date:20231220

[Bug 2255477] CVE-2023-47100 perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255477



--- Comment #1 from Avinash Hanwate  ---
Use the following template to for the 'fedpkg update' request to submit an
update for this issue as it contains the top-level parent bug(s) as well as
this tracking bug.  This will ensure that all associated bugs get updated
when new packages are pushed to stable.

=

# bugfix, security, enhancement, newpackage (required)
type=security

# low, medium, high, urgent (required)
severity=high

# testing, stable
request=testing

# Bug numbers: 1234,9876
bugs=2255476,2255477

# Description of your update
notes=Security fix for [PUT CVEs HERE]

# Enable request automation based on the stable/unstable karma thresholds
autokarma=True
stable_karma=3
unstable_karma=-3

# Automatically close bugs when this marked as stable
close_bugs=True

# Suggest that users restart after update
suggest_reboot=False

==

Additionally, you may opt to use the bodhi web interface to submit updates:

https://bodhi.fedoraproject.org/updates/new


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255477

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202255477%23c1
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255479] CVE-2023-47100 perl:5.36/perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255479

Avinash Hanwate  changed:

   What|Removed |Added

 Blocks||2255476 (CVE-2023-47100)





Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=2255476
[Bug 2255476] CVE-2023-47100 perl: Perl security bypass
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255479
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255477] CVE-2023-47100 perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255477

Avinash Hanwate  changed:

   What|Removed |Added

 Blocks||2255476 (CVE-2023-47100)





Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=2255476
[Bug 2255476] CVE-2023-47100 perl: Perl security bypass
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255477
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255479] CVE-2023-47100 perl:5.36/perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255479



--- Comment #1 from Avinash Hanwate  ---
Use the following template to for the 'fedpkg update' request to submit an
update for this issue as it contains the top-level parent bug(s) as well as
this tracking bug.  This will ensure that all associated bugs get updated
when new packages are pushed to stable.

=

# bugfix, security, enhancement, newpackage (required)
type=security

# low, medium, high, urgent (required)
severity=high

# testing, stable
request=testing

# Bug numbers: 1234,9876
bugs=2255476,2255479

# Description of your update
notes=Security fix for [PUT CVEs HERE]

# Enable request automation based on the stable/unstable karma thresholds
autokarma=True
stable_karma=3
unstable_karma=-3

# Automatically close bugs when this marked as stable
close_bugs=True

# Suggest that users restart after update
suggest_reboot=False

==

Additionally, you may opt to use the bodhi web interface to submit updates:

https://bodhi.fedoraproject.org/updates/new


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255479

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202255479%23c1
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255478] CVE-2023-47100 perl:5.34/perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255478

Avinash Hanwate  changed:

   What|Removed |Added

 Blocks||2255476 (CVE-2023-47100)





Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=2255476
[Bug 2255476] CVE-2023-47100 perl: Perl security bypass
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255478
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255479] New: CVE-2023-47100 perl:5.36/perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255479

Bug ID: 2255479
   Summary: CVE-2023-47100 perl:5.36/perl: Perl security bypass
[fedora-all]
   Product: Fedora
   Version: 39
Status: NEW
 Component: perl
  Keywords: Security, SecurityTracking
  Severity: high
  Priority: high
  Assignee: jples...@redhat.com
  Reporter: ahanw...@redhat.com
QA Contact: extras...@fedoraproject.org
CC: iarn...@gmail.com, jples...@redhat.com, ka...@ucw.cz,
mmasl...@redhat.com, mspa...@redhat.com,
perl-devel@lists.fedoraproject.org, ppi...@redhat.com,
psab...@redhat.com, rhug...@redhat.com,
spo...@gmail.com
  Target Milestone: ---
Classification: Fedora




More information about this security flaw is available in the following bug:

http://bugzilla.redhat.com/show_bug.cgi?id=2255476

Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255479

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202255479%23c0
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255478] CVE-2023-47100 perl:5.34/perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255478



--- Comment #1 from Avinash Hanwate  ---
Use the following template to for the 'fedpkg update' request to submit an
update for this issue as it contains the top-level parent bug(s) as well as
this tracking bug.  This will ensure that all associated bugs get updated
when new packages are pushed to stable.

=

# bugfix, security, enhancement, newpackage (required)
type=security

# low, medium, high, urgent (required)
severity=high

# testing, stable
request=testing

# Bug numbers: 1234,9876
bugs=2255476,2255478

# Description of your update
notes=Security fix for [PUT CVEs HERE]

# Enable request automation based on the stable/unstable karma thresholds
autokarma=True
stable_karma=3
unstable_karma=-3

# Automatically close bugs when this marked as stable
close_bugs=True

# Suggest that users restart after update
suggest_reboot=False

==

Additionally, you may opt to use the bodhi web interface to submit updates:

https://bodhi.fedoraproject.org/updates/new


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255478

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202255478%23c1
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255477] New: CVE-2023-47100 perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255477

Bug ID: 2255477
   Summary: CVE-2023-47100 perl: Perl security bypass [fedora-all]
   Product: Fedora
   Version: 39
Status: NEW
 Component: perl
  Keywords: Security, SecurityTracking
  Severity: high
  Priority: high
  Assignee: jples...@redhat.com
  Reporter: ahanw...@redhat.com
QA Contact: extras...@fedoraproject.org
CC: iarn...@gmail.com, jples...@redhat.com, ka...@ucw.cz,
mmasl...@redhat.com, mspa...@redhat.com,
perl-devel@lists.fedoraproject.org, ppi...@redhat.com,
psab...@redhat.com, rhug...@redhat.com,
spo...@gmail.com
  Target Milestone: ---
Classification: Fedora




More information about this security flaw is available in the following bug:

http://bugzilla.redhat.com/show_bug.cgi?id=2255476

Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255477

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202255477%23c0
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2255478] New: CVE-2023-47100 perl:5.34/perl: Perl security bypass [fedora-all]

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=2255478

Bug ID: 2255478
   Summary: CVE-2023-47100 perl:5.34/perl: Perl security bypass
[fedora-all]
   Product: Fedora
   Version: 39
Status: NEW
 Component: perl
  Keywords: Security, SecurityTracking
  Severity: high
  Priority: high
  Assignee: jples...@redhat.com
  Reporter: ahanw...@redhat.com
QA Contact: extras...@fedoraproject.org
CC: iarn...@gmail.com, jples...@redhat.com, ka...@ucw.cz,
mmasl...@redhat.com, mspa...@redhat.com,
perl-devel@lists.fedoraproject.org, ppi...@redhat.com,
psab...@redhat.com, rhug...@redhat.com,
spo...@gmail.com
  Target Milestone: ---
Classification: Fedora




More information about this security flaw is available in the following bug:

http://bugzilla.redhat.com/show_bug.cgi?id=2255476

Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2255478

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%202255478%23c0
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Fedora Developer Portal Holiday Release

2023-12-20 Thread Jarek Prokop


Hi,

we have new Fedora Developer Portal release. This is most probably the 
last release of 2023.


In no particular order:
Update rails.md to use packaged rbenv (#492)
* https://developer.fedoraproject.org/start/sw/web-app/rails.html

Remove cassandra from the database section. (#500)
* https://developer.fedoraproject.org/tech/database/cassandra/about.html

Update information about GOPROXY, GOSUMDB, GOTOOLCHAIN (#491)
* https://developer.fedoraproject.org/tech/languages/go/go-installation.html

Haskell platform page was deprecated upstream, Fedora still provides it. 
(#497)
* 
https://developer.fedoraproject.org/tech/languages/haskell/haskell-installation.html


Introduce sections for rustup in Further reading section of Rust. (#499)
* 
https://developer.fedoraproject.org/tech/languages/rust/further-reading.html


Fix the content for /etc/sudoers for passwordless nfsd setup in vagrant. 
(#496)

* https://developer.fedoraproject.org/tools/vagrant/vagrant-nfs.html

Thanks to all the keen eyes reporting outdated content and of course 
thanks to all the community contributors

that take the time to update it.

Happy holidays,
Jarek Prokop
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Heads up: Flask and Werkzeug 3.0

2023-12-20 Thread Frantisek Zatloukal

I have been working on the Pull Requests for Flask and Werkzeug rebases
from 2.2.x versions to the 3.x in Fedora Rawhide. I am using the Werkzeug
PR as the base one to post comments.

Impact check is in the first comment:
https://src.fedoraproject.org/rpms/python-werkzeug/pull-request/16#

These packages have lots of dependencies, but If I am not missing anything
important, most of the breakage should've been resolved by now (or at least
with a fix proposed).

