Re: Is it possible to upload new sources of a package from a URL?

/*Vít Ondruch*/ wrote on Tue, 3 Oct 2017 08:21:57 +0200: Dne 2.10.2017 v 22:31 Hedayat Vatankhah napsal(a): /*Björn Persson*/ wrote on Mon, 2 Oct 2017 16:28:02 +0200: Dennis Gilmore wrote: Today We rely on you as a packager verifying the sources, and by uploading them

Re: Is it possible to upload new sources of a package from a URL?

Dne 3.10.2017 v 08:21 Vít Ondruch napsal(a): > > Dne 2.10.2017 v 22:31 Hedayat Vatankhah napsal(a): >> /*Björn Persson*/ wrote on Mon, 2 Oct 2017 16:28:02 +0200: >>> Dennis Gilmore wrote: Today We rely on you as a packager verifying the sources, and by uploading them

Re: Is it possible to upload new sources of a package from a URL?

Dne 2.10.2017 v 22:31 Hedayat Vatankhah napsal(a): > > /*Björn Persson*/ wrote on Mon, 2 Oct 2017 16:28:02 +0200: >> Dennis Gilmore wrote: >>> Today We rely on you as a packager >>> verifying the sources, and by uploading them directly you are saying >>> this is really what I

Re: Is it possible to upload new sources of a package from a URL?

/*Björn Persson*/ wrote on Mon, 2 Oct 2017 16:28:02 +0200: Dennis Gilmore wrote: Today We rely on you as a packager verifying the sources, and by uploading them directly you are saying this is really what I intended to send you and I have ensured that it is good. You would

Re: Is it possible to upload new sources of a package from a URL?

Dennis Gilmore wrote: > Today We rely on you as a packager > verifying the sources, and by uploading them directly you are saying > this is really what I intended to send you and I have ensured that it > is good. You would need to work with release engineering and >

Re: Is it possible to upload new sources of a package from a URL?

El mar, 26-09-2017 a las 01:49 +0330, Hedayat Vatankhah escribió: > /*Pierre-yves Chibon*/ wrote on Mon, 25 Sep 2017 09:38:39 +0200: > > On Sun, Sep 24, 2017 at 10:56:45AM +0330, Hedayat Vatankhah wrote: > > > Dear all, > > > Currently, AFAIK, the suggested method to upload new sources for > > > a

Re: Is it possible to upload new sources of a package from a URL?

Emmanuel Seyman wrote: > * Gerald Henriksen [26/09/2017 09:02] : >> >> That may be fine for any packagers who are actually paid to package >> (though even then I would have my doubts that every line of source has >> been checked), but it is clearly an impossible task in terms of time >> required

Re: Is it possible to upload new sources of a package from a URL?

Hedayat Vatankhah wrote: > :O Great! Currently, I can't even imagine maintaining any packages over > few megabytes (maybe 100MiB tops, which will be a pain!), but not much > long before, I had a hard time uploading a 21MiB data... specially since > there is no way to resume uploading a source to

Re: Is it possible to upload new sources of a package from a URL?

On Tue, Sep 26, 2017 at 08:08:18PM +0330, Hedayat Vatankhah wrote: > However, is it really that hard/problematic/.. for Fedora to support > such a use case? Certainly it'd be much more convenient for > packagers if such a small (at least, this is how I look at it!) > enhancement is made. It's not

Re: Is it possible to upload new sources of a package from a URL?

/*Matthew Miller*/ wrote on Tue, 26 Sep 2017 09:28:07 -0400: On Mon, Sep 25, 2017 at 11:38:07PM +, Tim Landscheidt wrote: If data volume is expensive or difficult for you, you could look into renting a (virtual) private server and then devel- oping there via ssh. Offers usually start at

Re: Is it possible to upload new sources of a package from a URL?

On Tue, Sep 26, 2017 at 05:30:50PM +0200, Emmanuel Seyman wrote: > > That may be fine for any packagers who are actually paid to package > > (though even then I would have my doubts that every line of source has > > been checked), but it is clearly an impossible task in terms of time > > required

Re: Is it possible to upload new sources of a package from a URL?

* Gerald Henriksen [26/09/2017 09:02] : > > That may be fine for any packagers who are actually paid to package > (though even then I would have my doubts that every line of source has > been checked), but it is clearly an impossible task in terms of time > required for all the volunteer

Re: Is it possible to upload new sources of a package from a URL?

