Re: review for pipenv/2022.10.12-1
> You can avoid resetting or forcing anything by increasing the > repacksuffix. As far as both git and the tooling are concerned, that > makes it an all new upstream version without conflicts with the > repo's current content, so pushing to git works just fine. > First update the excluded files in d/copyright and commit that > change, then run with the usual 'gbp import-orig --pristine-tar > --uscan'. When gbp asks you for the upstream version, modify the +ds > part to +ds2 and proceed with that. Thanks! uscan was not quite letting me use gbp import-orig but I was able to update the excluded files and have uscan re-download the new tarball correctly. Then I just had to rename the tarball with the +ds2 version and use gbp import-orig . Anyway that produced the intended result, so I pushed that along with the lintian-overrides, and the pipeline passes. >> I totally lost interest in maintaining that package and kind of neglected >> it because of the vendoring and the package itself or rather its upstream. >> Anyways, I thought I've orphaned it long time ago (maybe I forgot to do >> that). So thank you for taking over, I'm sure a lot of users will be happy! No problem! I am happy to help. I added myself as an uploader also, and I do not think there is a need to formally orphan if the team still maintains it (and I will continue to upload). Ileana
Re: review for pipenv/2022.10.12-1
On Fri, 28 Oct 2022 16:46:51 +0300 Ileana Dumitrescu wrote: > > I did just notice the upstream release contains several other > > files worth considering for removal: a bunch of windows > > executables [1]. > > I agree and can remove those from the source tarball too. To do that > with the current upstream version in salsa though requires me to git > reset, re-import the 2022.10.25+ds upstream with updated > Files-Excluded, then add back the other commits. I have done that > locally but this requires a force push which is not allowed for the > debian branch since it is protected. You can avoid resetting or forcing anything by increasing the repacksuffix. As far as both git and the tooling are concerned, that makes it an all new upstream version without conflicts with the repo's current content, so pushing to git works just fine. First update the excluded files in d/copyright and commit that change, then run with the usual 'gbp import-orig --pristine-tar --uscan'. When gbp asks you for the upstream version, modify the +ds part to +ds2 and proceed with that. pgp2cYyiFNEPC.pgp Description: OpenPGP digital signature
Re: review for pipenv/2022.10.12-1
Thanks for taking over! I totally lost interest in maintaining that package and kind of neglected it because of the vendoring and the package itself or rather its upstream. Anyways, I thought I've orphaned it long time ago (maybe I forgot to do that). So thank you for taking over, I'm sure a lot of users will be happy! Cheers, Bastian -- Dr. Bastian Venthur https://venthur.de Debian Developer venthur at debian org
Re: review for pipenv/2022.10.12-1
> I did just notice the upstream release contains several other files > worth considering for removal: a bunch of windows executables [1]. I agree and can remove those from the source tarball too. To do that with the current upstream version in salsa though requires me to git reset, re-import the 2022.10.25+ds upstream with updated Files-Excluded, then add back the other commits. I have done that locally but this requires a force push which is not allowed for the debian branch since it is protected. Alternatively I can keep the existing upstream import (which only excludes get-pipenv.py and not the *.exe files) and add the new excluded files in debian/copyright for the next upstream import. Please let me know your preference on these repack options, and I will update accordingly. > Lintian seems to think the source for some html file is missing, but > at first glance that hit may well be a false positive triggered by > some bits of javascript. > Unrelated to any of the above, I pushed some minor changes and > enabled the CI on salsa. Thanks! I noticed the false positive and since the lintian test on the pipeline fails, I will add a lintian-overrides file so that it can pass. I have not pushed that to salsa yet, but I will after hearing your preference with the repack. Ileana
Re: review for pipenv/2022.10.12-1
On Wed, 26 Oct 2022 17:29:59 +0300 Ileana Dumitrescu wrote: > Thank you for the feedback! I made changes as you suggested. There > is a new upstream version that I also included in the new package. Great! The copyright stuff is a chore on packages like this, so thanks alot for seeing that through. > Reading debian package policy I noticed that removing files from a > tarball for a repack (as Bastian suggested in bug #1019714) should > require a +ds suffix, so I packaged the new version with > 2022.10.25+ds-1. Please let me know if I did this incorrectly or if > this should not be done for this package. Indeed, a repacksuffix is used to indicate changes were made to an upstream release so that's perfectly fine this way. Typically, +dfsg is used to signal the source was repacked for DFSG compliance reasons and +ds when repacking for some other reason. I did just notice the upstream release contains several other files worth considering for removal: a bunch of windows executables [1]. > > + E: pipenv: python-traceback-in-manpage is a false positive, > please override. > > This did not show up in lintian with the new upstream version. It seems they revamped the manpage, although the new one also earns a lintian hit [1], this time about a bad (missing?) 'whatis' entry. Lintian seems to think the source for some html file is missing, but at first glance that hit may well be a false positive triggered by some bits of javascript. Unrelated to any of the above, I pushed some minor changes and enabled the CI on salsa. [1]https://salsa.debian.org/python-team/packages/pipenv/-/jobs/3434663 pgp5w4MKIi4xX.pgp Description: OpenPGP digital signature
Re: review for pipenv/2022.10.12-1
Hi, Thank you for the feedback! I made changes as you suggested. There is a new upstream version that I also included in the new package. New updates are in salsa, and I will put a RFS on the IRC channel. Reading debian package policy I noticed that removing files from a tarball for a repack (as Bastian suggested in bug #1019714) should require a +ds suffix, so I packaged the new version with 2022.10.25+ds-1. Please let me know if I did this incorrectly or if this should not be done for this package. > + E: pipenv: python-traceback-in-manpage is a false positive, please override. This did not show up in lintian with the new upstream version. > PS: I'm kind of surprised a package with this amount of vendoring > managed to survive the ftp masters' review. Apparently, sometimes > miracles do happen. I totally agree. This package is quite a mess to deal with. Hopefully future upstream versions do not keep changing the vendor files, otherwise the licensing will continue to be a nightmare. I will continue to monitor pipenv as they are releasing new upstreams quite frequently. Ileana Dumitrescu GPG Public Key: FA26 CA78 4BE1 8892 7F22 B99F 6570 EA01 146F 7354