The changes in both of the projects are significant with lots of
deprecations, removals, cleanups, and improvements:

Werkzeug 2.3 :
https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-2-3-0
Werkzeug 3.0 :
https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-0

Flask 2.3 :
https://flask.palletsprojects.com/en/3.0.x/changes/#version-2-3-0
Flask 3.0 :
https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0

In any case, I'd like to land the rebase to 3.x early January. I hope I'll
have all the issues resolved by then. If something isn't ready, I'll try to
work on fixing the remaining issues and/or at least provide help to the
potentially affected maintainers.


-- 

Best regards / S pozdravem,

František Zatloukal
Senior Quality Engineer
Red Hat
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: F40 Change Proposal: F40 Change Proposal: Unify /usr/bin and /usr/sbin (System-Wide)

2023-12-20 Thread Neal Gompa

On Wed, Dec 20, 2023 at 2:55 PM Aoife Moloney  wrote:
>
> ** Adjust `%_sbindir` in `/usr/lib/rpm/macros` (part of `rpm`
> package). Packages will be updated automatically during the mass
> rebuild.

This should probably be set in redhat-rpm-config instead of modifying
the core rpm package.




--
真実はいつも一つ！/ Always, there's only one truth!
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Wifi MAC Randomization (System Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/WifiMACRandomization

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Adopt stable-ssid as the default MAC address randomization mode for
Wi-Fi networks in NetworkManager for Fedora 40, enhancing user privacy
without compromising network stability.


== Owner ==
* Name: [[User:sfaye| Stanislas FAYE]], [[User:Till| Till Maas]]
* Email:  , 


== Detailed Description ==
The change involves adding a new file,
/usr/lib/NetworkManager/conf.d/22-wifi-mac-addr.conf. This file sets
`wifi.cloned-mac-address=”stable-ssid”` as the default mode for MAC
address randomization in Wi-Fi connections within NetworkManager for
[https://docs.fedoraproject.org/en-US/releases/f40/ Fedora Linux 40].
The `stable-ssid` mode, which generates a MAC address based on the
network's SSID, is aimed at enhancing user privacy. This new default
value will apply to Wi-Fi profiles in
[https://docs.fedoraproject.org/en-US/releases/f40/ Fedora Linux 40],
but profiles have the option to explicitly set different values to
override the default.
The content of the added file is:
   [connection.22-wifi-mac-addr]
   match-device=type:wifi
   wifi.cloned-mac-address=stable-ssid

   [.config]
   enable=nm-version-min:1.45

For further details, please refer to `man NetworkManager.conf`.

Note that this change will impact networks that rely on static MAC
addresses. Users may need to adjust their Wi-Fi settings, particularly
if their network operations depend on consistent MAC addresses. For
example, networks with access control based on MAC addresses will need
to explicitly set `wifi.cloned-mac-address` to “preserve” in network
profiles to avoid any disruptions in connectivity.


== Benefit to Fedora ==
This change enhances user privacy by addressing the issue of MAC
address tracking method used by network operators and advertisers to
gather data about users’ movements and device usage patterns. By
randomizing MAC addresses, Fedora reduces the potential for this type
of passive surveillance, thereby enhancing individual privacy. It
aligns Fedora with privacy-focused features present in other modern
operating systems. The generated MAC address under the `stable-ssid`
mode is derived from the network’s SSID, a per-host key (from
`/etc/machine-id` and `/var/lib/NetworkManager/secret_key`), and a
per-interface identifier.


== Scope ==
* Proposal owners:
The 
[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1789
merge request] is already merged upstream.

* Other developers: N/A

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)


== Upgrade/compatibility impact ==

With the adoption of `stable-ssid` as the default in Fedora 40,
existing users may experience changes in their Wi-Fi connection
behavior, particularly those whose network setups depend on fixed MAC
addresses. It’s crucial for users to be aware that upgrading to Fedora
40 will apply this new MAC address randomization by default. Users
needing to maintain consistent MAC addresses for specific networks can
address this by following one of these steps:

1. Manually set `wifi.cloned-mac-address` to `permanent` for specific
profiles using

   `nmcli connection modify [$PROFILE] wifi.cloned-mac-address permanent`

2. Create a custom configuration file in
`/etc/NetworkManager/conf.d/22-wifi-mac-addr.conf`, which can be empty
or contain specific configurations. This will prevent the default file
in `/usr/lib` from being loaded.

3. Create a higher priority .conf file like
/etc/NetworkManager/conf.d/90-wifi-mac-addr.conf with:

   [connection-90-wifi-mac-addr-conf]
   wifi.cloned-mac-address=permanent

For details on the order in which configuration files are loaded and
their priority, refer to `man NetworkManager.conf`


== How To Test ==
* Upgrade NetworkManager to version 1.45 or newer  implementing the
stable-ssid mode
* Connect to Wi-Fi network using nmcli or the GNOME network settings
* Use `ip link show` (replacing [device] with your Wi-Fi device’s
name) to check the MAC address assigned to the device.
* Note the MAC address and reconnect to the same network to confirm
that the MAC address remains consistent across sessions.
* Connect to different Wi-Fi networks and observe the MAC address for
each connection.
* Ensure that the MAC address is derived from the network’s SSID.
* Manually override the MAC address for a specific Wi-Fi profile using
`nmcli connection modify [profile] wifi.cloned-mac-address
[your-mac-address]` to set a specific MAC address
* Reconnect to the network and use `nmcli device show [device]` to
verify that the specified MAC address is being used.

==

F40 Change Proposal: Wifi MAC Randomization (System Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/WifiMACRandomization

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Adopt stable-ssid as the default MAC address randomization mode for
Wi-Fi networks in NetworkManager for Fedora 40, enhancing user privacy
without compromising network stability.


== Owner ==
* Name: [[User:sfaye| Stanislas FAYE]], [[User:Till| Till Maas]]
* Email:  , 


== Detailed Description ==
The change involves adding a new file,
/usr/lib/NetworkManager/conf.d/22-wifi-mac-addr.conf. This file sets
`wifi.cloned-mac-address=”stable-ssid”` as the default mode for MAC
address randomization in Wi-Fi connections within NetworkManager for
[https://docs.fedoraproject.org/en-US/releases/f40/ Fedora Linux 40].
The `stable-ssid` mode, which generates a MAC address based on the
network's SSID, is aimed at enhancing user privacy. This new default
value will apply to Wi-Fi profiles in
[https://docs.fedoraproject.org/en-US/releases/f40/ Fedora Linux 40],
but profiles have the option to explicitly set different values to
override the default.
The content of the added file is:
   [connection.22-wifi-mac-addr]
   match-device=type:wifi
   wifi.cloned-mac-address=stable-ssid

   [.config]
   enable=nm-version-min:1.45

For further details, please refer to `man NetworkManager.conf`.

Note that this change will impact networks that rely on static MAC
addresses. Users may need to adjust their Wi-Fi settings, particularly
if their network operations depend on consistent MAC addresses. For
example, networks with access control based on MAC addresses will need
to explicitly set `wifi.cloned-mac-address` to “preserve” in network
profiles to avoid any disruptions in connectivity.


== Benefit to Fedora ==
This change enhances user privacy by addressing the issue of MAC
address tracking method used by network operators and advertisers to
gather data about users’ movements and device usage patterns. By
randomizing MAC addresses, Fedora reduces the potential for this type
of passive surveillance, thereby enhancing individual privacy. It
aligns Fedora with privacy-focused features present in other modern
operating systems. The generated MAC address under the `stable-ssid`
mode is derived from the network’s SSID, a per-host key (from
`/etc/machine-id` and `/var/lib/NetworkManager/secret_key`), and a
per-interface identifier.


== Scope ==
* Proposal owners:
The 
[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1789
merge request] is already merged upstream.

* Other developers: N/A

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)


== Upgrade/compatibility impact ==

With the adoption of `stable-ssid` as the default in Fedora 40,
existing users may experience changes in their Wi-Fi connection
behavior, particularly those whose network setups depend on fixed MAC
addresses. It’s crucial for users to be aware that upgrading to Fedora
40 will apply this new MAC address randomization by default. Users
needing to maintain consistent MAC addresses for specific networks can
address this by following one of these steps:

1. Manually set `wifi.cloned-mac-address` to `permanent` for specific
profiles using

   `nmcli connection modify [$PROFILE] wifi.cloned-mac-address permanent`

2. Create a custom configuration file in
`/etc/NetworkManager/conf.d/22-wifi-mac-addr.conf`, which can be empty
or contain specific configurations. This will prevent the default file
in `/usr/lib` from being loaded.

