Russell Stuart writes:
> I don't believe that. I guess we are talking past each other. Out of
> curiosity do you do maintain the changsets manually in git, or use
> something like gquilt?
I've tried a whole bunch of different things over the years, ranging from
manually-maintained feature bran
On Sun, 2019-10-27 at 20:29 -0700, Russ Allbery wrote:
> If you modify the upstream source, then by definition you do not have
> reproducibility of the upstream source, and you're now talking about
> something else (review of the changes, which I called audit in my
> previous message).
I think I'm
Russell Stuart writes:
> Harking back to the time we removed the randomness generator from
> openssl, it's very nice to have a single patch say "it was removed
> because it wasn't exercised in the tests. upstream didn't respond to
> requests for comment" rather than having it interspersed with t
Russell Stuart writes:
> That is a great definition of reproducibility if all you are interested
> in is the Debian version of the package. It is not so great if you want
> is the upstream version of the package - ie, it is important to you that
> it behaves identically or at least diverges in a
On Wed, 2019-10-23 at 09:49 -0400, Theodore Y. Ts'o wrote:
> Generating a reproducible source package given a particuar git commit
> is trivial. All you have to do is use "git archive". For example:
It is indeed. Almost a tautology. But it's not what I'm interested in
doing. The focus is on s
On Tue, 2019-10-22 at 20:21 -0700, Russ Allbery wrote:
> I define reproducibility as generating the same Debian source package
> from a signed Git tag of my packaging repository plus, for non-native
> packages, whatever release artifacts upstream considers canonical
> (which may be a signed tarbal
Hello,
On Sat 26 Oct 2019 at 04:24PM -07, Russ Allbery wrote:
>> It probably would also be useful if the metadata had some standardized
>> way to indicate the preferred way to propose changes to either upstream
>> or the debian packaging maintainer --- whether it's e-mail to a
>> particular e-mai
Hi,
On 27.10.19 01:20, Theodore Y. Ts'o wrote:
> I think we will need to support the source tar.gz for the forseeable
> future. At very least, *deprecating* the tar.gz/tar.gz.asc format
> should be independent of question we also support a format that
> involves a URL to a git repoistory plus a
Hi Ansgar,
On Wed, Oct 23, 2019 at 08:32:11AM +0200, Ansgar wrote:
> I believe bugs should always be assigned to source packages as source
> packages are really the unit we use to keep track of packages.
Since the thread seems largly in favour of this, let me strongly
disagree.
I extensively use
On Tue, Oct 22, 2019 at 09:58:00PM -0400, Sam Hartman wrote:
> I think we have about two weeks left in the review period.
> Just as a reminder we do need comments.
> Even if people generally agree, we do need at least a few comments to
> that effect.
I like the current proposal for a default sugg
On 2019-10-27, Ansgar wrote:
> We have usertags and other mechanisms that allow grouping bugs in
> maintainer-defined ways. This is also used by pseudo-packages where we
> don't have "binaries" to group bug reports by.
But that moves the "default" work, where users is right at least more
than 50
On 10/27/19 10:45 AM, Florian Weimer wrote:
> * Thomas Goirand:
>
>> I've setup my new laptop with secureboot, and now, I can't use the DKMS
>> modules from Virtualbox, as they aren't signed. I've been told by Sledge
>> that I should use MOK to do that, and that DKMS packages are supposed to
>> ha
* Thomas Goirand:
> I've setup my new laptop with secureboot, and now, I can't use the DKMS
> modules from Virtualbox, as they aren't signed. I've been told by Sledge
> that I should use MOK to do that, and that DKMS packages are supposed to
> have all in them to support MOK.
I don't think secure
On 10/25/19 4:52 PM, Thomas Goirand wrote:
> Hi,
>
> I've setup my new laptop with secureboot, and now, I can't use the DKMS
> modules from Virtualbox, as they aren't signed. I've been told by Sledge
> that I should use MOK to do that, and that DKMS packages are supposed to
> have all in them to s
Sune Vuorela writes:
> On 2019-10-23, Ansgar wrote:
>> So I'm wondering if we should start just filing all bug reports against
>> source packages? Reportbug could probably be easily changed to use
>> `Source: ...` instead of `Package: ...`; more places could follow later.
>
> Have you ever mainta
Guillem Jover writes:
> On Wed, 2019-10-23 at 08:32:11 +0200, Ansgar wrote:
>> the thread about naming (source) packages reminded me of an other thing:
>> Debian's bug tracking system currently (mostly) tracks bugs against
>> binary packages and (less often) against source packages.
>
>> It gets co
Package: wnpp
Severity: wishlist
Owner: Hideki Yamane
* Package name: wget2
Version : 1.99.2
Upstream Author : Tim Rühsen *tim.ruehsen [at] gmx.de*
* URL : https://gitlab.com/gnuwget/wget2
* License : GPL-3+, LGPL-3+
Programming Lang: C
Description : fi
17 matches
Mail list logo