sign.
If someone know how to do it, please let me know.
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo Linux Developer
need to see maintainer-wanted stuff..
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo Linux Developer
]: http://www.gentoo.org/doc/en/handbook/#doc_chap2
[4]: http://www.gentoo.org/doc/en/handbook/handbook-
mips.xml?style=printablefull=1
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo Linux Developer
://www.gentoo.org/proj/en/base/index.xml#doc_chap4
I don't see project page for: m68k, sh, s390
20:41 ago expn m68k
20:41 willikins m68k = vapier,
20:41 ago expn sh
20:42 willikins sh = vapier,matsuu,armin76,ago,
20:42 ago expn s390
20:42 willikins s390 = vapier,armin76,ago,
--
Agostino Sarubbo / ago
=CONFIRMEDbug_status=IN_PROGRESSv1=ia64%40gentoo.orgproduct=Gentoo%20Linuxlist_id=1560892
I don't see big queue for those arches.
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo Linux Developer
On Sunday 17 February 2013 13:14:28 Alec Warner wrote:
It is not
clear to me why you would email the -dev list about these arches,
vapier is pretty responsive over email and irc.
I don't guess is a good idea have a private conversation and then drop an
arch...
--
Agostino Sarubbo / ago
Hello,
during an irc debate, me and other people just noticed that the default
profile could use more flags to enhance the security.
An hint is here:
https://wiki.ubuntu.com/ToolChain/CompilerFlags
Please argue about what we _don't_ use.
Note: please CC me in your response.
--
Agostino
documentation would suffice.
Do you intend to discuss that flag or more generally any security flag?
I just want to point out the thread because other people will have something
to say about.
--
Agostino Sarubbo
Gentoo Linux Developer
any security flag?
both, let's talk the toolchain guys about.
--
Agostino Sarubbo
Gentoo Linux Developer
Hello,
the council has decided[1] to drop m68k, sh, s390 to unstable. If someone has
something to say about, this is the last opportunity or in few days I will
start to mark them as ~arch.
[1]: https://www.gentoo.org/proj/en/council/meeting-logs/20130917-summary.txt
--
Agostino Sarubbo
for the commits, so I really don't understand
what you mean.
--
Agostino Sarubbo
Gentoo Linux Developer
qlist -e $@ | xargs scanelf -L -n -q -F '%n #F' | tr , ' ' | xargs qfile -Cv
| sort -u | awk '{print $1}' | uniq
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally
in arches like sparc/ia64 where only people like armin76
works =)
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally signed message part.
:
fno-strict-overflow -fPIE
with gcc-hardenednopie you have:
fno-strict-overflow -fstack-protector-all
with gcc-hardenednopiessp you have:
-fno-strict-overflow
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description
On Tuesday 10 April 2012 15:35:39 Mike Frysinger wrote:
there's one known bug (with a patch posted), so if you guys have anything
that'd block glibc-2.14 for stable, nows' the time to file the bugs (and
mark it a blocker of 370409).
-mike
I'd say to proceed directly in 393477
--
Agostino
.
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally signed message part.
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally signed message part.
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally signed message part.
On Friday 11 May 2012 17:56:27 Samuli Suominen wrote:
I'm planning on shipping these in ~arch. Give it a try and report in
case of problems.
Thanks,
Samuli
Will be done for amd64 in the next days ;)
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
usage inside Qt
x11-libs/qt-script:jit - Enables JIT for Javascript usage inside Qt
x11-libs/qt-webkit:jit - Enable JavaScriptCore just-in-time compiler for
faster JavaScript execution
-Alexandre.
+1
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
think that it
would be reasonable to have it enabled by default. Objections?
I'm using usersync since a long time, how about add it too?
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally
repoman commit -p -m foo
In this manner we will save a lot of time for us.
Thanks in advance.
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally signed message part.
On Monday 11 June 2012 15:42:25 Agostino Sarubbo wrote:
In this manner we will save a lot of time for us.
Thanks in advance.
s/we/you
Anyway, from irc, seems is not very 'clear' what I meant.
I suggested to run repoman to see if are required more packages instead of
what you think
will not commit anything. You can see only what happens if you go ahead
without -p.
Anyway, the idea is: check the other(s) ~arch depend(s) before file stable
request in any method that you prefer.
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
:)
maybe https://bugs.gentoo.org/show_bug.cgi?id=174380 ?
--
Agostino Sarubboago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally signed message part.
think about?
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description: This is a digitally signed message part.