3. Create a higher priority .conf file like
/etc/NetworkManager/conf.d/90-wifi-mac-addr.conf with:

   [connection-90-wifi-mac-addr-conf]
   wifi.cloned-mac-address=permanent

For details on the order in which configuration files are loaded and
their priority, refer to `man NetworkManager.conf`


== How To Test ==
* Upgrade NetworkManager to version 1.45 or newer  implementing the
stable-ssid mode
* Connect to Wi-Fi network using nmcli or the GNOME network settings
* Use `ip link show` (replacing [device] with your Wi-Fi device’s
name) to check the MAC address assigned to the device.
* Note the MAC address and reconnect to the same network to confirm
that the MAC address remains consistent across sessions.
* Connect to different Wi-Fi networks and observe the MAC address for
each connection.
* Ensure that the MAC address is derived from the network’s SSID.
* Manually override the MAC address for a specific Wi-Fi profile using
`nmcli connection modify [profile] wifi.cloned-mac-address
[your-mac-address]` to set a specific MAC address
* Reconnect to the network and use `nmcli device show [device]` to
verify that the specified MAC address is being used.

==

F40 Change Proposal: F40 Change Proposal: Unify /usr/bin and /usr/sbin (System-Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/Unify_bin_and_sbin

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
The `/usr/sbin` directory becomes a symlink to `bin`, which means
paths like `/usr/bin/foo` and `/usr/sbin/foo` point to the same place.
`/bin` and `/sbin` are already symlinks to `/usr/bin` and `/usr/sbin`,
so effectively `/bin/foo` and `/sbin/foo` also point to the same
place. `/usr/sbin` will be removed from the default `$PATH`.

== Owner ==
* Name: [[User:zbyszek|Zbigniew Jędrzejewski-Szmek]]
* Email: zbyszek at in.waw.pl

== Detailed Description ==
The split between `/bin` and `/sbin` is not useful, and also unused.
The original split was to have "important" binaries statically linked
in `/sbin` which could then be used for emergency and rescue
operations. Obviously, we don't do static linking anymore. Later, the
split was repurposed to isolate "important" binaries that would only
be used by the administrator. While this seems attractive in theory,
in practice it's very hard to categorize programs like this, and
normal users routinely invoke programs from `/sbin`. Most programs
that require root privileges for ''certain'' operations are also used
when operating without privileges. And even when privileges are
required, often those are acquired dynamically, e.g. using `polkit`.
Since many years, the default `$PATH` set for users includes both
directories. With the advent of systemd this has become more
systematic: systemd sets `$PATH` with both directories for all users
and services. So in general, all users and programs would find both
sets of binaries.

One additional use of the `/bin`—`/sbin` split is `consolehelper`. In
this approach, the user-facing program (`/bin/foo`) is a symlink to
`/bin/consolehelper`, which is a suid binary that elevates privileges
and calls the "real" `foo` (`/sbin/foo` or `/usr/libexec/foo`). Most
uses of consolehelper have been moved to polkit
(https://fedoraproject.org/wiki/Features/UsermodeMigration), but some
users remain (https://bugzilla.redhat.com/show_bug.cgi?id=502765). Use
of `/sbin` for the privileged program is incompatible with the
proposed merge; those packages will need to be adjusted to move the
binary that requires privileges under `/usr/lib` or `/usr/libexec`
(see Scope below).

Since generally all user sessions and services have both directories
in `$PATH`, this split actually isn't ''used'' for anything. Its main
effect is confusion when people need to use the absolute path and
guess the directory wrong. Other distributions put some binaries in
the other directory, so the absolute path is often not portable. Also,
it is very easy for a user to end up with `/sbin` before `/bin` in
`$PATH`, and for an administrator to end up with `/bin` before `/sbin`
in `$PATH`, causing confusion. If this feature is dropped, the system
became a little bit simpler, which is useful especially for new users,
who are not aware of the history of the split.

Many years ago we merged `/bin` and `/usr/bin`
(https://fedoraproject.org/wiki/Features/UsrMove). In some ways
''that'' split was similar: it had historical justification that went
away more than a decade prior, it was impossible to cleanly categorize
programs into the the categories so effectively both parts were needed
for boot, and even though it was making the system more complicated
for little gain, the split was being carried forward because it was
easier to do so than to remove it
(http://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge).
''This'' split is much less visible, but it's also making the system
more complicated for no gain, and removing it is the natural
follow-up.

== Feedback ==

== Benefit to Fedora ==
* Packagers don't have to think whether to install programs in
`%_bindir` or `%_sbindir`.
* Users don't have to think whether programs are in `%_bindir` or `%_sbindir`.
* Fedora becomes more compatible with other distributions (for
example, we have `/sbin/ip` while Debian has `/bin/ip`, and we have
`/bin/chmem` and `/bin/isosize`, but Debian has `/sbin/chmem` and
`/sbin/isosize`, and we also have
`/sbin/{addpart,delpart,lnstat,nstat,partx,ping,rdma,resizepart,ss,udevadm,update-alternatives}`,
while Debian has those in under `/bin`, etc.)
* Fedora becomes more compatible with Arch, which did the merge a few years ago.
* `execvp` and related functions iterate over fewer directories. This
probably doesn't matter for speed, but is a nice simplification when
looking at logs or `strace` output.

== Scope ==
* Proposal owners:

** Adjust `%_sbindir` in `/usr/lib/rpm/macros` (part of `rpm`
package). Packages will be updated automatically during the mass
rebuild.
** Add a `%filetrigger` to `filesystem` package to create symlinks to
`../bin/foo` for every `foo` that is

F40 Change Proposal: F40 Change Proposal: Unify /usr/bin and /usr/sbin (System-Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/Unify_bin_and_sbin

== Owner ==
* Name: [[User:zbyszek|Zbigniew Jędrzejewski-Szmek]]
* Email: zbyszek at in.waw.pl

== Feedback ==

== Scope ==
* Proposal owners:

Re: Enabling GOPROXY and GOSUMDB in Fedora

2023-12-20 Thread Maxwell G

On Wed Dec 20, 2023 at 07:57 -0800, Brad Smith wrote:
> The go.env file does not, as far as I can tell, contain the original
> values from upstream. Just the modified values. Unless I modified the
> file and cannot recall doing so! My suggestion was to include the
> original upstream settings as comments.

Ah, now I see what you mean. Yes, we should definitely update those comments.

-- 
Maxwell G (@gotmax23)
Pronouns: He/They
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: F40 Change Proposal: Enable IPv4 Address Conflict Detection (Self-Contained)

2023-12-20 Thread Chris Adams

Once upon a time, Aoife Moloney  said:
> Enable IPv4 Address Conflict Detection by default in NetworkManager.

Huh, I didn't realize NM didn't already do this... ye olde
network-scripts did.

> To the rescue comes [https://www.rfc-editor.org/rfc/rfc5227 RFC 5227]
> (“IPv4 Address Conflict Detection”) which provides a mechanism to
> detect address conflicts. A host implementing Address Conflict
> Detection (from now on “ACD”) sends ARP probes for each IP address it
> wants to use; if another host replies, the address is already in use
> and can’t be configured on the interface.

How does NM handle a duplicate address if there are multiple addresses
configured on the interface?  Does it continue with the non-dupe
addresses or deconfigure the whole interface?

When there are multiple addresses configured, does NM run DAD in series
or parallel?

> This change aims at enabling ACD by default in Fedora 40, by setting
> the default value to 3000ms.

3 seconds seems kind of high (IIRC network-scripts used 1 second).
-- 
Chris Adams 
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Change Firefox Desktop File (System-Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/RenameFirefoxDesktopFile

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Recent Firefox desktop file (firefox.desktop) does not comply with
DBus/Gnome search provider rules thus Firefox can't provide DBus Gnome
search service.

We should change Firefox desktop file from firefox.desktop to
org.mozilla.firefox.desktop.

== Owner ==
* Name: [[User:stransky| Martin Stransky]]
* Email: 


== Detailed Description ==
Firefox needs to provide desktop file in expected format to pair DBus
service and Gnome search service together to make Gnome search service
work.

== Feedback ==

== Benefit to Fedora ==

We'll fix already broken feature.

== Scope ==
* Proposal owners:

Desktop file name is changed in Firefox 121.0.

* Other developers:

Fedora Workstation needs update Firefox desktop name (hardcoded in
gnome-shell) to correctly place Firefox to Gnome taskbar as default
application.

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

No need to coordinate with rel-eng.

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)

* Alignment with Community Initiatives:

== Upgrade/compatibility impact ==

Should not impact.

