-1

[Joseph Nahmias]

ot, leveraging the efforts by the 
Xapian.org team.
+
+This effort came after Dovecot team decided to deprecate "fts_squat" included 
in the dovecot core, and due to the complexity of the Solr plugin capabilitles, 
un-needed for most users.
+
+
+%prep
+%autosetup
+autoreconf -vi
+./configure --with-dovecot=/usr/lib64/dovecot
+
+
+%build
+make %{?_smp_mflags}
+
+
+%install
+%make_install
+
+
+%files
+/usr/lib64/dovecot/lib21_fts_xapian_plugin.la
+/usr/lib64/dovecot/lib21_fts_xapian_plugin.so
+/usr/lib64/dovecot/lib21_fts_xapian_plugin.a
+
+
+%changelog
+* Tue Apr  6 2021 xapian
+- 
diff -Nru -w dovecot-fts-xapian-1.4.7/README.md 
dovecot-fts-xapian-1.4.9a/README.md
--- dovecot-fts-xapian-1.4.7/README.md  2021-01-31 14:06:29.0 -0500
+++ dovecot-fts-xapian-1.4.9a/README.md 2021-04-24 16:27:55.0 -0400
@@ -79,12 +79,14 @@
plugin = fts fts_xapian (...)
 
fts = xapian
-   fts_xapian = partial=3 full=20 attachments=0 verbose=0
+   fts_xapian = partial=3 full=20 verbose=0
 
fts_autoindex = yes
fts_enforced = yes

fts_autoindex_exclude = \Trash
+
+   fts_decoder = decode2text // To index attachements
 (...)
 }
 
@@ -92,27 +94,48 @@
 service indexer-worker {
vsz_limit = 2G // or above (or 0 if you have rather large memory usable 
on your server, which is preferred for performance) 
 }
+
+service decode2text {
+   executable = script /usr/libexec/dovecot/decode2text.sh
+   user = dovecot
+   unix_listener decode2text {
+ mode = 0666
+   }
+}
 (...)
 
 ```
-Partial & full parameters : 3 and 20 are the NGram values for header fields, 
which means the keywords created for fields (To, Cc, ...) are between 3 and 20 
chars long.
-Full words are also added by default (if not longer than 245 chars, which is 
the limit of Xapian capability).
+
+Indexing options
+
+
+| Option | Description| Possible values
  | Default value |
+|||--|---|
+| partial & full | NGram values for header fields | between 3 and 20 
characters  | 3 & 20|
+| verbose| Logs verbosity | 0 (silent), 1 (verbose) or 
2 (debug) | 0 |
+
+NGrams details
+--
+
+The partial & full parameters are the NGram values for header fields, which 
means the keywords created for fields (To,
+Cc, ...) are between 3 and 20 chars long. Full words are also added by default 
(if not longer than 245 chars, which is
+the limit of Xapian capability).
 
 Example: "" will create joh, ohn, hn@, ..., john@d, ohn@do, ..., and 
finally john@doe as searchable keywords.
 
-Set "verbose=1" to see verbose messages in the log, "verbose=2" for debug
-Set "attachments=1" if you want to index attachments (this works only for text 
attachments)
+Index updating
+--
 
-Restart Dovecot:
+Just restart Dovecot:
 
-```
+```sh
 sudo servicectl restart dovecot
 ```
 
 
-If this is not a fresh install of dovecot, you need to re-index your mailboxes
+If this is not a fresh install of dovecot, you need to re-index your mailboxes:
 
-```
+```sh
 doveadm index -A -q \*
 ```
 
@@ -121,7 +144,8 @@
 
 
 You shall put in a cron the following command (for daily run for instance) :
-```
+
+```sh
 doveadm fts optimize -A
 ```
 
@@ -131,4 +155,6 @@
 
 Please submit requests/bugs via the [GitHub issue 
tracker](https://github.com/grosjo/fts-xapian/issues).
 
+A Matrix Room exists also at : #xapian-dovecot:grosjo.net
+
 Thanks to Aki Tuomi , Stephan Bosch 
, Paul Hecker 
diff -Nru -w dovecot-fts-xapian-1.4.7/configure.ac 
dovecot-fts-xapian-1.4.9a/configure.ac
--- dovecot-fts-xapian-1.4.7/configure.ac   2021-01-31 14:06:29.0 
-0500
+++ dovecot-fts-xapian-1.4.9a/configure.ac  2021-04-24 16:27:55.0 
-0400
@@ -1,4 +1,4 @@
-AC_INIT([Dovecot FTS Xapian], [1.4.7], [j...@grosjo.net], [dovecot-fts-xapian])
+AC_INIT([Dovecot FTS Xapian], [1.4.9a], [j...@grosjo.net], 
[dovecot-fts-xapian])
 AC_CONFIG_AUX_DIR([.])
 AC_CONFIG_SRCDIR([src])
 AC_CONFIG_MACRO_DIR([m4])
diff -Nru -w dovecot-fts-xapian-1.4.7/debian/changelog 
dovecot-fts-xapian-1.4.9a/debian/changelog
--- dovecot-fts-xapian-1.4.7/debian/changelog   2021-01-31 21:35:02.0 
-0500
+++ dovecot-fts-xapian-1.4.9a/debian/changelog  2021-06-22 22:40:48.0 
-0400
@@ -1,3 +1,14 @@
+dovecot-fts-xapian (1.4.9a-1) unstable; urgency=medium
+
+  * [2da6c89] d/watch: allow non-numbers in version
+  * [18c496d] New upstream version 1.4.9a
++ fix indexing of attachments, closes: #985654
++ fix indexing of accented characters
++ fix memory errors / segfaults when indexing large mailboxes
++ handle indexing of virtual folders
+
+ -- Joseph Nahmias   Tue, 22 Jun 2021 22:40:48 -0400
+
 dovecot-fts-xapian (1.4.7-1) unstable; urgency=medium
 
   * [e3bdb1b] fix 

Bug#989892: missing some tycho plugins

[Joseph Nahmias]

Package: libtycho-java
Version: 2.3.0-1
Severity: normal

Hello,

Thank you for maintaining tycho in Debian and packaging v2.3.0 in
experimental.  I am trying to package DBeaver for Debian, which uses
tycho. However, it seems that the tycho package is missing some of the
plugins; specifically: tycho-p2-director-plugin and tycho-surefire-plugin.
It would be great if you could include them in the next version of the
package.

