Package: starpu-examples
Version: 1.2.3+dfsg-3
Severity: serious
Justification: Policy 2.2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
starpu-examples depends on libsocl-1.2-0.
libsocl-1.2-0 is a regular package in Debian main, but is also provided
by nonfree package
Package: avahi-ui-utils
Version: 0.7-3
Severity: serious
Justification: Policy 2.2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
avahi-ui-utils recommends vnc-viewer.
vnc-viewer is a virtual package, which means it is not deterministic
which package will satisfy the recommendation.
Quoting Jonas Smedegaard (2017-12-13 13:34:31)
> zfsnap depends on zfsutils-linux | zfsutils | zfs-fuse | zfs.
>
> zfsutils-linux is nonfree and therefore not allowed to be listed as
> dependency of a package in main, according to Debian Policy §2.2.1.
Correction: Not allowed
Oh - much simpler fix is sufficient: List zfs-fuse first.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
Package: zfsnap
Version: 1.11.1-5
Severity: serious
Justification: Policy 2.2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
zfsnap depends on zfsutils-linux | zfsutils | zfs-fuse | zfs.
zfsutils-linux is nonfree and therefore not allowed to be listed as
dependency of a package in main,
Package: simplesnap
Version: 1.0.4
Severity: serious
Justification: Policy 2.2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
simplesnap depends on zfsutils | zfsutils-linux | zfs-fuse.
zfsutils is a virtual package provided only by zfsutils-linux, and
zfsutils-linux is nonfree.
Package: webpack
Version: 3.5.6-1
Severity: serious
Justification: 2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The binary package webpack depends on non-existing package
node-uglifyjs-webpack-plugin, making the former impossible to install.
- Jonas
-BEGIN PGP SIGNATURE-
Quoting Anthony DeRobertis (2017-11-20 21:08:18)
> [resending just to -submitter, sorry I messed up the address the first
> time.]
>
> (from Jonas Smedegaard <d...@jones.dk> via the bug):
>
>> One of several functions of Clementine is to stream audio from cloud
>
Package: iceweasel-l10n-sl
Version: 52.4.0esr-2
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
firefox-esr-l10n-sl currently recommends myspell-sl, which is a
transitional package pending removal.
Please instead recommend hunspell-sl.
Severity raised, to match that of
e plan for getting security and protocol change updates
> backported to Debian stable?
Debian standard procedures for updating stable packages.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask
Quoting Andreas Beckmann (2017-10-27 16:03:09)
> On 10/27/2017 03:03 PM, Jonas Smedegaard wrote:
>> Quoting Andreas Beckmann (2017-10-27 11:23:12)
>>> pandoc cannot be built in sid any more since libghc-syb-dev was
>>> updated.
>>
>> No longer the case with
Quoting Santiago Vila (2017-10-22 11:41:46)
> On Sun, Oct 22, 2017 at 09:29:16AM +0200, Jonas Smedegaard wrote:
>> unzip.c contains the following notice:
>>
>> Copyright on recmatch() from Zip's util.c (although recmatch() was almost
>> certainly written by Mark Ad
Package: unzip
Version: 6.0-21
Severity: serious
Tags: upstream
Justification: Policy 2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
unzip.c contains the following notice:
Copyright on recmatch() from Zip's util.c (although recmatch() was almost
certainly written by Mark Adler...ask me
Quoting James Cameron (2017-10-16 11:30:55)
> On Mon, Oct 16, 2017 at 10:20:16AM +0200, Jonas Smedegaard wrote:
> > Quoting James Cameron (2017-10-16 07:03:24)
> > > Upstream could bring python-rsvg source into the code base; would that
> > > be okay?
> >
&g
Quoting James Cameron (2017-10-16 07:03:23)
> New upstream release v44 fixed this, and was packaged, with gir-deps
> of rsvg-2.0, so next step is to remove the python-rsvg dependency in
> debian/rules.
Indeed. Thanks!
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
lly what breaks activities
depending on GTK+ 2.x.
Activities using GTK+ 2.x is expected to stop working with Debian
relatively soon.
I don't see any other (realistic) option than porting to modern stuff
like GTK+ 3.x and gir.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
*
uick look to be only formatting
changes (difference in newlines in JSON data).