== How To Test ==

1) Open Firefox
2) Type something to Gnome search
3) It works

Test also KDE/Plasma it doesn't crash
(https://bugzilla.redhat.com/show_bug.cgi?id=2017123)

== User Experience ==

Enabled Gnome shell search provider for Firefox.

== Dependencies ==

None

== Contingency Plan ==

* Revert desktop file name change in Firefox package.
* Blocks release? No


== Documentation ==

== Release Notes ==



-- 
Aoife Moloney

Fedora Operations Architect

Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney
--
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Change Firefox Desktop File (System-Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/RenameFirefoxDesktopFile

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Recent Firefox desktop file (firefox.desktop) does not comply with
DBus/Gnome search provider rules thus Firefox can't provide DBus Gnome
search service.

We should change Firefox desktop file from firefox.desktop to
org.mozilla.firefox.desktop.

== Owner ==
* Name: [[User:stransky| Martin Stransky]]
* Email: 


== Detailed Description ==
Firefox needs to provide desktop file in expected format to pair DBus
service and Gnome search service together to make Gnome search service
work.

== Feedback ==

== Benefit to Fedora ==

We'll fix already broken feature.

== Scope ==
* Proposal owners:

Desktop file name is changed in Firefox 121.0.

* Other developers:

Fedora Workstation needs update Firefox desktop name (hardcoded in
gnome-shell) to correctly place Firefox to Gnome taskbar as default
application.

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

No need to coordinate with rel-eng.

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)

* Alignment with Community Initiatives:

== Upgrade/compatibility impact ==

Should not impact.

== How To Test ==

1) Open Firefox
2) Type something to Gnome search
3) It works

Test also KDE/Plasma it doesn't crash
(https://bugzilla.redhat.com/show_bug.cgi?id=2017123)

== User Experience ==

Enabled Gnome shell search provider for Firefox.

== Dependencies ==

None

== Contingency Plan ==

* Revert desktop file name change in Firefox package.
* Blocks release? No


== Documentation ==

== Release Notes ==



-- 
Aoife Moloney

Fedora Operations Architect

Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney
--
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Haskell GHC 9.6 and Stackage LTS 22 (Self-Contained)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/Haskell_GHC_9.6_and_Stackage_22

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Update the GHC Haskell compiler from major version 9.4 to 9.6 and
Haskell packages from Stackage LTS 21 to LTS 22 versions.

== Owner ==
* Name: [[User:Petersen| Jens Petersen]]

* Email: 


== Detailed Description ==
For Fedora 40, the main [https://www.haskell.org/ghc/ GHC] Haskell
compiler package will be updated from version
[https://www.haskell.org/ghc/download_ghc_9_4_5.html 9.4.5] to the
latest stable [https://www.haskell.org/ghc/download_ghc_9_6_3.html
9.6.3] or newer bugfix release (rebasing the
[https://src.fedoraproject.org/rpms/ghc/ ghc] package with the
[https://src.fedoraproject.org/rpms/ghc9.6/ ghc9.6] package).
Along with this, Haskell packages in [https://www.stackage.org
Stackage] (the stable Haskell source package distribution) will be
updated from the versions in [https://www.stackage.org/lts-21 LTS 21]
to latest [https://www.stackage.org/lts-22 LTS 22] release.
Haskell packages not in Stackage will be updated to the latest
appropriate version in the upstream [https://hackage.haskell.org
Hackage] package repository.

== Feedback ==


== Benefit to Fedora ==
Fedora users will have the latest stable Haskell compiler release,
package tools, and current Haskell packages from latest Stackage LTS.

GHC 9.6.3 is the current stable version of GHC with various
enhancements and fixes (see the release notes linked in the
Documentation section for more details about new features and
improvements in 9.6).

== Scope ==
* Proposal owners:
** update rawhide ghc9.4 is build against itself
** rebase ghc to 9.6.3
** refresh packagings with the latest cabal-rpm release if needed
** update packages to latest [https://www.stackage.org/lts-22 Stackage
LTS 22] versions using cabal-rpm
** build all the packages in a Koji sidetag repo in dependency order
using fbrnch
** push the sidetag through Bodhi to rawhide
** deal with obsoleting ghc9.6 if needed

* Other developers: no actions should be needed

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)

* Alignment with Community Initiatives: N/A


== Upgrade/compatibility impact ==
Any dropped packages will have obsoletes added.
Otherwise there should not be any direct upgrade impact.

Users' Haskell projects will get built with ghc-9.6 when they next
build them and might need some minor code tweaks
(see the release notes linked below).

== How To Test ==
* install ghc and cabal-install
* install pandoc, ShellCheck, ghcid, git-annex, hadolint, stack, xmonad, Agda
* install ghc-*-devel or ghc-*-prof or ghc-*-doc
* cabal-rpm builddep ; cabal install 
* install ghc8.10, ghc9.0, ghc9.2, ghc9.4, or ghc*devel
* test upgrades of F39 Haskell packages to F40

== User Experience ==
Users will have the most recent stable major version of `ghc` and
Haskell libraries and tools available to them.
This makes it easier to build the latest versions of Haskell projects.

In particular `cabal-install` will also be updated from 3.8 to 3.10,
`pandoc` will be updated to 3.1, and `stack` to 2.13.


== Dependencies ==


== Contingency Plan ==
* Contingency mechanism:
** Change owner will drop the new builds and revert dist-git back to
the versions in F39
* Contingency deadline: Beta Freeze



== Documentation ==
* 
https://downloads.haskell.org/~ghc/9.6.3/docs/html/users_guide/9.6.1-notes.html


== Release Notes ==



-- 
Aoife Moloney

Fedora Operations Architect

Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney
--
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Haskell GHC 9.6 and Stackage LTS 22 (Self-Contained)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/Haskell_GHC_9.6_and_Stackage_22

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Update the GHC Haskell compiler from major version 9.4 to 9.6 and
Haskell packages from Stackage LTS 21 to LTS 22 versions.

== Owner ==
* Name: [[User:Petersen| Jens Petersen]]

* Email: 


== Detailed Description ==
For Fedora 40, the main [https://www.haskell.org/ghc/ GHC] Haskell
compiler package will be updated from version
[https://www.haskell.org/ghc/download_ghc_9_4_5.html 9.4.5] to the
latest stable [https://www.haskell.org/ghc/download_ghc_9_6_3.html
9.6.3] or newer bugfix release (rebasing the
[https://src.fedoraproject.org/rpms/ghc/ ghc] package with the
[https://src.fedoraproject.org/rpms/ghc9.6/ ghc9.6] package).
Along with this, Haskell packages in [https://www.stackage.org
Stackage] (the stable Haskell source package distribution) will be
updated from the versions in [https://www.stackage.org/lts-21 LTS 21]
to latest [https://www.stackage.org/lts-22 LTS 22] release.
Haskell packages not in Stackage will be updated to the latest
appropriate version in the upstream [https://hackage.haskell.org
Hackage] package repository.

== Feedback ==


== Benefit to Fedora ==
Fedora users will have the latest stable Haskell compiler release,
package tools, and current Haskell packages from latest Stackage LTS.

GHC 9.6.3 is the current stable version of GHC with various
enhancements and fixes (see the release notes linked in the
Documentation section for more details about new features and
improvements in 9.6).

== Scope ==
* Proposal owners:
** update rawhide ghc9.4 is build against itself
** rebase ghc to 9.6.3
** refresh packagings with the latest cabal-rpm release if needed
** update packages to latest [https://www.stackage.org/lts-22 Stackage
LTS 22] versions using cabal-rpm
** build all the packages in a Koji sidetag repo in dependency order
using fbrnch
** push the sidetag through Bodhi to rawhide
** deal with obsoleting ghc9.6 if needed

* Other developers: no actions should be needed

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)

* Alignment with Community Initiatives: N/A


== Upgrade/compatibility impact ==
Any dropped packages will have obsoletes added.
Otherwise there should not be any direct upgrade impact.

Users' Haskell projects will get built with ghc-9.6 when they next
build them and might need some minor code tweaks
(see the release notes linked below).

== How To Test ==
* install ghc and cabal-install
* install pandoc, ShellCheck, ghcid, git-annex, hadolint, stack, xmonad, Agda
* install ghc-*-devel or ghc-*-prof or ghc-*-doc
* cabal-rpm builddep ; cabal install 
* install ghc8.10, ghc9.0, ghc9.2, ghc9.4, or ghc*devel
* test upgrades of F39 Haskell packages to F40

== User Experience ==
Users will have the most recent stable major version of `ghc` and
Haskell libraries and tools available to them.
This makes it easier to build the latest versions of Haskell projects.