On Tuesday 17 July 2012 13:19:25 Eray Aslan wrote:
I'd like to commit the following news item on 2012-07-21. Any comments?
Imho, no need a news for it.
emerge -DuN world;revdep-rebuild;dispatch-conf is what you normally do.
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo/AMD64 Arch Security
from the tracker[1], but this is for
packages/ebuild. Should this bug block that tracker or it is invalid?
[1]: https://bugs.gentoo.org/show_bug.cgi?id=cc-directly
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
GPG: 0x7CD2DC5D
signature.asc
Description
On Friday 16 December 2011 11:42:15 justin wrote:
Hi,
I really like that you open all those bugs. But it makes no sense to add
arches after a time out.
Personally, I agree with have more stable packages in tree, but I just point
out one thing. If me, or another arch tester find ebuild
On Friday 16 December 2011 06:10:13 Anthony G. Basile wrote:
Does your script do any checking on the quality of the ebuild, eg that
it respects C/LDFLAGS. If so, that's useful and would help package
maintainers to better prepare their ebuilds for stabilization.
Unfortunately no.
For LDFLAGS
This is a delicate point.
If you look at the policy, it says to test few rdeps.
The arch tester is in charge to test the packages on his architecture. These
type of failures are _not_ architecture dependant.
So, instead of have 10 ATs that are testing the same rdeps, seems logic that
the
Hello,
I'd like to enable by default format-security at least in the
dev profiles.
Thought?
References:
https://bugs.gentoo.org/show_bug.cgi?id=259417
https://fedoraproject.org/wiki/Format-Security-FAQ
--
Agostino Sarubbo
Gentoo Linux Developer
-Werror instead of only -
Wformat.
--
Agostino Sarubbo
Gentoo Linux Developer
This is fine for me too.
--
Agostino Sarubbo
Gentoo Linux Developer
Looks like everyone is file stable requests with own
rules or better to say is without common rules.
I'd like to document a sort of best-practice(s) on
our wiki.
Who want to partecipate?
--
Agostino Sarubbo
Gentoo Linux Developer
in the config ?
I'm asking just for have an up-to-date documentation, and maybe add all the
notes there.
Thanks.
[1]: https://wiki.gentoo.org/wiki/Gentoo_git_workflow
--
Agostino Sarubbo
Gentoo Linux Developer
.
--
Agostino Sarubbo
Gentoo Linux Developer
://archives.gentoo.org/gentoo-dev/message/5d96b51ced1d1ed126951f117c828482
--
Agostino Sarubbo
Gentoo Linux Developer
We are working to provide some tools for the
stabilization process.
Unfortunately, there isn't atm something able to
manage the requests with the ALLARCHES keyword,
So, *everyone* with the commit access can keyword for
all after a stabilization/keyword happened at least for
one arch.
Hello All,
this message is an update of:
https://archives.gentoo.org/gentoo-dev/message/4b2ef0e9aa7588224b8ae799c5fe31fa
What is changed in the meantime:
1) All operations on the bugzilla, about the sanity-check and so on are done
with the account stable-...@gentoo.org
So, if you want to
tending this message as a sort of announcement to invite everyone
to port their stable requests. I guess there isn't much to discuss here. If
you don't like some of the changes that have been done, please open a specific
thread about.
Thanks.
--
Agostino Sarubbo
Gentoo Linux Developer
3) Make a more visible list( like a list here in term of
visibility:https://qa-reports.gentoo.org/output/gentoo-ci/output.html) of the
arches-dependent bugs so that everyone can contribute to maintain alive the
exotic arches.
If is not our interest to maintain those alive, just ignore my proposal.
--
Agostino Sarubbo
Gentoo Linux Developer
sparc and ia64 to ~arch, go ahead, I have no
objections.
I will take a break also from amd64 and x86...let's see how things will
change.
--
Agostino Sarubbo
Gentoo Linux Developer
number of the stable packages on those arches
3) Make a more visible list (like this list in term of
visibility:https://qa-reports.gentoo.org/output/gentoo-ci/output.html) of the
arches-dependent bugs so that everyone can contribute to maintain alive the
exotic arches.
--
Agostino Sarubbo
Gentoo
-db/pgadmin3
I guess there is a typo in the subject.
--
Agostino Sarubbo
Gentoo Linux Developer
On giovedì 6 giugno 2019 08:25:54 CEST Luca Barbato wrote:
> Anybody has hardware to test it?
I can do it on timberdoodle.