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
Quoting IOhannes m zmölnig (2017-10-04 09:31:09)
> On Wed, 04 Oct 2017 03:08:17 +0200 Jonas Smedegaard <d...@jones.dk> wrote:
> > Quoting Felipe Sateler (2017-10-04 00:32:21)
> > >
> > > I think your patch mainly addresses issue number 2, doesn't it? Fixing
&
26c464c893b9926021a0b014b8a4a88ee6bda154
Author: Jonas Smedegaard <d...@jones.dk>
Date: Wed Oct 4 03:53:14 2017 +0200
Prepare for release: Update changelog.
diff --git a/debian/changelog b/debian/changelog
index 76f791c..a92baa3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,25 @@
+kodi (2:17.3+d
26c464c893b9926021a0b014b8a4a88ee6bda154
Author: Jonas Smedegaard <d...@jones.dk>
Date: Wed Oct 4 03:53:14 2017 +0200
Prepare for release: Update changelog.
diff --git a/debian/changelog b/debian/changelog
index 76f791c..a92baa3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,25 @@
+kodi (2:17.3+d
Quoting Felipe Sateler (2017-10-04 00:32:21)
> On Tue, Oct 3, 2017 at 7:04 PM, Jonas Smedegaard <d...@jones.dk> wrote:
>> Quoting Felipe Sateler (2017-10-03 23:32:24)
>>> On Tue, Oct 3, 2017 at 5:49 PM, Jonas Smedegaard <d...@jones.dk> wrote:
>>>> Ko
Quoting Felipe Sateler (2017-10-03 23:32:24)
> On Tue, Oct 3, 2017 at 5:49 PM, Jonas Smedegaard <d...@jones.dk> wrote:
> > Package: kodi
> > Version: 2:17.3+dfsg1-2
> > Severity: grave
>
> This severity feels a bit inflated. After all, you can download and
&g
eature -
either for political reasons or due to security risks.
.
This patch makes it possible to omit the addons repository feed.
Author: Jonas Smedegaard <d...@jones.dk>
Last-Update: 2017-10-03
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/system/addon-manifest
Source: pjproject
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
A recent inspection of copyright and licensing revealed several files
lacking proper licensing.
debian/copyright has been corrected, including hinting for repackaging
source - but I am not familiar with the git
Source: pjproject
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The file pjlib/src/pj/sock_linux_kernel.c is licensed as both
BSD-4-clause and GPL-2+. Not dual-licensed, but separately declared.
Those licenses are incompatible, and therefore the licensing is useless.
-
Quoting Jonas Smedegaard (2017-09-30 15:38:39)
> Quoting Adrian Bunk (2017-09-24 01:16:20)
>> ruby-compass depends ond build depends on ruby-sass (< 3.5), but
>> 3.5.1-2 is in unstable.
>
> This is unlikely to change, since ruby-compass is dead upstream an
Quoting Adrian Bunk (2017-09-24 01:16:20)
> ruby-compass depends ond build depends on ruby-sass (< 3.5),
> but 3.5.1-2 is in unstable.
This is unlikely to change, since ruby-compass is dead upstream and
ruby-sass has moved on. :-(
- Jonas
--
* Jonas Smedegaard - idealist & Inte
Package: fonttools
Severity: serious
Justification: python policy §3.3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Public python libraries must be named with a leading "python-" or
"python3-":
https://www.debian.org/doc/packaging-manuals/python-policy/module_packages.html#package_names
Package: xscreensaver
Version: 5.36-1
Severity: serious
Justification: Policy 2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The file hacks/images/m6502/dmsc.asm is assmebly with a comment at top
inviting to get the source by email:
; By DMSC - daniel.serp...@gmail.com
;
; This demo was
.
I believe your analysis is correct, and I believe this was solved with
_libregexp-pattern-license-perl_ 3.0.31-2 (confusingly numbered similar
to licensecheck).
Sorry for the mess, and thanks again for your help reporting,
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arki
close 876056 3.0.31-2
thanks
--
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
e.3pm.gz',
> which is also in package licensecheck 3.0.30-1
Thanks for your bugreport, it is really appreciated.
But...
This issue was already addressed in 3.0.31-2 released few hours ago.
Thanks a lot for your testing unstable Debian, and reporting issues!