In particular `cabal-install` will also be updated from 3.8 to 3.10,
`pandoc` will be updated to 3.1, and `stack` to 2.13.


== Dependencies ==


== Contingency Plan ==
* Contingency mechanism:
** Change owner will drop the new builds and revert dist-git back to
the versions in F39
* Contingency deadline: Beta Freeze



== Documentation ==
* 
https://downloads.haskell.org/~ghc/9.6.3/docs/html/users_guide/9.6.1-notes.html


== Release Notes ==



-- 
Aoife Moloney

Fedora Operations Architect

Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney
--
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Golang 1.22 (System-Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/golang1.22

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Update of Go (golang package) to the upcoming version 1.22 in Fedora 40.

== Owner ==
* Name: [[User:alexsaezm| Alejandro Sáez Morollón]]
* Email: a...@redhat.com


== Detailed Description ==
Update of Go (golang package) to the upcoming version 1.22 in Fedora
40. Go 1.22 is expected to be released in February 2024. A mass
rebuild of all of the dependent packages is required.

== Feedback ==
No feedback yet.

There is an 
[https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/ZQROWTMARIUS45KIQZIUNAA45K3NWLRW/
ongoing conversation] about removing a patch and revert to the
defaults a couple of variables.

== Benefit to Fedora ==
Up-to-date and latest Go release will be delivered to Fedora users.
Being close to upstream allows us to avoid security issues and provide
more up-to-date features. Therefore Fedora will be providing a
reliable development platform for Go language and projects written in
it.

For a complete list of changes, see upstream change notes at
https://tip.golang.org/doc/go1.22

== Scope ==
* Proposal owners:
Rebase Golang package in Fedora 40, and help resolve possible issues
found during package rebuilds.

* Other developers:
Fix possible issues, with help from Golang maintainers.

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]
Rebuild of dependent packages as part of planned mass-rebuild.

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)

* Alignment with Community Initiatives:
It doesn't align directly with the current objectives but it helps
maintain the quality of the project.


== Upgrade/compatibility impact ==
No upgrade or compatibility impact.


== How To Test ==
1. Install golang 1.22 from rawhide and use it to build your
application(s)/package(s).
2. Scratch build against rawhide.
3. Your application/package built using golang 1.22 should work as expected.

== User Experience ==
Users will have a newer version of Go, with new features described in
the release notes and security fixes

== Dependencies ==

dnf repoquery -q  --releasever=rawhide --disablerepo='*'
--qf='%{name}' --enablerepo=fedora-source --enablerepo=updates-source
--enablerepo=updates-testing-source --archlist=src --whatrequires
'golang'
dnf repoquery -q  --releasever=rawhide --disablerepo='*'
--qf='%{name}' --enablerepo=fedora-source --enablerepo=updates-source
--enablerepo=updates-testing-source --archlist=src --whatrequires
'compiler(go-compiler)'
dnf repoquery -q  --releasever=rawhide --disablerepo='*'
--qf='%{name}' --enablerepo=fedora-source --enablerepo=updates-source
--enablerepo=updates-testing-source --archlist=src --whatrequires
'go-rpm-macros'


Omitted due to the number of packages listed: ~2000.


== Contingency Plan ==
* Contingency mechanism: Revert to Go 1.21.X if significant issues are
discovered  
* Contingency deadline: Beta freeze  
* Blocks release? No 


== Documentation ==
https://tip.golang.org/doc/go1.22


== Release Notes ==



-- 
Aoife Moloney

Fedora Operations Architect

Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney
--
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Golang 1.22 (System-Wide)

2023-12-20 Thread Aoife Moloney

Wiki -> https://fedoraproject.org/wiki/Changes/golang1.22

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==
Update of Go (golang package) to the upcoming version 1.22 in Fedora 40.

== Owner ==
* Name: [[User:alexsaezm| Alejandro Sáez Morollón]]
* Email: a...@redhat.com


== Detailed Description ==
Update of Go (golang package) to the upcoming version 1.22 in Fedora
40. Go 1.22 is expected to be released in February 2024. A mass
rebuild of all of the dependent packages is required.

== Feedback ==
No feedback yet.

There is an 
[https://lists.fedoraproject.org/archives/list/de...@lists.fedoraproject.org/thread/ZQROWTMARIUS45KIQZIUNAA45K3NWLRW/
ongoing conversation] about removing a patch and revert to the
defaults a couple of variables.

== Benefit to Fedora ==
Up-to-date and latest Go release will be delivered to Fedora users.
Being close to upstream allows us to avoid security issues and provide
more up-to-date features. Therefore Fedora will be providing a
reliable development platform for Go language and projects written in
it.

For a complete list of changes, see upstream change notes at
https://tip.golang.org/doc/go1.22

== Scope ==
* Proposal owners:
Rebase Golang package in Fedora 40, and help resolve possible issues
found during package rebuilds.

* Other developers:
Fix possible issues, with help from Golang maintainers.

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]
Rebuild of dependent packages as part of planned mass-rebuild.

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)

* Alignment with Community Initiatives:
It doesn't align directly with the current objectives but it helps
maintain the quality of the project.


== Upgrade/compatibility impact ==
No upgrade or compatibility impact.


== How To Test ==
1. Install golang 1.22 from rawhide and use it to build your
application(s)/package(s).
2. Scratch build against rawhide.
3. Your application/package built using golang 1.22 should work as expected.

== User Experience ==
Users will have a newer version of Go, with new features described in
the release notes and security fixes

== Dependencies ==

dnf repoquery -q  --releasever=rawhide --disablerepo='*'
--qf='%{name}' --enablerepo=fedora-source --enablerepo=updates-source
--enablerepo=updates-testing-source --archlist=src --whatrequires
'golang'
dnf repoquery -q  --releasever=rawhide --disablerepo='*'
--qf='%{name}' --enablerepo=fedora-source --enablerepo=updates-source
--enablerepo=updates-testing-source --archlist=src --whatrequires
'compiler(go-compiler)'
dnf repoquery -q  --releasever=rawhide --disablerepo='*'
--qf='%{name}' --enablerepo=fedora-source --enablerepo=updates-source
--enablerepo=updates-testing-source --archlist=src --whatrequires
'go-rpm-macros'


Omitted due to the number of packages listed: ~2000.


== Contingency Plan ==
* Contingency mechanism: Revert to Go 1.21.X if significant issues are
discovered  
* Contingency deadline: Beta freeze  
* Blocks release? No 


== Documentation ==
https://tip.golang.org/doc/go1.22


== Release Notes ==



-- 
Aoife Moloney

Fedora Operations Architect

Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney
--
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposal: Enable IPv4 Address Conflict Detection (Self-Contained)

2023-12-20 Thread Aoife Moloney

Wiki -> 
https://fedoraproject.org/wiki/Changes/Enable_IPv4_Address_Conflict_Detection

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==

Enable IPv4 Address Conflict Detection by default in NetworkManager.


== Owner ==

* Name: [[User:bengal| Beniamino Galvani]], [[User:ihuguet| Íñigo Huguet ]]

* Email: , 



== Detailed Description ==
A common source of networking issues is the presence of duplicate IPv4
addresses in the same physical network. Such problems are quite
common, and at the same time hard to diagnose for users.

To the rescue comes [https://www.rfc-editor.org/rfc/rfc5227 RFC 5227]
(“IPv4 Address Conflict Detection”) which provides a mechanism to
detect address conflicts. A host implementing Address Conflict
Detection (from now on “ACD”) sends ARP probes for each IP address it
wants to use; if another host replies, the address is already in use
and can’t be configured on the interface.

Note that this mechanism applies to both static and DHCP addresses. It
might seem unnecessary for DHCP, as a well-behaving server should give
out unique leases; however, there could be hosts on the network not
using DHCP. Indeed, [https://www.rfc-editor.org/rfc/rfc2131 RFC 2131]
(Dynamic Host Configuration Protocol) specifies that the client should
probe the newly received address and should send a DHCPDECLINE to the
DHCP server if the address is already in use.

In Fedora 39, ACD is disabled by default; it can be enabled by setting
property “ipv4.dad-timeout” to a positive value in a connection
profile. The property name contains “DAD” which stands for “duplicate
address detection” and is another name of ACD. The property specifies
the maximum timeout in milliseconds used to check for the presence of
duplicate IP addresses on the network. If a duplicate is found, a
warning is logged; in the DHCP case, NetworkManager tries to get a
different lease, while in the static case, the address is just
skipped.

This change aims at enabling ACD by default in Fedora 40, by setting
the default value to 3000ms. Note that this change is only about IPV4;
IPv6 always performs a duplicate check for each address that is
configured, as specified by RFC 4862.