On Mon, Sep 25, 2017 at 11:38:07PM +, Tim Landscheidt wrote: > If data volume is expensive or difficult for you, you could > look into renting a (virtual) private server and then devel- > oping there via ssh. Offers usually start at less than > $ 5,-/month. (I'm not aware of free solutions;

Re: Is it possible to upload new sources of a package from a URL?

On Tue, 26 Sep 2017 07:50:11 + (UTC), you wrote: >On 2017-09-26, Richard W.M. Jones wrote: >> On Tue, Sep 26, 2017 at 07:18:12AM +, Petr Pisar wrote: >>> A packager is responsible for reviewing the code before uploading it to the >>> Fedora infrastructure. It does not

Re: Is it possible to upload new sources of a package from a URL?

On 2017-09-26, Richard W.M. Jones wrote: > On Tue, Sep 26, 2017 at 07:18:12AM +, Petr Pisar wrote: >> On 2017-09-25, Hedayat Vatankhah wrote: >> > /*Pierre-yves Chibon*/ wrote on Mon, 25 Sep 2017 09:38:39 +0200: >> >> It's an interesting idea but

Re: Is it possible to upload new sources of a package from a URL?

On Tue, Sep 26, 2017 at 07:18:12AM +, Petr Pisar wrote: > On 2017-09-25, Hedayat Vatankhah wrote: > > /*Pierre-yves Chibon*/ wrote on Mon, 25 Sep 2017 09:38:39 +0200: > >> It's an interesting idea but then it would become quite hard to check > >> if there is a mitm

Re: Is it possible to upload new sources of a package from a URL?

On 2017-09-25, Hedayat Vatankhah wrote: > /*Pierre-yves Chibon*/ wrote on Mon, 25 Sep 2017 09:38:39 +0200: >> It's an interesting idea but then it would become quite hard to check >> if there is a mitm attack of some sort. With the current process, at >> least the packager

Re: Is it possible to upload new sources of a package from a URL?

> On Sep 25, 2017, at 5:38 PM, Tim Landscheidt wrote: > > Hedayat Vatankhah wrote: > >> […] >> Yes, but even if I'm forced to download locally, it is much >> better than being forced to upload it again. (Also, note >> that the current process

Re: Is it possible to upload new sources of a package from a URL?

Hedayat Vatankhah wrote: > […] > Yes, but even if I'm forced to download locally, it is much > better than being forced to upload it again. (Also, note > that the current process doesn't prevent MITM if it happens > when I download the source). > Also, it is easier to

Re: Is it possible to upload new sources of a package from a URL?

/*Richard W.m. Jones*/ wrote on Mon, 25 Sep 2017 10:11:55 +0100: On Sun, Sep 24, 2017 at 10:56:45AM +0330, Hedayat Vatankhah wrote: Dear all, Currently, AFAIK, the suggested method to upload new sources for a package is using 'fedpkg new-sources' which uploads new sources from your local

Re: Is it possible to upload new sources of a package from a URL?

/*Pierre-yves Chibon*/ wrote on Mon, 25 Sep 2017 09:38:39 +0200: On Sun, Sep 24, 2017 at 10:56:45AM +0330, Hedayat Vatankhah wrote: Dear all, Currently, AFAIK, the suggested method to upload new sources for a package is using 'fedpkg new-sources' which uploads new sources from your local

Re: Is it possible to upload new sources of a package from a URL?

On Sun, Sep 24, 2017 at 10:56:45AM +0330, Hedayat Vatankhah wrote: > Dear all, > Currently, AFAIK, the suggested method to upload new sources for a > package is using 'fedpkg new-sources' which uploads new sources from > your local system. I wonder if there is a method to upload new > sources from

Re: Is it possible to upload new sources of a package from a URL?

On Sun, Sep 24, 2017 at 10:56:45AM +0330, Hedayat Vatankhah wrote: > Dear all, > Currently, AFAIK, the suggested method to upload new sources for a package > is using 'fedpkg new-sources' which uploads new sources from your local > system. I wonder if there is a method to upload new sources from a

Re: Is it possible to upload new sources of a package from a URL?

Hedayat Vatankhah wrote: > Dear all, > Currently, AFAIK, the suggested method to upload new sources for a > package is using 'fedpkg new-sources' which uploads new sources from > your local system. I wonder if there is a method to upload new sources > from a URL rather than your local filesystem?