- Jonas
--
* Jonas Smedegaard
Quoting Ximin Luo (2017-09-13 11:34:00)
> Control: tags -1 + pending
>
> On Tue, 12 Sep 2017 18:04:56 +0200 Jonas Smedegaard <d...@jones.dk> wrote:
> > [..]>
> > Attached is a patch to make Sagenb use sassc with separately maintained
> > stylesheets. It need
Quoting Ximin Luo (2017-09-13 11:34:00)
> Control: tags -1 + pending
>
> On Tue, 12 Sep 2017 18:04:56 +0200 Jonas Smedegaard <d...@jones.dk> wrote:
> > [..]>
> > Attached is a patch to make Sagenb use sassc with separately maintained
> > stylesheets. It need
Quoting Jonas Smedegaard (2017-09-12 18:11:06)
> It seems ruby-compass-rails really do work only with ruby-compass. But
> also, it looks like it is a leaf package: Would it be ok to simply
> drop ruby-compass-rails from Debian?
Oh, I looked only at *build* dependencies - I see now it
Package: ruby-compass-rails
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
ruby-compass is obsolete and will likely not be released with Buster.
I intended to warn about this, but accidentally uploaded a too new
ruby-sass yesterday, so that ruby-compass is no longer
Source: sagenb
Severity: serious
Tags: patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I made a mistake today that cause FTBFS of sagenb, but I would prefer to
fix it in sagenb as that would be needed anyway at a later point:
ruby-compass is obsolete and will likely not be released with
Source: nanoc
Severity: serious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I made a mistake today that cause FTBFS of nanoc, but I would prefer to
fix it in nanoc as that would be needed anyway at a later point:
ruby-compass is obsolete and will likely not be released with Buster.
Its
icon-theme and sugar-themes (0.110.0-3).
How very embarrassing. Thanks, will address that right away!
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
Package: clementine
Version: 1.3.1+git276-g3485bbe43+dfsg-1
Severity: serious
Tags: upstream
Justification: Policy 2.2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
One of several functions of Clementine is to stream audio from cloud
service Spotify. Initially selecting that function
e info at https://bugs.debian.org/873248
- which itself got filed against the wrong package :-/
Thanks for helping test Astroid!
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
Quoting Pirate Praveen (2017-08-23 20:11:28)
> On ബുധന് 23 ആഗസ്റ്റ് 2017 11:33 വൈകു, Jonas Smedegaard wrote:
> > Package: node-lodash-packages
> > Severity: serious
> > Justification: Policy 2.1
>
> I do not think the root issue is serious, but only important.
Lack of
Package: node-lodash-packages
Severity: serious
Justification: Policy 2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The source package node-lodash-packages does not contain the source form
preferred for editing by upstream. Instead, upstream documents how the
contents of that code is
sterisk-opus) should not
require rebuilding the bigger one (asterisk).
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
in this package to work on a fix (that
> might be in DateTime-Event-Recurrence or elsewhere).
>
> Jonas, what do you think?
Please request removal - also of the reverse dependency.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
Source: smplayer
Version: 17.7.0~ds0-1
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
smplayer includes code in src/basegui.cpp to download and (I guess)
execute javascript code for parsing youtube paths. The download URL is
Quoting umlae...@debian.org (2017-07-29 17:20:53)
> Zitat von Jonas Smedegaard <d...@jones.dk>:
> >> >
> >> > These drumkits are in upstream metadata listed _without_ license:
> >> >
> >> > ColomboAcousticDrumkit (sf)
> >> &g
Control: retitle -1 src:hydrogen-drumkits: Some sources lack licensing
Quoting James Cowgill (2017-07-21 11:56:15)
> On 21/07/17 10:49, Jonas Smedegaard wrote:
> > Package: src:hydrogen-drumkits
> > Version: 2015.09.28-1
> > Severity: serious
> >
Package: src:hydrogen-drumkits
Version: 2015.09.28-1
Severity: serious
Justification: Policy 2.2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
These drumkits are in upstream metadata listed _without_ license:
ColomboAcousticDrumkit (sf)
EasternHop (sf)
Electric Empire (sf)
HardElectro (sf)
Package: get-flash-videos
Version: 1.25.92-1
Severity: serious
Justification: Policy 3.5
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Ran this: $ get_flash_videos
'http://www.visir.is/section/MEDIA99=SRCF83EF20D-3CB8-4C86-A0F0-20332FB8AB56'
I failed with this:
Can't locate
Package: src:libsdl1.2
Followup-For: Bug #834204
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Whoops - forgot to acutally attach the diff.