== Benefit to Fedora ==
NetworkManager will not configure IPv4 addresses that are detected as
duplicate. This will save users from having to debug weird
connectivity issues. Instead, NetworkManager will report an error and
will indicate the MAC of the conflicting host.


== Scope ==
* Proposal owners: change the default value, test that no regression
is seen in the upstream test suite.

* Other developers: N/A (not needed for this Change)

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)



== Upgrade/compatibility impact ==
The change in default behavior will affect all users that install or
upgrade to the new Fedora release.


== How To Test ==
To test the effect of the change on F39, add the following
configuration snippet to file
`/etc/NetworkManager/conf.d/20-ipv4-dad.conf` and then restart the
NetworkManager service:

 [connection-dad-default]
 ipv4.dad-timeout=3000

To trigger a conflict, configure the local machine with a static
address that is already in use by another host.  When bringing up the
connection, it will fail and report an address conflict.


== User Experience ==
Enabling ACD will cause an additional delay when bringing up
interfaces, because NetworkManager needs first to probe the address.
The delay is between 1.5 and 3 seconds, because RFC 5227 requires that
the probe interval is randomized. The delay will affect both static
and DHCP connections.

In case users want to avoid this delay, ACD can be disabled for the
specific connection profile by setting property `ipv4.dad-timeout=0`,
or globally by adding the following configuration snippet to
`/etc/NetworkManager/conf.d/20-ipv4-dad.conf`:

 [connection-dad-default]
 ipv4.dad-timeout=0

Apart from this small delay, the big advantage of this change is that
users will be able to discover the potential conflict immediately. If
the address is static, the activation will fail and report an error.
For DHCP, NetworkManager will send a DHCPDECLINE message to the server
and it will try to get a different lease. In all cases, the
conflicting address will be skipped and the network will not be
brought in an inconsistent state.


== Dependencies ==
N/A


== Contingency Plan ==
* Contingency mechanism: Revert the change, try again the next Fedora release.
* Contingency deadline: Beta freeze
* Blocks release? No


== Documentation ==
The “nm-settings” man page will indicate the new default value. No
other documentation changes are required.


== Release Notes

F40 Change Proposal: Enable IPv4 Address Conflict Detection (Self-Contained)

2023-12-20 Thread Aoife Moloney

Wiki -> 
https://fedoraproject.org/wiki/Changes/Enable_IPv4_Address_Conflict_Detection

This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.

== Summary ==

Enable IPv4 Address Conflict Detection by default in NetworkManager.


== Owner ==

* Name: [[User:bengal| Beniamino Galvani]], [[User:ihuguet| Íñigo Huguet ]]

* Email: , 



== Detailed Description ==
A common source of networking issues is the presence of duplicate IPv4
addresses in the same physical network. Such problems are quite
common, and at the same time hard to diagnose for users.

To the rescue comes [https://www.rfc-editor.org/rfc/rfc5227 RFC 5227]
(“IPv4 Address Conflict Detection”) which provides a mechanism to
detect address conflicts. A host implementing Address Conflict
Detection (from now on “ACD”) sends ARP probes for each IP address it
wants to use; if another host replies, the address is already in use
and can’t be configured on the interface.

Note that this mechanism applies to both static and DHCP addresses. It
might seem unnecessary for DHCP, as a well-behaving server should give
out unique leases; however, there could be hosts on the network not
using DHCP. Indeed, [https://www.rfc-editor.org/rfc/rfc2131 RFC 2131]
(Dynamic Host Configuration Protocol) specifies that the client should
probe the newly received address and should send a DHCPDECLINE to the
DHCP server if the address is already in use.

In Fedora 39, ACD is disabled by default; it can be enabled by setting
property “ipv4.dad-timeout” to a positive value in a connection
profile. The property name contains “DAD” which stands for “duplicate
address detection” and is another name of ACD. The property specifies
the maximum timeout in milliseconds used to check for the presence of
duplicate IP addresses on the network. If a duplicate is found, a
warning is logged; in the DHCP case, NetworkManager tries to get a
different lease, while in the static case, the address is just
skipped.

This change aims at enabling ACD by default in Fedora 40, by setting
the default value to 3000ms. Note that this change is only about IPV4;
IPv6 always performs a duplicate check for each address that is
configured, as specified by RFC 4862.


== Benefit to Fedora ==
NetworkManager will not configure IPv4 addresses that are detected as
duplicate. This will save users from having to debug weird
connectivity issues. Instead, NetworkManager will report an error and
will indicate the MAC of the conflicting host.


== Scope ==
* Proposal owners: change the default value, test that no regression
is seen in the upstream test suite.

* Other developers: N/A (not needed for this Change)

* Release engineering: [https://pagure.io/releng/issues #Releng issue number]

* Policies and guidelines: N/A (not needed for this Change)

* Trademark approval: N/A (not needed for this Change)



== Upgrade/compatibility impact ==
The change in default behavior will affect all users that install or
upgrade to the new Fedora release.


== How To Test ==
To test the effect of the change on F39, add the following
configuration snippet to file
`/etc/NetworkManager/conf.d/20-ipv4-dad.conf` and then restart the
NetworkManager service:

 [connection-dad-default]
 ipv4.dad-timeout=3000

To trigger a conflict, configure the local machine with a static
address that is already in use by another host.  When bringing up the
connection, it will fail and report an address conflict.


== User Experience ==
Enabling ACD will cause an additional delay when bringing up
interfaces, because NetworkManager needs first to probe the address.
The delay is between 1.5 and 3 seconds, because RFC 5227 requires that
the probe interval is randomized. The delay will affect both static
and DHCP connections.

In case users want to avoid this delay, ACD can be disabled for the
specific connection profile by setting property `ipv4.dad-timeout=0`,
or globally by adding the following configuration snippet to
`/etc/NetworkManager/conf.d/20-ipv4-dad.conf`:

 [connection-dad-default]
 ipv4.dad-timeout=0

Apart from this small delay, the big advantage of this change is that
users will be able to discover the potential conflict immediately. If
the address is static, the activation will fail and report an error.
For DHCP, NetworkManager will send a DHCPDECLINE message to the server
and it will try to get a different lease. In all cases, the
conflicting address will be skipped and the network will not be
brought in an inconsistent state.


== Dependencies ==
N/A


== Contingency Plan ==
* Contingency mechanism: Revert the change, try again the next Fedora release.
* Contingency deadline: Beta freeze
* Blocks release? No


== Documentation ==
The “nm-settings” man page will indicate the new default value. No
other documentation changes are required.


== Release Notes

Re: how to package dconf configuration for different language environments

2023-12-20 Thread Michael Catanzaro

On Wed, Dec 20 2023 at 04:33:22 PM +01:00:00, Vojtěch Polášek
wrote:

Is it possible to somehow insert a different string in the dconf file
depending on locale of the environment where the package is installed?

So first of all, dconf overrides are for system administrators, not
distro packagers. I would generally suggest dropping that and use a
gsettings override instead [1]. dconf is a gsettings backend. It's not
the only one. E.g. if ocrdesktop gets packaged as a flatpak, it will
use keyfiles for settings instead of dconf, and will never see your
dconf override.

OK, with that general advice out of the way, I'm not sure whether you
can set a locale-specific value via a gsettings override. Probably not,
so that is actually probably not what you want this time. In this case,
I would just patch the gsettings schema. For example, see [2]. This
allows translators to provide a good default value for the setting.
It's a lot easier if you do this upstream so that upstream translators
handle the translations for you.

[1]
https://src.fedoraproject.org/rpms/gnome-settings-daemon/c/440fa05202b0365e07b2cb3e3e693263888ca530?branch=f37
[2]
https://gitlab.gnome.org/GNOME/epiphany/-/blob/598cf2618e23dc1b7dab46d3e01dafa9bc35baf8/data/org.gnome.epiphany.gschema.xml#L36

--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue

Re: F40 Change Proposals Requiring Infra Changes - Deadline Today

2023-12-20 Thread Leslie Satenstein via devel

Sometimes it is overly burdensome to want to submit a suggestion. I have run 
the Rawhide Fedora 40 beta of Dec 19, 2023 and would like to propose an 
additional radio button for anaconda installer.
There are currently three options, of which the third is not yet available. I 
would like to present a 4th option
(o)  Replace/Upgrade an existing Fedora Installation.
With this additional option, I would be able, with one workspace.iso do an 
installation, or upgrade an existing Fedora xx to the current Fedora xx+1.
The benefits. Well, as I see it, in one place, the ability to do an 
installation or a system upgrade. 
Implementing this (o) allows me to never have to redo an installation using the 
"Everything.iso".


