On Tue, Apr 21, 2020 at 07:56:16AM +0200, Michał Górny wrote:
> Display-If-Installed: dev-lang/python:3.6
>
> On 2020-05-06 (or later), Python 3.7 will replace Python 3.6 as one
> of the default Python targets for Gentoo systems. The new default
> values will be:
>
>
On Mon, Sep 07, 2020 at 07:44:33PM +0200, Michał Górny wrote:
> Hi,
>
> The following packages are up for grabs due to their maintainer being
> MIA.
>
> acct-group/monkeysphere
> acct-user/monkeysphere
> app-crypt/ekeyd
> app-crypt/monkeysphere
> app-crypt/nasty
> app-crypt/pinentry
>
On Thu, Sep 10, 2020 at 11:59:31AM +0300, Mikle Kolyada wrote:
>
> On 10.09.2020 08:35, Hans de Graaff wrote:
> > On Wed, 2020-09-09 at 13:35 +0300, Mikle Kolyada wrote:
> >> Closes: https://bugs.gentoo.org/741380
> > Could you provide a rationale for removing this? The bug only has a
> > single
On Fri, May 22, 2020 at 12:53:03PM -0700, Brian Dolbec wrote:
> We cannot exclude overlays which will have cat/pkg not in the main
> gentoo repo. So, we should not excludea submission that includes a few
> of these.
To avoid this problem, even if imperfectly, it should be possible to
track what
On Thu, Jun 25, 2020 at 07:32:04AM -0400, Michael Orlitzky wrote:
> On 2020-06-24 16:08, Michał Górny wrote:
> >
> > $ git grep -l mgo...@gentoo.org '**/metadata.xml' | cut -d/ -f1-2 |
> > xargs gpy-py2 2>/dev/null
> >
>
> The big problem with this is that it misses any aliases (like graphics@)
On Fri, Jul 24, 2020 at 02:06:56PM +0300, Joonas Niilola wrote:
> # Unmaintained in Gentoo, broken, multiple bugs open.
> # Removal in ~30 days. #733324
Hi, I've opened a PR to take this. The newest version fixes the build
issue present with the version we have in-tree and it seems that like
most
On Sat, Jul 25, 2020 at 08:05:14PM -0400, Rich Freeman wrote:
> On Sat, Jul 25, 2020 at 7:40 PM Joshua Kinard wrote:
> >
> > This seems like something that needs a news entry, or
> > at least a "heads up" on the mailing list?
>
> Definitely not a "heads up" on the mailing list - that is not an
>
On Tue, Dec 29, 2020 at 02:57:12PM +0100, m1027 wrote:
> > > On 29 Dec 2020, at 09:13, Marcel Schilling
> > > wrote:
> > >
> > > I just want to comment that I switched to LibreSSL on several
> > > Gentoo systems years ago and never had any major issues. I run
> > > both desktop and server
# John Helmert III (2021-06-19)
# Unmaintained, open security bug.
# Removal on 2021-07-19. Bug #717794.
net-misc/netkit-rsh
signature.asc
Description: PGP signature
On Wed, May 19, 2021 at 02:32:27PM +0200, Michał Górny wrote:
> Hi,
>
> Please review the pre-GLEP inlined below. Its purpose is to formally
> define the format of layout.conf. It's pretty much inevitable these
> days, so we should specify it. However, it doesn't really fit into PMS,
> and
On Mon, Feb 08, 2021 at 02:59:45PM +, Peter Stuge wrote:
> Hanno Böck wrote:
> > > "It does mean, however, that GTK 2 has reached the end of its life.
> > > We will do one final 2.x release in the coming days, and we encourage
> > > everybody to port their GTK 2 applications to GTK 3 or 4."
>
On Sun, Feb 21, 2021 at 03:54:39PM +0200, Joonas Niilola wrote:
> Hey,
>
> here are some packages up-for-grabs due to retirement of their maintainers.
> b = bugs open, v = version bump available.