Much appreciated,
--Joe

Bug#987681: libtycho-java: please update tycho to new upstream version 2.0.0 or newer

[Joseph Nahmias]

Package: libtycho-java
Version: 1.6.0-2
Severity: wishlist
X-Debbugs-Cc: j...@nahmias.net

Hello,

I am trying to build some software that requires tycho 2.0.0, which was
release on 2020-08-03. Since then there have been a few more releases,
with 2.3.0 released on 2021-03-24. It would be great if Debian could
provide a newer version -- at least in unstable.

Thanks,
--Joe

Bug#976622: ITP: python3-oscrypto -- cryptography library for Python

[Joseph Nahmias]

Package: wnpp
Severity: wishlist

* Package name: python3-oscrypto
  Version : 1.2.1
  Upstream Author : Will Bond 
* URL : https://github.com/wbond/oscrypto
* License : MIT
  Programming Lang: Python
  Description : cryptography library for Python

TLS (SSL) sockets, key generation, encryption, decryption, signing,
verification and KDFs using the OS crypto libraries. Does not require a
compiler, and relies on the OS for patching. Works on Windows, OS X and
Linux/BSD.

I plan to maintain this under the Debian Python Team.

Used by a number of cross-platform projects including for verifying LineageOS
builds.

Bug#975509: ITP: nbdime -- Jupyter Notebook Diff and Merge tools

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: nbdime
  Version : 2.1.0
  Upstream Author : Jupyter Development Team 
* URL : https://nbdime.readthedocs.io/
* License : BSD
  Programming Lang: Python
  Description : Jupyter Notebook Diff and Merge tools

nbdime provides tools for diffing and merging of Jupyter Notebooks.
.
  * nbdiff - compare notebooks in a terminal-friendly way
  * nbmerge - three-way merge of notebooks with automatic conflict resolution
  * nbdiff-web - shows you a rich rendered diff of notebooks
  * nbmerge-web - gives you a web-based three-way merge tool for notebooks
  * nbshow - present a single notebook in a terminal-friendly way

Bug#972443: ITP: rotp -- Remnants of the Precursors game

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: rotp
  Version : 1.13b
  Upstream Author : Ray Fowler 
* Homepage: https://rayfowler.itch.io/remnants-of-the-precursors
* Source Code : https://github.com/rayfowler/rotp-public
* Forum   : https://www.reddit.com/r/rotp/
* License : Java code=GPL3; game data=CC4-by-nc-nd
  Programming Lang: Java
  Description : Remnants of the Precursors game

Remnants of the Precursors is a high-quality remake of the classic Master of
Orion (1993) game by SimTex.

Game engine will go to contrib; while the game data [artwork,text,sound] will
need to go to non-free.

I plan to maintain this within the Debian Games team.

Bug#971885: ITP: dasm -- Macro assembler with support for several 8-bit microprocessors

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: dasm
  Version : 2.20.14
  Upstream Author : the DASM team
* URL : https://dasm-assembler.github.io/
* License : GPL2+
  Programming Lang: C
  Description : Macro assembler with support for several 8-bit 
microprocessors

DASM is a versatile macro assembler with support for several 8-bit
microprocessors including MOS 6502 & 6507; Motorola 6803, 68705, and 68HC11;
Hitachi HD6303 (extended Motorola 6801) and Fairchild F8.
.
DASM boasts a number of features including:
.
 * fast assembly
 * supports several common 8 bit processor models
 * takes as many passes as needed
 * automatic checksum generation, special symbol ’...’
 * several binary output formats available
 * allows reverse indexed origins
 * multiple segments, BSS segments (no generation), relocatable origin
 * expressions, as in C
 * 32-bit integer expressions
 * no real limitation on label size
 * complex pseudo-ops, repeat loops, macros

Bug#971608: RFP: blockly -- web-based, visual programming editor

[Joseph Nahmias]

Package: wnpp
Severity: wishlist

* Package name: blockly
  Version : 3.20200924.2
  Upstream Author : Google
* URL : https://github.com/google/blockly
  Homepage: https://developers.google.com/blockly/
* License : Apache 2.0
  Programming Lang: Javascript
  Description : JavaScript library for building visual programming editors


Blockly is a library that adds a visual code editor to web and mobile
apps. The Blockly editor uses interlocking, graphical blocks to represent
code concepts like variables, logical expressions, loops, and more.  Users
then drag blocks together to build programs.  It allows users to apply
programming principles without having to worry about syntax or the
intimidation of a blinking cursor on the command line.
.
Blockly is a ready-made UI for creating a visual language that emits
syntactically correct user-generated code. Blockly can export blocks to
many programming languages, including these popular options:
 -  JavaScript
 -  Python
 -  PHP
 -  Lua
 -  Dart

Bug#970886: ITP: piskel -- an easy-to-use sprite editor

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: piskel
  Version : 0.15.0
  Upstream Author : Julian Descottes
* URL : http://piskelapp.com/
* License : Apache 2.0
  Programming Lang: Javascript
  Description : an easy-to-use sprite editor

Piskel is an easy-to-use sprite editor. It can be used to create game
sprites, animations, pixel-art, etc... It is the editor used in the online
pixel editor at piskelapp.com. It can export to a number of different
formats including animated GIFs, and spritesheet PNG/ZIP.

Bug#969708: Bug#969620: ITP: metakernel -- Jupyter kernel base class

[Joseph Nahmias]

On Mon, Sep 07, 2020 at 11:50:31AM +, Gordon Ball wrote:
> 
> The other bits are all under DPMT (and it makes sense in this case,
> since metakernel has public API and is intended to be imported rather
> than used directly).