- Jonas
- -- System Information:
Debian Release: buster/sid
APT prefers buildd-unstable
APT policy: (500, 'buildd-unstable'), (500, 'unstable'),
Package: src:libsdl1.2
Followup-For: Bug #834204
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I have prepared an NMU and queued for release in 5 days.
Attached is the diff.
I made the changes in git locally, and can push that to Alioth if
granted write access to the repository (my account
this
> week.
>
> I'm also happy to do an NMU with the change Scott proposed.
Please do an NMU: I just started a new job¹ and departing for Debconf
(via Iceland for a little week) in a few days, so am swamped with tasks.
Sorry for not reporting back here earlier.
- Jonas
¹ I will be doing D
Source: libsdl1.2
Followup-For: Bug #834204
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Attached is a patch from Parabola to avoid using the baguely licensed
file, to survive a repackaging with it stripped.
- Jonas
- -- System Information:
Debian Release: buster/sid
APT prefers
Package: legit
Version: 0.4.1-1
Severity: grave
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
legit in experimental fails to work with python-smmap to 2.0.3-1:
$ legit branches
Traceback (most recent call last):
File "/usr/bin/legit", line 6, in
from pkg_resources import
s is really a problem in uwsgi or cdbs' handling of
> > multiple supported python versions.
>
> We now have this in Debian, so bumping to serious.
Thanks, both for reporting initially and for bumping!
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
g.
I am convinced now that adjusting cdbs is not merely a workaround but
the actual fix to this bug.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
Build.PL # debhelper
> perl Build.PL -I. # cdbs
> ?
Hmm - I guess the special code in Module::Build checks for . only at the
_end_ (or beginning?) of the INC list, and the difference of how
debhelper and cdbs applies the option affects the order.
I will adjust the code in CDBS, but I believe that to be only a
workaround and it should be fixed in Module::Build (as a patch in
Debian, if upstream chooses to dismiss it).
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
es were touched since 2015.
For starters (admittedly without really understanding the issue here),
let my simply go through and modernize those packages.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
n't find any evidence of it in the source package but
> rebuilding the binaries doesn't make it go away.
I do not see that relationship in version 1.9.10 of parl-desktop-world -
are you sure you are referring to that exact version of the package (not
e.g. some rebuild of the package from source)?
ed to backport that code change.
And then convince Debian release managers to get that change accepted
into a point release of stable Debian.
Also, I believe we should add a package-specific routine to create a
backup to /var/backup each time the package is updated, similar to how
slapd and ejabber
Quoting Jonas Smedegaard (2017-05-29 12:35:02)
> Upstream autoconf oddly ties the --prefix option with a custom -
> --dacs_home option which gets hardwired into the installed tools and
> is a root directory for both static and variable parts.
>
> dacs 1.4.38a-1 sets --prefix wh
Source: dacs
Version: 1.4.38a-1
Severity: serious
Justification: Policy 9.1.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Upstream autoconf oddly ties the --prefix option with a custom
- --dacs_home option which gets hardwired into the installed tools and is
a root directory for both static
Quoting Jonas Smedegaard (2017-05-26 10:41:14)
> The system is Debian testing, fully updated (included today's libssl
> 1.0.2k-1 and 1.1.0e-2).
Correction: Those _are_ the libssl versions on my system, but they were
not updated today (I updated multiple systems and confused it with
Package: libapache2-mod-dacs
Version: 1.4.38a-1
Severity: grave
Justification: renders package unusable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Enabling libapache2-mod-dacs causes apache to fail restarting:
maj 26 10:29:24 xayide apachectl[19815]: apache2: Syntax error on line 146 of
Quoting Pirate Praveen (2017-05-22 16:10:32)
> On തിങ്കള് 22 മെയ് 2017 06:41 വൈകു, Jonas Smedegaard wrote:
>> ...for the _initial_ packaging work.
>>
>> We are package *maintainers*.
>
> If you have not realized, we are discussing about maintaining an
> existing
gt; https://wiki.debian.org/Javascript/Nodejs/Tasks/npm ie, roughly about
> 78 new modules to package. If one person were to work full time, I
> think about 10-15 days time.
...for the _initial_ packaging work.