Leslie SatensteinMontreal, Quebec
By the way, with the Holidays and New Years around the corner, may I wish all 
the lovers of Fedora and participants to this forum, a happy and safe holiday.  
If you are driving, take extra care as road conditions are "dangerously 
slippery in places".  
 

On Wednesday, December 20, 2023 at 09:50:10 a.m. EST, Aoife Moloney 
 wrote:  
 
 Hi all,
Today is the final day to submit Change Proposals that require infrastructure 
changes for Fedora Linux 40. Changes do not have to be accepted by this 
deadline, but they must be submitted.

Thanks,Aoife

-- 
 
 Aoife Moloney 
 
Fedora Operations Architect
 
Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney



 --
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue
  --
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Enabling GOPROXY and GOSUMDB in Fedora

2023-12-20 Thread Brad Smith

Greetings -

On Wed, Dec 20, 2023 at 7:35 AM Maxwell G  wrote:
>

> Can someone clarify what they mean by this? The patch itself [1] makes
> it pretty clear what the original values are.

When I look at /usr/lib/golang/go.env I see:

[bgsmith@pico newversionprep (main *%)]$ more /usr/lib/golang/go.env
# This file contains the initial defaults for go command configuration.
# Values set by 'go env -w' and written to the user's go/env file
override these.
# The environment overrides everything else.

# Use the Go module mirror and checksum database by default.
# See https://proxy.golang.org for details.
GOPROXY=proxy.golang.org,direct
GOSUMDB=sum.golang.org

# Automatically download newer toolchains as directed by go.mod files.
# See https://go.dev/doc/toolchain for details.
GOTOOLCHAIN=auto
--

The go.env file does not, as far as I can tell, contain the original
values from upstream. Just the modified values. Unless I modified the
file and cannot recall doing so! My suggestion was to include the
original upstream settings as comments.

>  improving the user-facing documentation about why we do this and how to
> restore the original behavior. The Fedora Developer Portal (which really
> needs to be promoted more; it's a great resource!) documents [2] that we
> change GOPROXY and GOTOOLCHAIN, but it doesn't mention GOSUMDB, and it's
> lacking clear instructions about how to change the values back to
> defaults.

The updates to this developer portal page with gosumdb were made last
month but there has been a delay in publishing to production. Should
show up any day.

best regards
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Enabling GOPROXY and GOSUMDB in Fedora

2023-12-20 Thread Maxwell G

On Wed Dec 20, 2023 at 12:14 +0100, Ondrej Pohorelsky wrote:
> On Tue, Dec 19, 2023 at 11:11 PM Neal Gompa  wrote:
>
> > On Tue, Dec 19, 2023 at 4:14 PM Brad Smith 
> > wrote:
> > >
> > > At a minimum, I recommend that the patch include the original values
> > > for GOPROXY, GOSUMDB, and GOTOOLCHAIN as comments. This makes it
> > > easier to change back to default values. At the moment, one has to
> > > visit the relevant web pages.
> > >
> > > I lean towards providing upstream defaults in this case with updated
> > > content on the developer portal (and elsewhere?) with information on
> > > why changing these values would be useful. I agree that the comments
> > > in the thread are persuasive (for me).
> > >
> >
> > I agree with this. I'd rather keep the patch than revert to upstream
> > defaults.

> If you decide to keep the envars as they are now, I would also agree with
> having the original values commented.

Can someone clarify what they mean by this? The patch itself [1] makes
it pretty clear what the original values are. I think the main thing is
improving the user-facing documentation about why we do this and how to
restore the original behavior. The Fedora Developer Portal (which really
needs to be promoted more; it's a great resource!) documents [2] that we
change GOPROXY and GOTOOLCHAIN, but it doesn't mention GOSUMDB, and it's
lacking clear instructions about how to change the values back to
defaults.

[1]: 
https://src.fedoraproject.org/rpms/golang/blob/rawhide/f/0001-Modify-go.env.patch
[2]: 
https://developer.fedoraproject.org/tech/languages/go/go-installation.html#fedora-specific-notes

-- 
Maxwell G (@gotmax23)
Pronouns: He/They
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

how to package dconf configuration for different language environments

2023-12-20 Thread Vojtěch Polášek


Hello,

I am trying to package a dconf configuration which adds a keyboard 
shortcut to Mate environment.


I am creating two language mutations of a Fedora remix where this 
package should be present.


Currently, I have it in English. The spec file (probably very crude, 
sorry) is here: 
https://github.com/vojtapolasek/vojtux/blob/master/rpm/ocrdesktop/ocrdesktop.spec


Is it possible to somehow insert a different string in the dconf file 
depending on locale of the environment where the package is installed?


Or do I have to create separate packages for this case?

Thank you,

Vojta


--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F40 Change Proposals Requiring Infra Changes - Deadline Today

2023-12-20 Thread Aoife Moloney

Hi all,

Today is the final day to submit Change Proposals

that require *infrastructure changes* for Fedora Linux 40. Changes do not
have to be accepted by this deadline, but they must be submitted.


Thanks,
Aoife

-- 

Aoife Moloney

Fedora Operations Architect

Fedora Project

Matrix: @amoloney:fedora.im

IRC: amoloney
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Fedora rawhide compose report: 20231220.n.0 changes

2023-12-20 Thread Fedora Rawhide Report

OLD: Fedora-Rawhide-20231219.n.0
NEW: Fedora-Rawhide-20231220.n.0

= SUMMARY =
Added images:1
Dropped images:  0
Added packages:  5
Dropped packages:1
Upgraded packages:   126
Downgraded packages: 0

Size of added packages:  5.89 MiB
Size of dropped packages:588.89 KiB
Size of upgraded packages:   17.16 GiB
Size of downgraded packages: 0 B

Size change of upgraded packages:   26.39 MiB
Size change of downgraded packages: 0 B

= ADDED IMAGES =
Image: Cloud_Base tar-gz x86_64
Path: 
Cloud/x86_64/images/Fedora-Cloud-Base-GCP-Rawhide-20231220.n.0.x86_64.tar.gz

= DROPPED IMAGES =

= ADDED PACKAGES =
Package: croaring-2.1.0-1.fc40
Summary: Roaring bitmaps in C (and C++), with SIMD (AVX2, AVX-512 and NEON) 
optimizations
RPMs:croaring croaring-devel
Size:964.67 KiB

Package: kf5-libkgapi-23.08.4-2.fc40
Summary: Library to access to Google services
RPMs:kf5-libkgapi kf5-libkgapi-devel
Size:3.90 MiB

Package: rust-hickory-client-0.24.0-1.fc40
Summary: Hickory DNS is a safe and secure DNS library
RPMs:rust-hickory-client+backtrace-devel rust-hickory-client+default-devel 
rust-hickory-client+dns-over-https-devel 
rust-hickory-client+dns-over-https-openssl-devel 
rust-hickory-client+dns-over-https-rustls-devel 
rust-hickory-client+dns-over-native-tls-devel 
rust-hickory-client+dns-over-openssl-devel 
rust-hickory-client+dns-over-quic-devel 
rust-hickory-client+dns-over-rustls-devel 
rust-hickory-client+dns-over-tls-devel rust-hickory-client+dnssec-devel 
rust-hickory-client+dnssec-openssl-devel rust-hickory-client+dnssec-ring-devel 
rust-hickory-client+mdns-devel rust-hickory-client+native-certs-devel 
rust-hickory-client+rustls-devel rust-hickory-client+serde-config-devel 
rust-hickory-client+serde-devel rust-hickory-client+webpki-roots-devel 
rust-hickory-client-devel
Size:198.40 KiB