> In any case, it is planned to merge DPMT and PAPT [1], so the distinction is
> probably unimportant in the medium term.

Sounds good. I'll use DPMT.

> > Finally, would you be willing to review/sponsor at least my first few
> > packages?
> 
> Yes, I'm willing to review/sponsor. Let me know when they're ready.

Great! I'm still polishing metakernel and the octave_kernel, but I've
uploaded ipyparallel, which is required for metakernel, to
mentors.debian.net while I wait for access to DPT. It's available at:
https://mentors.debian.net/package/ipyparallel/

Looking forward to your feedback!
--Joe

Bug#969620: ITP: metakernel -- Jupyter kernel base class

[Joseph Nahmias]

Hi Gordon,

On Sun, Sep 06, 2020 at 06:23:09PM +, Gordon Ball wrote:
> > Happy to have co-maintainers and/or place it under the rubric of the Debian 
> > Python team.
> > 
> Glad to have more bits of the jupyter ecosystem available. I'd be
> willing to be listed as a co-maintainer/uploader for this package
> (context: I [co-]maintain some of the jupyter core libraries and
> notebook). I experimented with a personal build of this library (+
> octave_kernel) in the past, but my octave knowledge wasn't good enough
> to actually use it enough to be confident it was useful.
> 
> The core libraries are all team-maintained with the debian-python team;
> the R kernel (r-cran-irkernel) is also available, under pkg-r-team.

Great! I just finished my first draft of the first part of this --
packaging ipyparallel (dep of metakernel). I was wondering whether it was
more appropriate to have it under DPMT or PAPT, any suggestions on how to
classify one way or the other?

Also, I requested to join the debian-python team [DPMT/PAPT] so that I can
host the packaging on salsa. Is that something you can assist with?

Finally, would you be willing to review/sponsor at least my first few
packages?

Thanks in advance,
--Joe


signature.asc
Description: PGP signature

Bug#969708: ITP: ipyparallel -- Interactive Parallel Computing with IPython

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: ipyparallel
  Version : 6.3.0
  Upstream Author : The IPython Development Team
* URL : https://github.com/ipython/ipyparallel
* License : BSD
  Programming Lang: Python
  Description : Interactive Parallel Computing with IPython

 ipyparallel is a Python package and collection of CLI scripts
 for controlling clusters for Jupyter. ipyparallel is the new home
 of IPython.parallel.
 .
 ipyparallel contains the following CLI scripts:
 .
ipcluster - start/stop a cluster
ipcontroller - start a scheduler
ipengine - start an engine

ipyparallel is a dependancy for the Jupyter metakernel.

As with metakernel, looking to maintain this within the DPMT.

Bug#969620: ITP: metakernel -- Jupyter kernel base class

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: metakernel
  Version : 0.27.0
  Upstream Author : Metakernel Development Team
* URL : https://github.com/Calysto/metakernel
* License : BSD
  Programming Lang: Python
  Description : Jupyter kernel base class

Metakernel is a Jupyter kernel base class in Python which includes core magic
functions (including help, command and file path completion, parallel and
distributed processing, downloads, and much more).

It is used by numerous other kernels for Jupyter, including for my purposes the
octave kernel.

Happy to have co-maintainers and/or place it under the rubric of the Debian 
Python team.

--Joe

Bug#969555: newnm page has bad link for "your personal page"

[Joseph Nahmias]

Package: nm.debian.org
Severity: minor

Hello,

After logging into the site (via salsa) I went to
https://nm.debian.org/public/newnm to kick off the process to move out of
retirement. I received a page that said:

Debian New Member - Join the NM process
You already have an entry in the system.

You already have an entry in the system if you are a DD, a DM, have a
guest account on Debian machines or have already applied on this page.

To request to become a Debian Maintainer or a Debian Developer, to get
a porterbox guest account, and more, visit your personal page and
follow the "request new status" link.

However, the link href for _your personal page_ points back to
https://nm.debian.org/public/newnm, instead of
https://nm.debian.org/person/jello/ as it seems it should.

Thanks,
--Joe

Bug#968950: collectd-dev: missing meta_data.h header file included by plugin.h

[Joseph Nahmias]

Package: collectd-dev
Version: 5.11.0-7~bpo10+1
Severity: important

Hello,

Thanks for backporting collectd 5.11 to buster! When compiling my own
collectd plugin, I hit an error because plugin.h includes meta_data.h, but
the latter is not provided by the collectd-dev package. IIUC, it should be
a simple fix to debian/collectd-dev.install to make sure this file gets
included in the package.

Much appreciated,
--Joe

-- System Information:
Debian Release: 10.5
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Versions of packages collectd-dev depends on:
ii  collectd-core  5.11.0-7~bpo10+1

Bug#967966: ITP: collectd-graph-panel -- web-based graphing app for collectd statistics

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: collectd-graph-panel
  Version : 1
  Upstream Author : Pim van den Berg 
* URL : http://pommi.nethuis.nl/category/cgp/
* License : GPL3
  Programming Lang: PHP
  Description : web-based graphing app for collectd statistics

 Collectd Graph Panel (CGP) is a graphical web-based front-end for
 visualizing RRD collected by collectd, written in the PHP language.

Bug#965351: missing documentation for libnftnl

[Joseph Nahmias]

Package: libnftnl-dev
Version: 1.1.2-2
Severity: normal

Hello,

Upstream has provided doxygen documentation for libnftnl. It would be great if
the -dev package included this in either html or manpage format. IIRC, Debian
policy might even require this.

Much appreciated,
--Joe

Bug#963107: "Encrypted connection unavailable" when using pre-authenticated connection

[Joseph Nahmias]

Package: mutt
Version: 1.10.1-2.1+deb10u2
Followup-For: Bug #963107

Hello,

I can confirm that this bug bit me as well, and that the listed mitigation
fixed the problem. Will the upstream fix be backported to Debian stable/buster?

Thanks,
--Joe


-- Package-specific info:
Mutt 1.10.1 (2018-07-13)
Copyright (C) 1996-2016 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.