Agostino
# Agostino Sarubbo (2019-10-18)
# Superseded by app-admin/checksec
# Removal in 30 days.
app-admin/hardening-check
Hello all,
If you work on the stabilization workflow you may have noticed that:
- There are people that rant if you don't run src_test against their packages;
- There are people that rant if you open a test failure bug against their
packages and you block the stabilization.
So, unless there
https://bugs.gentoo.org/show_bug.cgi?id=722456
What is your opinion?
--
Agostino
On domenica 28 giugno 2020 14:18:23 CEST Michael Orlitzky wrote:
> To avoid these issues, I suggest creating a list of "Gentoo environment
> variables" in the devmanual with descriptions of how they should be used
> and pointers to the references (for why we chose that meaning). That way
> a user
On martedì 29 dicembre 2020 13:03:07 CET Michał Górny wrote:
> @ago, could you make sure that the tinderbox tells people to read up
> on the tracker?
I added the note.
However the first thing I would to do in reports like this is at least click
on the tracker bug.
--
Agostino
Hello,
as requested by mgorny, the tinderbox is doing a round with dev-lang/python-
exec[-native-symlinks].
Please expect related bugs.
The tracker is at: https://bugs.gentoo.org/762406
--
Agostino
Hello,
it happens frequently that CI discovers failure(s) in non-maintainer commits.
The most striking examples are maintainer-needed, proxy-maint and general pull
request where who made the change has no visibility on the new bug.
Do you think that is a good idea to CC everyone involved in
Hello,
I noticed that people uses "repoman commit -b" and bugs remain opened.
In case of test failures, CI does not run tests if there are already opened
bugs about that so it is unable to catch if your commit really fixed the
issue.
Thank you
On lunedì 9 novembre 2020 13:13:19 CET Marek Szuba wrote:
> I think this might be the case of a "silent majority, vocal minority"
> scenario. For the record: I for one have found your tinderbox bugs very
> useful, not in the least because you test unusual configurations my own
> build testing does
On sabato 7 novembre 2020 07:15:31 CET Robin H. Johnson wrote:
> Can you please tell us what you need to let others contribute to
> improving the quality of the reports from your CI system?
Hello Robin,
I don't understand why in general people focus on what is missing into a
simple script that
IN REPLY to Aaron Bauman that didn't keep me CC'ed as requested:
>Is this coming from the same individual who would complain when security
>bugs were not filled out properly in the summary? So, take a dose of
>your own medicine here. People prefer usable reports that allow them to
>solve
On venerdì 6 novembre 2020 08:21:39 CET Agostino Sarubbo wrote:
> Hello all,
>
> 6 months have been passed after the CI system started to file bug reports.
> ~ 4700 bugs have been submitted
>
> We _know_ that atm is not possible to set a specific summary, instead a
> ge
Hello Thomas,
On sabato 7 novembre 2020 17:06:56 CET Thomas Deutschmann wrote:
> I have to second what other already said.
>
> Dropping bugs and forcing maintainer to review and spend time to check
> if there is a problem and what was the reported problem at all creates
> more work. And I
Hello all,
6 months have been passed after the CI system started to file bug reports.
~ 4700 bugs have been submitted
We _know_ that atm is not possible to set a specific summary, instead a
generic summary is used in case of compile failures and test failures.
There are also some documented
On venerdì 6 novembre 2020 09:18:50 CET Joonas Niilola wrote:
> Would it be possible for "someone" to figure it out, if you made your
> tinderbox scripts/code public? ;) Hate to say it, but toralf does pretty
> good job here, so it could be better.
As stated multiple times, toralf said that the
IN REPLY TO Michał Górny that didn't keep me CC'ed as requested:
>I do disagree with your presumption that this needs to be automated.
>The whole point behind providing a service is that you should be ready
>to dedicate *your* time into the service. However, we keep feeling that
>you assume that
On lunedì 28 dicembre 2020 09:56:19 CET Michał Górny wrote:
> I would like to propose that we stop patching
> packages, discontinue support for it and last rite it.
+1
--
Agostino
On mercoledì 23 giugno 2021 11:36:33 CEST Mart Raudsepp wrote:
> + jobs=$(( nproc + 1 ))
I don't know who historically started the nproc+1 story (it looks to be in the
handbook too), but it has been demonstrated that nproc+1 is slower than nproc.
Agostino
On sabato 29 maggio 2021 10:09:46 CEST Michał Górny wrote:
> It would be also nice if you took this as an opportunity to grow up
> and start using your developer nickname instead of switching through
> silly nicknames all the time, so that people can actually find you.