We are package *maintainers*.
- Jonas
--
* Jonas Smedegaard - idealist
Quoting Salvatore Bonaccorso (2017-05-21 19:37:55)
> I've prepared an NMU for ghostscript (versioned as 9.20~dfsg-3.2) and
> uploaded it to DELAYED/2. Please feel free to tell me if I should
> delay it longer.
On the contrary: Please speed up its processing.
- Jonas
--
* Jonas S
Package: radicale
Version: 2.0.0~rc1-1
Severity: grave
Tags: security patch
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Upstream has issued a security release:
> Add a random timer to avoid timing oracles and simple bruteforce
> attacks when using the
> symbolhelper written by Russ.
Please beware that e.g. feeding an incomplete set of buildlogs or
buildlogs from varying sources makes the tool loose track and produce
broken arch lists.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Websi
Quoting Tim Retout (2017-04-18 11:00:54)
> On 17 April 2017 at 18:59, Jonas Smedegaard <d...@jones.dk> wrote:
>> I don't recall, but believe I installed using plain standard
>> debian-installer with the "netboot" image. But possibly I might have
>> u
package
relations but no specific install order.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
those is technical superior.
² german myspell packages do not provide virtual hunspell-dictionary-de
³ uncertain which should be favored
Yes, above issues should ideally be reported separately - I thought I
did so about a year ago, but apparently got axhausted before finishing
reports for icedove
gt; the geoip-database maintainers to ship it (or them: ipv4 + ipv6) in
> the package a well.
Debian packages geoip-database-extra or geoip-database-contrib (the
latter in contrib) should satisfy the need for city lookups (but I
haven't tried).
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
e smaller points actually,
Please file separate bugreports for each concrete issue: Discussing "the
isssue of this package having too many issues" is far easier to do when
each issue is tracked individually.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* T
Package: compass-bootstrap-sass-plugin
Version: 3.3.5.1-3
Severity: grave
Justification: renders package unusable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
The most basic way to initialize a Compass project using this library
should be using the following command:
$ compass create --using
Package: molly-guard
Version: 0.6.4
Severity: serious
On an ARM system bootstrapped from Stretch yesterday, today failed to
update systemd-sysv:
Setting up systemd (232-18) ...
addgroup: The group `systemd-journal' already exists as a system group. Exiting.
(Reading database ... 40888 files and
Quoting Laurent Bigonville (2017-02-23 17:44:21)
> On Fri, 15 Jul 2016 18:06:26 +0200 Jonas Smedegaard <d...@jones.dk> wrote:
>> Please include as a minimum the *symptoms* when reporting a bug.
>> Suggestions for a fix (or workaround) is appreciated too, but don't
>&g
ed in Debian.
If you say that the code packaged for Debian does _not_ download code,
then I guess this bug can be transformed into a minor bug about long
description being wrong (it should reflect the _package_ not upstream,
if those differ).
- Jonas
--
* Jonas Smedegaard - idealist & I
Package: repo
Version: 1.12.37-1
Severity: serious
Justification: Policy 2.2
From the package description:
> repo is an unusual tool because it downloads all of its own Python
> modules using GPG-signed git tags, and stores those files as part of
> the project that it is working with. So this
Quoting Nobuhiro Iwamatsu (2017-02-20 17:33:14)
> Hi,
>
> 2017-02-20 5:58 GMT+09:00 Jonas Smedegaard <jo...@jones.dk>:
> > Quoting Jonas Smedegaard (2017-02-12 21:30:32)
> >> Hi Nobuhiro,
> >>
> >> Quoting Nobuhiro Iwamatsu (2017-02-09 05:09:39
Quoting Jonas Smedegaard (2017-02-12 21:30:32)
> Hi Nobuhiro,
>
> Quoting Nobuhiro Iwamatsu (2017-02-09 05:09:39)
> >>> This error is caused by updated libc6.
> >>> The changelog in libc6(2.19-18+deb8u6) says as follows.
> >>>
> >>>
o
stable. But seems the bugreport I filed about that got lost.
I don't have time to look into it now - please go ahead, anyone.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
redistribute the fonts
via matplotlib if the license granted to matplotlib permitted removal of
the license text.