System: Linux 4.19.0-9-686-pae (i686)
ncurses: ncurses 6.1.20181013 (compiled with 6.1)
libidn: 1.33 (compiled with 1.33)
hcache backend: tokyocabinet 1.4.48

Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/i686-linux-gnu/8/lto-wrapper
Target: i686-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 8.3.0-6' 
--with-bugurl=file:///usr/share/doc/gcc-8/README.Bugs 
--enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++ --prefix=/usr 
--with-gcc-major-version-only --program-suffix=-8 
--program-prefix=i686-linux-gnu- --enable-shared --enable-linker-build-id 
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix 
--libdir=/usr/lib --enable-nls --enable-bootstrap --enable-clocale=gnu 
--enable-libstdcxx-debug --enable-libstdcxx-time=yes 
--with-default-libstdcxx-abi=new --enable-gnu-unique-object 
--disable-vtable-verify --enable-libmpx --enable-plugin --enable-default-pie 
--with-system-zlib --with-target-system-zlib --enable-objc-gc=auto 
--enable-targets=all --enable-multiarch --disable-werror --with-arch-32=i686 
--with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic 
--enable-checking=release --build=i686-linux-gnu --host=i686-linux-gnu 
--target=i686-linux-gnu
Thread model: posix
gcc version 8.3.0 (Debian 8.3.0-6) 

Configure options: '--build=i686-linux-gnu' '--prefix=/usr' 
'--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man' 
'--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' 
'--disable-silent-rules' '--libdir=\${prefix}/lib/i386-linux-gnu' 
'--libexecdir=\${prefix}/lib/i386-linux-gnu' '--disable-maintainer-mode' 
'--disable-dependency-tracking' '--with-mailpath=/var/mail' 
'--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache' 
'--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' 
'--enable-sidebar' '--enable-nntp' '--enable-dotlock' '--disable-fmemopen' 
'--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' 
'--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm' 
'--with-tokyocabinet' 'build_alias=i686-linux-gnu' 'CFLAGS=-g -O2 
-fdebug-prefix-map=/build/mutt-9S1n1N/mutt-1.10.1=. -fstack-protector-strong 
-Wformat -Werror=format-security' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 
'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'

Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 
-fdebug-prefix-map=/build/mutt-9S1n1N/mutt-1.10.1=. -fstack-protector-strong 
-Wformat -Werror=format-security

Compile options:
-DOMAIN
+DEBUG
-HOMESPOOL  +USE_SETGID  +USE_DOTLOCK  +DL_STANDALONE  +USE_FCNTL  -USE_FLOCK   
+USE_POP  +USE_IMAP  +USE_SMTP  
-USE_SSL_OPENSSL  +USE_SSL_GNUTLS  +USE_SASL  +USE_GSS  +HAVE_GETADDRINFO  
+HAVE_REGCOMP  -USE_GNU_REGEX  
+HAVE_COLOR  +HAVE_START_COLOR  +HAVE_TYPEAHEAD  +HAVE_BKGDSET  
+HAVE_CURS_SET  +HAVE_META  +HAVE_RESIZETERM  +HAVE_FUTIMENS  
+CRYPT_BACKEND_CLASSIC_PGP  +CRYPT_BACKEND_CLASSIC_SMIME  +CRYPT_BACKEND_GPGME  
-EXACT_ADDRESS  -SUN_ATTACHMENT  
+ENABLE_NLS  -LOCALES_HACK  +HAVE_WC_FUNCS  +HAVE_LANGINFO_CODESET  
+HAVE_LANGINFO_YESEXPR  
+HAVE_ICONV  -ICONV_NONTRANS  +HAVE_LIBIDN  -HAVE_LIBIDN2  +HAVE_GETSID  
+USE_HCACHE  +USE_SIDEBAR  +USE_COMPRESSED  
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
MIXMASTER="mixmaster"

To contact the developers, please mail to .
To report a bug, please contact the Mutt maintainers via gitlab:
https://gitlab.com/muttmua/mutt/issues


-- System Information:
Debian Release: 10.4
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 4.19.0-9-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages mutt depends on:
ii  libassuan02.5.2-1
ii  libc6 2.28-10
ii  libcom-err2   1.44.5-1+deb10u3
ii  libgnutls30   3.6.7-4+deb10u4
ii  libgpg-error0 1.35-1
ii  libgpgme111.12.0-6
ii  libgssapi-krb5-2  1.17-3
ii  libidn11  1.33-2.2
ii  libk5crypto3  1.17-3
ii  libkrb5-3 1.17-3
ii  libncursesw6  6.1+20181013-2+deb10u2
ii  libsasl2-22.1.27+dfsg-1+deb10u1
ii  libtinfo6 6.1+20181013-2+deb10u2
ii  libtokyocabinet9  1.4.48-12

Bug#928492: dovecot: doveadm user gives "Error: User listing returned failure"

[Joseph Nahmias]

Package: dovecot-core
Version: 1:2.3.4.1-5+deb10u2
Followup-For: Bug #928492

Confirmed that this exists in the current version of dovecot in Debian buster
(10).

Looks like it was fixed upstream in the following commit:
https://github.com/dovecot/core/commit/414a7db1d15e57433dfc222bd6bf253c83166408


-- Package-specific info:

-- System Information:
Debian Release: 10.4
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: i386 (i686)

Bug#961950: add config for lighttpd

[Joseph Nahmias]

Package: smokeping
Version: 2.7.3-2
Severity: wishlist
Tags: patch

Hello,

Thanks for packaging smokeping for Debian! It's great that you include a
config for Apache; however, I use Lighttpd... I've created a config file
that can be used with file layout provided by the Debian smokeping
package, please see attached.

Easiest (for the [potential] users) would be to arrange for this to be
installed as something like /etc/lighttpd/conf-available/45-smokeping.conf.
That will allow the admin to simply run the following to have smokeping
available at the usual location [http://machine.example.org/smokeping/]:

$ sudo /usr/sbin/lighttpd-enable-mod smokeping && sudo invoke-rc.d lighttpd 
reload

Bonus points for automatically doing this in postinst/prerm (conditional on
the existance of lighttpd-{en,dis}able-mod).