Package: rust-hickory-proto-0.24.0-1.fc40
Summary: Hickory DNS is a safe and secure DNS library
RPMs:rust-hickory-proto+backtrace-devel rust-hickory-proto+bytes-devel 
rust-hickory-proto+default-devel rust-hickory-proto+dns-over-h3-devel 
rust-hickory-proto+dns-over-https-devel 
rust-hickory-proto+dns-over-https-rustls-devel 
rust-hickory-proto+dns-over-native-tls-devel 
rust-hickory-proto+dns-over-openssl-devel 
rust-hickory-proto+dns-over-quic-devel rust-hickory-proto+dns-over-rustls-devel 
rust-hickory-proto+dns-over-tls-devel rust-hickory-proto+dnssec-devel 
rust-hickory-proto+dnssec-openssl-devel rust-hickory-proto+dnssec-ring-devel 
rust-hickory-proto+h2-devel rust-hickory-proto+h3-devel 
rust-hickory-proto+h3-quinn-devel rust-hickory-proto+http-devel 
rust-hickory-proto+mdns-devel rust-hickory-proto+native-certs-devel 
rust-hickory-proto+native-tls-devel rust-hickory-proto+openssl-devel 
rust-hickory-proto+quinn-devel rust-hickory-proto+ring-devel 
rust-hickory-proto+rustls-devel rust-hickory-proto+rustls-pemfile-devel 
rust-hickory-proto+serde-config-devel rust-hickory-proto+serde-devel 
rust-hickory-proto+socket2-devel rust-hickory-proto+testing-devel 
rust-hickory-proto+text-parsing-devel rust-hickory-proto+tokio-devel 
rust-hickory-proto+tokio-native-tls-devel 
rust-hickory-proto+tokio-openssl-devel rust-hickory-proto+tokio-runtime-devel 
rust-hickory-proto+tokio-rustls-devel rust-hickory-proto+webpki-roots-devel 
rust-hickory-proto-devel
Size:597.59 KiB

Package: rust-hickory-resolver-0.24.0-1.fc40
Summary: Hickory DNS is a safe and secure DNS library
RPMs:rust-hickory-resolver+default-devel 
rust-hickory-resolver+dns-over-h3-devel 
rust-hickory-resolver+dns-over-https-devel 
rust-hickory-resolver+dns-over-https-rustls-devel 
rust-hickory-resolver+dns-over-native-tls-devel 
rust-hickory-resolver+dns-over-openssl-devel 
rust-hickory-resolver+dns-over-quic-devel 
rust-hickory-resolver+dns-over-rustls-devel 
rust-hickory-resolver+dns-over-tls-devel rust-hickory-resolver+dnssec-devel 
rust-hickory-resolver+dnssec-openssl-devel 
rust-hickory-resolver+dnssec-ring-devel 
rust-hickory-resolver+native-certs-devel 
rust-hickory-resolver+resolv-conf-devel rust-hickory-resolver+rustls-devel 
rust-hickory-resolver+serde-config-devel rust-hickory-resolver+serde-devel 
rust-hickory-resolver+system-config-devel rust-hickory-resolver+testing-devel 
rust-hickory-resolver+tokio-devel rust-hickory-resolver+tokio-native-tls-devel 
rust-hickory-resolver+tokio-openssl-devel 
rust-hickory-resolver+tokio-runtime-devel 
rust-hickory-resolver+tokio-rustls-devel 
rust-hickory-resolver+webpki-roots-devel rust-hickory-resolver-devel
Size:279.30 KiB


= DROPPED PACKAGES =
Package: python-mysql-1.4.6-14.fc39
Summary: An interface to MySQL
RPMs:python3-mysql python3-mysql-debug
Size:588.89 KiB


= UPGRADED PACKAGES =
Package:  akonadi-notes-24.01.80-3.fc40
Old package:  akonadi-notes-24.01.80-2.fc40
Summary:  The Akonadi Notes Library
RPMs: akonadi-notes akonadi-notes-devel
Size: 413.75 KiB
Size change:  690

Re: Enabling GOPROXY and GOSUMDB in Fedora

2023-12-20 Thread Ondrej Pohorelsky

I would personally go with the 2 and get closer to the upstream. I agree
with the npm analogy that was made in the conversation.
Furthermore, I don't think that most users, working on Go projects on
Fedora, would even know that we provide different Go envars
to the upstream ones. IMO, they would change them to upstream values for
the benefit of cloning speed, if they knew about them.

Solution 3 and 4 are far too complex for the given value they provide.

If you decide to keep the envars as they are now, I would also agree with
having the original values commented.



On Tue, Dec 19, 2023 at 11:11 PM Neal Gompa  wrote:

> On Tue, Dec 19, 2023 at 4:14 PM Brad Smith 
> wrote:
> >
> > At a minimum, I recommend that the patch include the original values
> > for GOPROXY, GOSUMDB, and GOTOOLCHAIN as comments. This makes it
> > easier to change back to default values. At the moment, one has to
> > visit the relevant web pages.
> >
> > I lean towards providing upstream defaults in this case with updated
> > content on the developer portal (and elsewhere?) with information on
> > why changing these values would be useful. I agree that the comments
> > in the thread are persuasive (for me).
> >
>
> I agree with this. I'd rather keep the patch than revert to upstream
> defaults.
>
>
>
> --
> 真実はいつも一つ！/ Always, there's only one truth!
> --
> ___
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> Do not reply to spam, report it:
> https://pagure.io/fedora-infrastructure/new_issue
>


-- 

Ondřej Pohořelský

Software Engineer

Red Hat 

opoho...@redhat.com

--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: F40 Change Proposal: Unified Kernel Support Phase Two (System-Wide)

2023-12-20 Thread Vitaly Kuznetsov

Gerd Hoffmann  writes:

...

>> I'm talking about removing shim from the boot flow.
>
> That is not a goal of this change proposal, and it's not up for debate
> for phase #2.  Maybe an option in a later phase, once we have a signed
> systemd-boot (see below).

Also, we have one more Fedora-specific problem: we can't create a new SB
cert for signing UKIs so we're currently using the same cert as the
traditional kernel. This works if you enroll the cert in DB but then
these kernels are indistinguishable if you only look at PCR7, this
complicates creating PCR policies a lot. The problem why we can't have a
new SB certificate is not technical but organizational: currently,
private parts of the certs are on physical cards which a few people have
an issuing a new one is a real pain. Rumor has it this is going to
change and I'd really like to have it included in 'phase #3'.

In phase #2, we can probably add an option to 'uki-direct' to add UKIs
without shim to Boot, this certainly won't be the default and will
require Fedora cert to be enrolled into DB/MOK but for specific
use-cases (e.g. AWS with provisioned varstore) this can be used.

-- 
Vitaly
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 1011333] PerlIO::via leaks a foreign memory

2023-12-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1011333

AdamRiland  changed:

   What|Removed |Added

 CC||therobo...@gmail.com



--- Comment #23 from AdamRiland  ---
I think the easiest thing to get this fixed is reporting the issue directly to
the gnome translation team:

https://firstrankdirectory.com/


I had a better look and it looks like this phrase is directly in the
gnome-keyring and is obviously too long from the English original:

#: daemon/ssh-agent/gkd-ssh-agent-interaction.c:101
msgid "Enter password to unlock the private key"
msgstr "Geben Sie das Passwort zum Entsperren des privaten Schlüssels ein"

https://guestsarticles.com/

This should be all the needed information you or somebody from translation team
needs to get it fixed. I am not very good in German language so I do not even
attempt to suggest improved phrase.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1011333

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla=report-spam_desc=Report%20of%20Bug%201011333%23c23
--
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Test-Announce] Fedora 40 Rawhide 20231220.n.0 nightly compose nominated for testing

2023-12-20 Thread rawhide

Announcing the creation of a new nightly release validation test event
for Fedora 40 Rawhide 20231220.n.0. Please help run some tests for this
nightly compose if you have time. For more information on nightly
release validation testing, see:
https://fedoraproject.org/wiki/QA:Release_validation_test_plan

Notable package version changes:
anaconda - 20231216.n.0: anaconda-40.13-1.fc40.src, 20231220.n.0: 
anaconda-40.15-1.fc40.src

Test coverage information for the current release can be seen at:
https://openqa.fedoraproject.org/testcase_stats/40

You can see all results, find testing instructions and image download
locations, and enter results on the Summary page:

https://fedoraproject.org/wiki/Test_Results:Fedora_40_Rawhide_20231220.n.0_Summary

The individual test result pages are:

https://fedoraproject.org/wiki/Test_Results:Fedora_40_Rawhide_20231220.n.0_Installation
https://fedoraproject.org/wiki/Test_Results:Fedora_40_Rawhide_20231220.n.0_Base
https://fedoraproject.org/wiki/Test_Results:Fedora_40_Rawhide_20231220.n.0_Server
https://fedoraproject.org/wiki/Test_Results:Fedora_40_Rawhide_20231220.n.0_Cloud
https://fedoraproject.org/wiki/Test_Results:Fedora_40_Rawhide_20231220.n.0_Desktop
https://fedoraproject.org/wiki/Test_Results:Fedora_40_Rawhide_20231220.n.0_Security_Lab

Thank you for testing!
-- 
Mail generated by relvalconsumer: https://pagure.io/fedora-qa/relvalconsumer
--
___
test-announce mailing list -- test-annou...@lists.fedoraproject.org
To unsubscribe send an email to test-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/test-annou...@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

37 matches

Mail list logo