> see also
> https://github.com/matplotlib/matplotlib/issues/6976#issuecomment-270002766
>
> i'll include that copyright notice as well
Bug opened upstream, referencing above:
x is to patch test/mocha/cli.js to not have a timeout
(or as workaround an insanely large timeout).
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
tement but no licensing grant.
Options exist to extract the profile to examine closer.
Not sure, but I believe lintian also has a check for this issue.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ]
on is not intended to apply to connect time charges, or
> flat rate connection/download fees for electronic bulletin board
> services.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask
Quoting Christian Hofstaedtler (2017-02-05 17:39:45)
> * Jonas Smedegaard <d...@jones.dk> [170205 16:39]:
>> The ruby-pdf-reader package includes fonts not freely licensed.
>>
>> E.g. /usr/lib/ruby/vendor_ruby/pdf/reader/afm/Times-Bold.afm
>
> I have no idea what t
Quoting Jonas Smedegaard (2017-02-05 18:43:55)
> The software project includes fonts without license.
>
> The "base 14" fonts below lib/matplotlib/mpl-data/fonts/pdfcorefonts
> includes a seemingly non-authoritative liense grant which is omitted
> from debian/copyright.
Source: matplotlib
Severity: serious
Tags: upstream
Justification: Policy 2.1
The file lib/matplotlib/mpl-data/sample_data/necked_tensile_specimen.png
is an image with an embedded color calibration profile copyright Apple,
which lacks DFSG-compatible license.
- Jonas
Source: matplotlib
Severity: serious
Tags: upstream
Justification: Policy 2.1
The software project includes fonts without license.
The "base 14" fonts below lib/matplotlib/mpl-data/fonts/pdfcorefonts
includes a seemingly non-authoritative liense grant which is omitted
from debian/copyright.
Source: pyx
Severity: serious
Tags: upstream
Justification: Policy 2.1
The Adobe "base 14" fonts below pyx/data/afm are not freely licensed.
(the included html file granting some rights seem non-authoritative).
- Jonas
Quoting Simon McVittie (2017-02-01 10:38:21)
> On Sun, 29 Jan 2017 at 18:46:07 +0100, Jonas Smedegaard wrote:
> > I don't understand dak at all, so appreciate your work here.
>
> For your information, here is how I use dak for QA.
Thanks! Much appreciated!
- Jonas
--
* J
Quoting Emilio Pozuelo Monfort (2017-01-31 09:49:25)
> On 31/01/17 09:36, Jonas Smedegaard wrote:
> > Quoting Emilio Pozuelo Monfort (2017-01-31 00:41:57)
> >> On Tue, 10 Jan 2017 18:01:38 +0100 Jonas Smedegaard <d...@jones.dk> wrote:
> >>> Source: raptor
> &
Quoting Emilio Pozuelo Monfort (2017-01-31 00:41:57)
> On Tue, 10 Jan 2017 18:01:38 +0100 Jonas Smedegaard <d...@jones.dk> wrote:
> > Source: raptor
> > Severity: serious
> >
> > Raptor 1.x has not had an upstream release in 6 years, is superceded by
> &
Quoting Simon McVittie (2017-01-29 17:57:26)
> On Mon, 01 Aug 2016 at 17:42:36 +0200, Jonas Smedegaard wrote:
> > I agree that sugar-base-0.88 makes sense to drop from Debian.
>
> Let's make that happen.
Thanks!
> According to `dak rm -R -n` this would involve removal o
Quoting Gianfranco Costamagna (2017-01-27 14:53:18)
> On Thu, 26 Jan 2017 12:19:09 +0100 Jonas Smedegaard <d...@jones.dk> wrote:
>> [...] the package is not fit for Debian main, but should be moved to
>> contrib
[...]
> Package: skysentials (1.0.1-5) [contrib]
&g
Package: skysentials
Version: 1.0.1-5
Severity: serious
Justification: Policy 2.2.2
It seems from the package description that this package is usable only
as an addon to skype.
If that is true, then the package is not fit for Debian main, but should
be moved to contrib (and the suggestion on
changelog containing that version. Since this will
> never happen (it's a binNMU) the BTS will never regard this bug as fixed.
>
> Given that binNMUs have no testing migration delay, hopefully this won't
> affect people for too long.
I think the correct approach is to reassign the bug
e used as source downstream" are
different things, and I believe Debian Policy talks about the former.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
701 - 800 of 1614 matches
Mail list logo