Thanks,
--Joe

-- System Information:
Debian Release: 10.4
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-9-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages smokeping depends on:
ii  adduser   3.118
ii  debianutils   4.8.6.1
ii  fping 4.2-1
ii  libcgi-fast-perl  1:2.13-1
ii  libconfig-grammar-perl1.12-2
ii  libdigest-hmac-perl   1.03+dfsg-2
ii  libjs-cropper 1.2.2-1
ii  libjs-prototype   1.7.1-3
ii  libjs-scriptaculous   1.9.0-2
ii  librrds-perl  1.7.1-2
ii  libsnmp-session-perl  1.14~git20130523.186a005-4
ii  liburi-perl   1.76-1
ii  libwww-perl   6.36-2
ii  lsb-base  10.2019051400
ii  msmtp-mta [mail-transport-agent]  1.8.3-1
ii  perl  5.28.1-6
ii  ucf   3.0038+nmu1

Versions of packages smokeping recommends:
pn  apache2 | apache2 | httpd  
ii  dnsutils   1:9.11.5.P4+dfsg-5.1+deb10u1
ii  echoping   6.0.2-10
ii  libsocket6-perl0.29-1+b1
ii  lighttpd [httpd-cgi]   1.4.53-4
# /etc/lighttpd/conf-available/45-smokeping.conf
# Configuration for smokeping CGI program


server.modules += ( "mod_fastcgi", "mod_rewrite" )

$HTTP["url"] =~ "^/smokeping/" {
server.document-root = "/usr/share/"
url.rewrite-once = (
"^/smokeping/($|\?)" => "/smokeping/smokeping.cgi?${qsa}",
"^/smokeping/(.*)" => "/smokeping/www/$1",
)
fastcgi.server = (
"/smokeping/smokeping.cgi" => (
"localhost" => (
"bin-path" => "/usr/lib/cgi-bin/smokeping.cgi",
"socket" => "/run/lighttpd/smokeping-fcgi.socket",
)
),
)
}

# vim: set ts=4 sw=4 et:

Bug#961680: please provide a collection3 package

[Joseph Nahmias]

Package: collectd-core
Version: 5.8.1-1.3
Severity: wishlist
File: /usr/share/doc/collectd-core/examples/collection3

Hello,

The collectd-core package includes the collection3 viewer for the collectd
statistics that are gathered in the RRDs in the examples subdir. It would
be great if the Debian packaging built this as a separately installable
package so that it updates along with collectd.

Thanks,
--Joe


-- System Information:
Debian Release: 10.4
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: i386 (i686)

Bug#961220: dovecot: lda: Fatal: Plugin 'push_notifications' not found from directory /usr/lib/dovecot/modules

[Joseph Nahmias]

Package: dovecot-core
Version: 1:2.3.4.1-5+deb10u2
Severity: important
File: /usr/lib/dovecot/dovecot-lda

Hello,

I was trying to set up push_notification, but when I add it to the config, I 
start getting errors like this:

dovecot: lda: Fatal: Plugin 'push_notifications' not found from directory 
/usr/lib/dovecot/modules

I do see the file:

$ locate push_notification
/usr/lib/dovecot/modules/lib20_push_notification_plugin.so
/usr/lib/dovecot/modules/lib22_push_notification_lua_plugin.so


Is there some misconfiguration of the package somewhere?

Thanks,
--Joe


-- Package-specific info:

dovecot configuration
-
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.19.0-9-686-pae i686 Debian 10.4 ext4
auth_mechanisms = plain login
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_location = maildir:/srv/mail/%n:INBOX=/srv/mail/%n/Inbox:LAYOUT=fs
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date index ihave duplicate 
mime foreverypart extracttext spamtest spamtestplus
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = subscribe
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  prefix = 
}
passdb {
  driver = pam
}
plugin {
  sieve = file:/srv/sieve/%n;active=/srv/sieve/ACTIVE/%u.sieve
  sieve_extensions = +spamtest +spamtestplus
  sieve_spamtest_max_value = 5.0
  sieve_spamtest_status_header = X-Spam-Score: [[:alnum:]]+, 
score=(-?[[:digit:]]+\.[[:digit:]])
  sieve_spamtest_status_type = score
}
protocols = " imap lmtp sieve"
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
  }
}
ssl = required
ssl_cert = 
ii  dovecot-imapd 1:2.3.4.1-5+deb10u2
pn  dovecot-ldap  
ii  dovecot-lmtpd 1:2.3.4.1-5+deb10u2
pn  dovecot-lucene
ii  dovecot-managesieved  1:2.3.4.1-5+deb10u2
pn  dovecot-mysql 
pn  dovecot-pgsql 
pn  dovecot-pop3d 
ii  dovecot-sieve 1:2.3.4.1-5+deb10u2
pn  dovecot-solr  
pn  dovecot-sqlite
pn  dovecot-submissiond   
ii  ntp   1:4.2.8p12+dfsg-4

Versions of packages dovecot-core is related to:
ii  dovecot-core [dovecot-common]  1:2.3.4.1-5+deb10u2
pn  dovecot-dev
pn  dovecot-gssapi 
ii  dovecot-imapd  1:2.3.4.1-5+deb10u2
pn  dovecot-ldap   
ii  dovecot-lmtpd  1:2.3.4.1-5+deb10u2
ii  dovecot-managesieved   1:2.3.4.1-5+deb10u2
pn  dovecot-mysql  
pn  dovecot-pgsql  
pn  dovecot-pop3d  
ii  dovecot-sieve  1:2.3.4.1-5+deb10u2
pn  dovecot-sqlite 

-- debconf information excluded

Bug#961033: stats-writer permission issue when using LDA via procmail

[Joseph Nahmias]

Package: dovecot-core
Version: 1:2.3.4.1-5+deb10u1
Severity: normal
File: /usr/lib/dovecot/dovecot-lda

Hello,

Some background:

I have my machine configured to run fetchmail via cron, which retrieves my
emails from various different services. My .forward then sends all mail through
procmail, for filtering, sorting into folders, etc... Procmail then calls the
dovecot-lda program to actually deliver the mail using the .procmailrc config
line DELIVER="/usr/lib/dovecot/deliver -d $LOGNAME". I can then access my mail
via dovecot using a standard IMAP client.