+1
Agostino
On lunedì 28 giugno 2021 11:28:23 CEST Michał Górny wrote:
> That said, it might be more consistent to change Portage behavior to use
> some visible distinction between output types (not just color), e.g.
> have it output:
>
> * [QA] ...
> * [WA] ...
> * [ER] ...
+1
Agostino
Hello all,
long story short:
when there is a major change (new gcc, new libc, and so on), tinderbox takes a
lot of time to test the entire tree.
Let's do a practical example:
A new version of sys-devel/gcc is added to the tree.
There is no way to know how much packages compiles C/C++ code,
On lunedì 28 giugno 2021 17:07:57 CEST Michael Orlitzky wrote:
> If the package declares a dependency on e.g. virtual/c-compiler, ago
> would want to re-test it whenever a new version of any compiler is
> released that satisfies virtual/c-compiler. Conversely, if the package
> doesn't require
Hello,
atm we have qa checks in:
- ${PORTDIR}/metadata/install-qa-check.d
- /usr/lib/portage/pythonX.Y/install-qa-check.d (installed via portage)
Many of them do not begin as "Qa Notice" so it is very hard track them without
naked eye especially via tinderbox.
There is a bug where I reported
On martedì 27 aprile 2021 10:12:09 CEST Michał Górny wrote:
> not to mention someone suddenly starting to file such a large
> number of bugs without any heads up.
Here are the heads up:
https://archives.gentoo.org/gentoo-dev/message/
9dcfdcd82b774ac812bdb1e7b7fbd396
Hello,
I would like to let you know that the CI is now able to work with overlays.
Since Guru is pretty active I took advantage of this situation to implement
and test the CI
Atm it has been configured to work with master branch.
I don't know how much is useful scan the dev branch since a
On giovedì 22 aprile 2021 12:02:20 CEST Michał Górny wrote:
> Well, I suppose scanning the dev branch would be preferable over
> the master branch. In reality, they are usually only a few hours apart
> but it might be useful to know of new breakage in dev before it's merged
> to master.
>
> It
On giovedì 22 aprile 2021 12:22:00 CEST Theo Anderson wrote:
> On the subject of many bugs, there are now almost 150 open bugs
> assigned to g...@gentoo.org. With this has come quite an email avalanche
> for which I think people must have set up mail filters by now. I
> imagine this means that
On giovedì 22 aprile 2021 12:25:50 CEST Michał Górny wrote:
> On Thu, 2021-04-22 at 11:59 +0200, Agostino Sarubbo wrote:
> > Hello,
> >
> > I would like to let you know that the CI is now able to work with
> > overlays.
> >
> > Since Guru is pretty ac
Thanks for all feedback.
Please discuss all points internally (branch, email, trackers and so on) and
send me an email with all changes you would like to have.
Agostino
On giovedì 22 aprile 2021 14:59:00 CEST Ionen Wolkens wrote:
> And, even if you don't see it like that, someday someone may want
> to go on a fixing spree using those trackers (may it be for ::guru
> or ::gentoo) but will keep seeing them mixed up together.
You can do it as wel by doing a
Hello all,
I would like to send an update about what recently added in the tinderbox/ci
systems.
At the begin of the build log, the commit SHA that causes the build is pointed
out.
This is useful in cases like:
1) There is a commit about package A
2) Package A needs package B as a depend
3)
On giovedì 22 aprile 2021 15:45:11 CEST Theo Anderson wrote:
> Hi Agostino,
>
> After some discussion in IRC we've agreed to have the maintainer of
> the respective packages be assigned to the bug with guru@g.o be CC'd.
> Where no maintainer exists for a package guru@g.o remains as the
>
Hello,
I've noticed that it's been in vogue lately say "as you were asked many times"
when there is something to say.
Well, this often (always?) happens without a reference but I don't care.
As asked by sam, CI should CC people that are breaking stuff with their
commits, see:
Hello,
the tinderbox is testing the packages into guru overlay.
Please expect related bugs.
If you have any objections, please let me know
Agostino
On martedì 6 aprile 2021 17:51:19 CEST Agostino Sarubbo wrote:
> Hello,
>
> the tinderbox is testing the packages into guru overlay.
> Please expect related bugs.