The problem:

I recently upgrade my machine from stretch to buster, bringing with it a new
version of dovecot. Now, the fetchmail cron job is throwing errors like the
following:

lda($USER,)Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: 
Permission denied

I see that the stats-writer socket is owned by root:dovecot with 0660
permissions. Should the dovecot-lda program be set as setgid dovecot to allow
it to write to the socket? How is this socket really used? Are there any
security considerations I should be aware of prior to doing this?

Thanks,
--Joe


-- Package-specific info:

dovecot configuration
-
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.19.0-9-686-pae i686 Debian 10.4 ext4
auth_mechanisms = plain login
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_location = maildir:/srv/mail/%n:INBOX=/srv/mail/%n/Inbox:LAYOUT=fs
mail_privileged_group = mail
protocols = " imap lmtp sieve"
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
  }
}
ssl = required
ssl_min_protocol = TLSv1.2
userdb {
  driver = passwd
}
protocol lmtp {
  mail_plugins = " quota sieve"
}

-- System Information:
Debian Release: 10.4
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'oldstable-debug'), (500, 'stable'), 
(500, 'oldstable')
Architecture: i386 (i686)

Kernel: Linux 4.19.0-9-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages dovecot-core depends on:
ii  adduser  3.118
ii  libapparmor1 2.13.2-10
ii  libbz2-1.0   1.0.6-9.2~deb10u1
ii  libc62.28-10
ii  libexttextcat-2.0-0  3.4.5-1
ii  libicu63 63.1-6+deb10u1
ii  liblua5.3-0  5.3.3-1.1
ii  liblz4-1 1.8.3-1
ii  liblzma5 5.2.4-1
ii  libpam-runtime   1.3.1-5
ii  libpam0g 1.3.1-5
ii  libsodium23  1.0.17-1
ii  libssl1.11.1.1d-0+deb10u3
ii  libstemmer0d 0+svn585-1+b2
ii  libwrap0 7.6.q-28
ii  lsb-base 10.2019051400
ii  openssl  1.1.1d-0+deb10u3
ii  ssl-cert 1.0.39
ii  ucf  3.0038+nmu1
ii  zlib1g   1:1.2.11.dfsg-1

dovecot-core recommends no packages.

Versions of packages dovecot-core suggests:
pn  dovecot-gssapi
ii  dovecot-imapd 1:2.3.4.1-5+deb10u1
pn  dovecot-ldap  
ii  dovecot-lmtpd 1:2.3.4.1-5+deb10u1
pn  dovecot-lucene
ii  dovecot-managesieved  1:2.3.4.1-5+deb10u1
pn  dovecot-mysql 
pn  dovecot-pgsql 
pn  dovecot-pop3d 
ii  dovecot-sieve 1:2.3.4.1-5+deb10u1
pn  dovecot-solr  
pn  dovecot-sqlite
pn  dovecot-submissiond   
ii  ntp   1:4.2.8p12+dfsg-4

Versions of packages dovecot-core is related to:
ii  dovecot-core [dovecot-common]  1:2.3.4.1-5+deb10u1
pn  dovecot-dev
pn  dovecot-gssapi 
ii  dovecot-imapd  1:2.3.4.1-5+deb10u1
pn  dovecot-ldap   
ii  dovecot-lmtpd  1:2.3.4.1-5+deb10u1
ii  dovecot-managesieved   1:2.3.4.1-5+deb10u1
pn  dovecot-mysql  
pn  dovecot-pgsql  
pn  dovecot-pop3d  
ii  dovecot-sieve  1:2.3.4.1-5+deb10u1
pn  dovecot-sqlite 

-- debconf information excluded

Bug#961030: invalid monit config for openssh-server

[Joseph Nahmias]

Package: monit
Version: 1:5.26.0-1~bpo10+1
Severity: normal
File: /etc/monit/conf-available/openssh-server
Tags: patch

Hello,

The included config file for openssh-server is invalid. It references an
sshd_dsa_key section/service, but that is (no longer?) defined in that file.
This causes monit to fail to start, when that file is used.

The following patch fixes this and also adds support for monitoring the ecdsa
and ed25519 ssh keys.

Thanks,
--Joe

--- /etc/monit/conf-available/openssh-server.orig   2019-07-13 
05:21:25.0 +
+++ /etc/monit/conf-available/openssh-server2020-05-19 14:01:47.700539281 
+
@@ -19,6 +19,18 @@
group sshd
include /etc/monit/templates/rootbin
 
+ check file sshd_dsa_key with path /etc/ssh/ssh_host_dsa_key
+   group sshd
+   include /etc/monit/templates/rootstrict
+
+ check file sshd_ecdsa_key with path /etc/ssh/ssh_host_ecdsa_key
+   group sshd
+   include /etc/monit/templates/rootstrict
+
+ check file sshd_ed25519_key with path /etc/ssh/ssh_host_ed25519_key
+   group sshd
+   include /etc/monit/templates/rootstrict
+
  check file sshd_rsa_key with path /etc/ssh/ssh_host_rsa_key
group sshd
include /etc/monit/templates/rootstrict

Bug#952680: apticron: manpage mentions /etc/cron.d/apticron twice

[Joseph Nahmias]

Package: apticron
Version: 1.2.1
Severity: minor

Dear Maintainer,

The manpage for apticron mentions the file /etc/cron.d/apticron in two
different paragraphs under FILES. I suspect a move of a config file
happened sometime in the past and a find/replace was done on the
codebase without noticing this duplication.

It would be great if you would clarify this issue.