> If you have any objections, please let me know
>
> Agostino
@guru-committers: please use "repoman
On giovedì 12 agosto 2021 14:53:33 CEST Michał Górny wrote:
> To resolve these problems going forward and establish consistent
> behavior in the future, I'd like to propose to disable 'package list'
> fields on security bugs and instead expect regular stabilization bugs to
> be used (and made
# Agostino Sarubbo (2021-08-12)
# Latest release 2012, not anymore useful for current routers
# Removal in ~30 days.
app-crypt/WiRouterKeyRec
Agostino
Hello,
I would like to let you know that tinderbox is available for overlays.
If you want tinderbox to run against your overlay, just send me an email and
provide a valid Gentoo Bugzilla account for bug assignation.
Agostino
On giovedì 14 ottobre 2021 15:40:02 CEST Marek Szuba wrote:
> WDYT?
I agree for arches that have exotic hardware but I'd keep x86 since
testing can be done on amd64 via 32bit chroot.
On the other hand I'm pretty sure we have few x86 users so,
sooner or later, x86 will go into ~arch as well.
On martedì 25 gennaio 2022 18:00:30 CET Michael Orlitzky wrote:
> Can I request that Bug: and Closes: tags in our commits automatically
> CC the committer on the bug that is modified?
>
> Use case: I often fix (sci-*) bugs that I'm not CCed on, and a user
> will leave a comment like "it still
Hello all.
This is to make you aware that, per sam request, tinderbox is testing the tree
against
lto.
At the time of writing, the CFLAGS/CXXFLAGS tested are:
-flto -Werror=odr -Werror=lto-type-mismatch -Werror=strict-aliasing
They are mentioned in the comment 0 of each bug.
To make it more
Hello all,
I noticed that we have many people that, after received a bug report, ask for
what the
reported 'qa notice' means.
Sometimes there is a tracker and people can take an hint from the resolved bugs
but
when there aren't a lot of info I feel they are a bit lost.
Today, by pure
On sabato 3 settembre 2022 10:49:01 CEST Toralf
Förster wrote:
> Sounds promising, so SKIP_KERNEL_CHECK="y" in
make.conf will make it ?
right.
Agostino
On sabato 6 agosto 2022 04:12:18 CEST Mike Gilbert wrote:
> Please avoid abusing the I_KNOW_WHAT_I_AM_DOING variable any further.
I'm the original requestor of this change.
I agree with floppym, so at this point I'd suggest to migrate the current
I_KNOW_WHAT_I_AM_DOING into something that
Hi,
Whatever outside the arch testing (like tinderbox) is off topic here since it
is a completely different argument.
To make John Helmert III happy, I just switched to tatt; so my actual
workflow is tatt + nattka and there is nothing more.
If there are unanswered questions about the arch
On martedì 8 novembre 2022 14:26:18 CET Michał Górny wrote:
> If the code was
> public, I could try figuring it out and perhaps even fixing it.
Stable requests are handled by many people. o, since your requests were
ignored by all members and sam said that him, arthurzam, jsmolic are using
On domenica 6 novembre 2022 09:15:40 CET Michał Górny wrote:
> On top of that, it seems that most of it still relies on proprietary
> software and we have no clue how *exactly* it works, and it's really,
> really hard to get a straight answer.
I'm speaking for myself. I still use getatoms.py to
On domenica 6 novembre 2022 14:27:40 CET John Helmert III wrote:
> As far as I can tell, there's ONE person relying completely on a
> proprietary arch testing system.
>
> Ago, could you comment on this? What's blocking you from open sourcing
> your software?
Hi,
I already answered in the
On mercoledì 29 marzo 2023 08:03:59 CEST Robin H. Johnson wrote:
> Hi!
>
> This is a notification that multiple Gentoo services (bugzilla, forums,
> wiki) will be moving and temporarily offline possibly until sometime
> Saturday 2023/04/01.
Hi all,
in order to keep CI making its work, I created
Hello,
although it might seem offtopic, but while talking about metadata.xml fileds
and `pkgdev bugs` I would like to ask opinions about have a metadata.xml field
that allows the maintainer to exclude the package from `pkgdev bugs`
That should be useful for core packages (gcc/glibc) and for
Dear all,
TL;DR: tinderbox will skip packages with know failures
it's a matter of fact that on bugzilla there are hundreds of bugs that
tinderbox continues to reproduce.
That results in a waste of resources and time.
What was done to improve this situation:
in the past few months I launched
Hello all,
the truth is that I should have separated this email into two threads. However
they have a
relation, so let's discuss them in one place.
The first:
While is not mandatory begin an eqawarn with "QA Notice" and thus there are no
rules
about that I think it helps while grepping on
98 matches
Mail list logo