Thanks,
--Joe

-- System Information:
Debian Release: 10.3

Bug#921904: win-iconv: FTBFS (wine: chdir to /tmp/wine-I6miLw/server-29-3583b06 : No such file or directory)

[Joseph Nahmias]

On Fri, Dec 27, 2019 at 07:27:42PM +, Joseph Nahmias wrote:
> The attached patch works around the issue until that is fixed.

Of course, I forgot this patch... Take 2.
--Joe
diff -Nru win-iconv-0.0.8/debian/changelog win-iconv-0.0.8/debian/changelog
--- win-iconv-0.0.8/debian/changelog	2019-03-12 12:06:01.0 -0400
+++ win-iconv-0.0.8/debian/changelog	2019-12-27 14:04:56.0 -0500
@@ -1,3 +1,11 @@
+win-iconv (0.0.8-3.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Work around #946951 by initializing WINEPREFIX and adding a symlink,
+closes: #921904.
+
+ -- Joe Nahmias   Fri, 27 Dec 2019 14:04:56 -0500
+
 win-iconv (0.0.8-3) unstable; urgency=medium
 
   * wrap-and-sort -ast
diff -Nru win-iconv-0.0.8/debian/rules win-iconv-0.0.8/debian/rules
--- win-iconv-0.0.8/debian/rules	2019-03-12 11:29:02.0 -0400
+++ win-iconv-0.0.8/debian/rules	2019-12-27 14:04:56.0 -0500
@@ -33,6 +33,8 @@
 override_dh_auto_test:
 ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
 ifdef TESTARCH
+	-WINEPREFIX=$(CURDIR)/build-$(TESTARCH)/.wine wine64 wineboot -i
+	ln -s /tmp/.wine-`id -u`/server* /tmp/wine-*/
 	cd build-$(TESTARCH) && WINEPREFIX=$(shell pwd)/build-$(TESTARCH)/.wine $(MAKE) CC=$(TESTARCH)-gcc AR=$(TESTARCH)-ar RANLIB=$(TESTARCH)-ranlib DLLTOOL=$(TESTARCH)-dlltool test
 endif
 endif

Bug#921904: win-iconv: FTBFS (wine: chdir to /tmp/wine-I6miLw/server-29-3583b06 : No such file or directory)

[Joseph Nahmias]

package win-iconv
tags 921904 + patch
thanks

On Fri, Dec 27, 2019 at 06:19:41PM +, Joseph Nahmias wrote:
> Hello,
> 
> On Mon, Mar 18, 2019 at 10:12:55AM -0400, Daniel Kahn Gillmor wrote:
> > 
> > If anyone else needs win-iconv in debian, please speak up!
> > 
> > Otherwise i'll probably move forward with orphaning the package soon.
> > 
> >  --dkg
> 
> Yes, I'm interested in having win-iconv in Debian!
> Also, it seems like this FTBFS is no longer an issue, see the build(s)
> from 2019-11-30 at:
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/win-iconv.html

Spoke too soon, wine version 5.0~rc1-1 was uploaded to sid on 2019-12-18
which brought back this problem.

Upon further review, it seems this is the same as #946951. The attached
patch works around the issue until that is fixed. Not sure if we should
forcemerge this bug with 946951 and tag it affecting win-iconv, or if we
should use the workaround in the attached patch and close this bug... Any
thoughts?

Enjoy,
--Joe

Bug#921904: win-iconv: FTBFS (wine: chdir to /tmp/wine-I6miLw/server-29-3583b06 : No such file or directory)

[Joseph Nahmias]

Hello,

On Mon, Mar 18, 2019 at 10:12:55AM -0400, Daniel Kahn Gillmor wrote:
> On Mon 2019-03-18 10:55:44 +0100, Tim Rühsen wrote:
> > Libiconv 1.15 itself from tarball.
> >
> > If you are interested in the details, have a look at our CI Dockerfile
> > where we build/install the dependencies needed for testing:
> >
> > https://gitlab.com/gnuwget/build-images/blob/master/docker-debian-mingw/Dockerfile
> 
> interesting, thanks!
> 
> If anyone else needs win-iconv in debian, please speak up!
> 
> Otherwise i'll probably move forward with orphaning the package soon.
> 
>  --dkg

Yes, I'm interested in having win-iconv in Debian!
Also, it seems like this FTBFS is no longer an issue, see the build(s)
from 2019-11-30 at:
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/win-iconv.html

Thanks,
--Joe

Bug#935876: ITP: octave-kernel -- Jupyter kernel for Octave (Python 3)

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: octave-kernel
  Version : 0.31.1
  Upstream Author : Steven Silvester 
* URL : https://github.com/calysto/octave_kernel
* License : BSD
  Programming Lang: Python
  Description : Jupyter kernel for Octave (Python 3)

This package integrates the use of the Octave language within
the Jupyter Notebook by providing a kernel that communicates
using the standard API with the octave-cli.  It also handles
plotting and displays graphs within the notebook as expected.

Bug#933313: uscan doesn't detect new versions

[Joseph Nahmias]

Package: msmtp
Version: 1.6.6-1
Severity: normal
Tags: patch

Hello,

It seems the debian/watch file is out of date and thus uscan doesn't detect new 
upstream versions.  Here's a new one that works.

Enjoy,
--Joe
version=4

https://marlam.de/msmtp/download/ ../releases/msmtp-([\d\.]+)@ARCHIVE_EXT@ 
debian uupdate

Bug#933310: dot2tex: new upstream version 2.11.3

[Joseph Nahmias]

Package: dot2tex
Version: 2.9.0-3
Severity: wishlist

Dear Maintainer,

There is a new version of dot2tex since March 2019 that includes support
for python3.  It would be great if you packaged this.

Thanks,
--Joe

-- System Information:
Debian Release: 10.0
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dot2tex depends on:
ii  graphviz  2.40.1-6
ii  libjs-sphinxdoc   1.8.4-1
ii  python2.7.16-1
ii  python-pyparsing  2.2.0+dfsg1-2

Versions of packages dot2tex recommends:
ii  preview-latex-style  11.91-2
ii  texlive-latex-base   2018.20190227-2
ii  texlive-pictures 2018.20190227-2
ii  texlive-pstricks 2018.20190227-2

dot2tex suggests no packages.

-- no debconf information

Bug#932778: /etc/monit/conf-available/openssh-server: Depending service 'sshd_dsa_key' is not defined in the control file

[Joseph Nahmias]

Package: monit
Version: 1:5.26.0-1~bpo10+1
Severity: normal
File: /etc/monit/conf-available/openssh-server

Hello,

I upgraded monit to the version from buster-backports and it updated the
file /etc/monit/conf-available/openssh-server.  However, this file marks
the sshd service dependent on sshd_dsa_key, but fails to provide a
definition for it.  This broke my upgrade as monit wouldn't start since
I have the openssh-server template included in my monit configuration
(via a symlink in /etc/monit/conf-enabled).

Here's a patch that fixes the issue for me:

--- openssh-server.orig 2019-07-13 05:21:25.0 +
+++ openssh-server  2019-07-23 01:55:55.655575968 +
@@ -23,6 +23,10 @@
group sshd
include /etc/monit/templates/rootstrict

+ check file sshd_dsa_key with path /etc/ssh/ssh_host_dsa_key
+   group sshd
+   include /etc/monit/templates/rootstrict
+
  check file sshd_rc with path /etc/ssh/sshd_config
group sshd
include /etc/monit/templates/rootrc


While you're at it, you might want to include sections for the ecdsa &
ed25519 keys.  But, that's probably a separate bug and likely needs to
go upstream...

Thanks for maintaining this package!
--Joe


-- Package-specific info:

-- System Information:
Debian Release: 10.0
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages monit depends on:
ii  libc6  2.28-10
ii  libpam0g   1.3.1-5
ii  libssl1.1  1.1.1c-1
ii  lsb-base   10.2019051400
ii  zlib1g 1:1.2.11.dfsg-1

monit recommends no packages.

Versions of packages monit suggests:
ii  msmtp-mta [mail-transport-agent]  1.8.3-1
pn  sysvinit-core 

-- no debconf information

Bug#559867: squirrel-sql packaging

[Joseph Nahmias]

Hello,

Are you still working on packaging squirrel-sql for Debian?  The last
update on the RFP bug is from Nov 2016.  I am happy to lend assistance if
it will help.

Thanks,
--Joe

Bug#920566: ITP: radicale-auth-pam -- PAM authentication plugin for Radicale

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: radicale-auth-pam
  Version : 0.2
  Upstream Author : Joseph Nahmias 
* URL : https://gitlab.com/jello/radicale_auth_PAM
* License : GPL3
  Programming Lang: Python
  Description : PAM authentication plugin for Radicale

Bug#917921: rainloop: cannot launch admin panel

[Joseph Nahmias]

Package: rainloop
Version: 1.11.1-1
Severity: important

Dear Maintainer,

I tried to follow the instructions in the README.Debian for activating
the admin panel (I changed admin_password and set allow_admin_panel =
On) but I kept getting "Authentication failed".  Only when I changed the
password back to 12345 did it work.

Help!
--Joe


-- System Information:
Debian Release: 9.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-8-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages rainloop depends on:
ii  ckeditor4.5.7+dfsg-2
ii  libphp-predis   0.8.3-1
ii  lighttpd [httpd]1.4.45-1
ii  php-curl1:7.0+49
ii  php-fpm 1:7.0+49
ii  php-json1:7.0+49
ii  php-pclzip  2.8.2-4
ii  php-seclib  1.0.5-1
ii  php-xml 1:7.0+49
ii  php7.0-curl [php-curl]  7.0.33-0+deb9u1
ii  php7.0-fpm [php-fpm]7.0.33-0+deb9u1
ii  php7.0-json [php-json]  7.0.33-0+deb9u1
ii  php7.0-xml [php-xml]7.0.33-0+deb9u1

rainloop recommends no packages.

Versions of packages rainloop suggests:
pn  php5-sqlite | php5-mysql | php5-pgsql  

-- Configuration Files:
/etc/rainloop/application.ini changed [not included]

-- no debconf information

Bug#913097: postfix master binary path is wrong

[Joseph Nahmias]

Package: monit
Version: 1:5.20.0-6
Severity: normal
File: /etc/monit/conf-available/postfix
Tags: patch

Hello, it seems that the postfix master binary moved and monit didn't keep up 
with the change.  So, the path in /etc/monit/conf-available/postfix needs to 
change from /usr/lib/postfix/master to /usr/lib/postfix/sbin/master.

--- /etc/monit/conf-available/postfix.orig  2017-01-11 13:48:27.0 
+
+++ /etc/monit/conf-available/postfix   2018-11-06 21:36:20.589777450 +
@@ -13,7 +13,7 @@
depend master_cf
depend main_cf

- check file master_bin with path /usr/lib/postfix/master
+ check file master_bin with path /usr/lib/postfix/sbin/master
group postfix
include /etc/monit/templates/rootbin



-- System Information:
Debian Release: 9.5
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable'), (500, 'oldstable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-7-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages monit depends on:
ii  libc6  2.24-11+deb9u3
ii  libpam0g   1.1.8-3.6
ii  libssl1.1  1.1.0f-3+deb9u2
ii  lsb-base   9.20161125
ii  zlib1g 1:1.2.8.dfsg-5

monit recommends no packages.

Versions of packages monit suggests:
ii  postfix [mail-transport-agent]  3.1.8-0+deb9u1
ii  sysvinit-core   2.88dsf-59.9

-- Configuration Files:
/etc/monit/monitrc [Errno 13] Permission denied: '/etc/monit/monitrc'

-- no debconf information
--- /etc/monit/conf-available/postfix.orig  2017-01-11 13:48:27.0 
+
+++ /etc/monit/conf-available/postfix   2018-11-06 21:36:20.589777450 +
@@ -13,7 +13,7 @@
depend master_cf
depend main_cf
 
- check file master_bin with path /usr/lib/postfix/master
+ check file master_bin with path /usr/lib/postfix/sbin/master
group postfix
include /etc/monit/templates/rootbin