>
> app-arch/innoextract
> net-irc/emech (b)
> net-misc/tigervnc (b)
Note that this one has a
Hi all,
In the past, stabilization for security bugs would be handled directly
in that security bug. After some discussion on the gentoo-dev mailing
list [1], there was some consensus on modifying this workflow to
separate stabilization from security bugs. Going forward, separate bugs
should be
On Fri, Aug 27, 2021 at 08:58:35AM +0200, Michał Górny wrote:
> On Thu, 2021-08-26 at 19:11 -0500, John Helmert III wrote:
> > In the past, stabilization for security bugs would be handled directly
> > in that security bug. After some discussion on the gentoo-dev mail
On Mon, Aug 23, 2021 at 06:55:57PM -0400, Mike wrote:
> Add cpio dependency to kernel-2.eclass
>
> Bug: https://bugs.gentoo.org/731666
>
> Signed-off-by: Mike Pagano
> ---
> eclass/kernel-2.eclass | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/eclass/kernel-2.eclass
# John Helmert III (2021-07-14)
# Dead upstream, unfixed security issue.
# Removal on 2021-08-13. Bugs #755896, #781467.
net-proxy/polipo
signature.asc
Description: PGP signature
The benefits definitely seem to outweigh the added work here, sounds
good to me!
signature.asc
Description: PGP signature
On Mon, Oct 18, 2021 at 02:25:47AM +0200, Thomas Deutschmann wrote:
> On 2021-10-14 15:40, Marek Szuba wrote:
> > WDYT?
>
> Could you please elaborate what you are expecting from this change?
>
> I.e. will this solve any problem (please name it)? Will it allow us to
> move forward where we are
On Sat, Dec 25, 2021 at 01:51:36AM -0500, Philip Webb wrote:
> 211224 Mike Gilbert wrote:
> > # Mike Gilbert (2021-12-24)
> > # Replaced by sys-apps/hwdata. Removal on 2021-01-23.
> > sys-apps/hwids
>
> It seems to be a requirement for my system :
>
> root:515 ~> emerge -cpv hwids
>
On Sun, Nov 21, 2021 at 08:59:57AM +0200, Joonas Niilola wrote:
> Hey,
>
> the following are up for grabs:
>
> acct-group/greetd
> acct-user/greetd
> gui-libs/greetd
I'll take these. Very happy to comaintain if anyone else is
interested, of course.
signature.asc
Description: PGP signature
# John Helmert III (2021-11-11)
# Unmaintained and vulnerable.
# Removal on 2021-12-11. Bugs #735978, #794907
app-emulation/firecracker
signature.asc
Description: PGP signature
# John Helmert III (2021-11-12)
# Unfixed code execution bug, unmaintained in Gentoo.
# Removal on 2021-11-11, bugs #672352, #794511.
www-apps/websvn
signature.asc
Description: PGP signature
# John Helmert III (2021-11-13)
# Unmaintained in Gentoo, open security bug, many unfixed otther
# bugs. Removal on 2021-12-13, bug #764719.
mail-client/cone
signature.asc
Description: PGP signature
On Wed, Nov 03, 2021 at 05:34:16PM +0100, Ulrich Mueller wrote:
> > On Wed, 03 Nov 2021, Rich Freeman wrote:
>
> > On Wed, Nov 3, 2021 at 11:03 AM Thomas Deutschmann
> > wrote:
> >>
> >> This is not about finding solution to upgrade the system (in this case
> >> it was enough to force
On Wed, Nov 03, 2021 at 05:51:49PM +0100, Thomas Deutschmann wrote:
> On 2021-11-03 17:44, John Helmert III wrote:
> >> | Upgrade path for old systems
> >> |
> >> | Vote (unanimous): The ebuild tree must provide an upgrade path to a
&g
On Thu, Nov 04, 2021 at 12:09:28AM +, Sam James wrote:
> On 4 Nov 2021, at 00:02, Sam James wrote:
> >> On 3 Nov 2021, at 23:53, Aaron Bauman wrote:
> >> Is that where the policy belongs?
> >> If so, shouldn't the council update it based on their decisions?
> >> "patches are welcome" doesn't
On Thu, Oct 21, 2021 at 10:05:20AM +0200, Michał Górny wrote:
> Hello,
>
> Splitting from the discussion in [1] (moving more arhitectures to
> ~arch), I'd like to propose that we remove the "security supported"
> architecture list from [2] and instead level security support with
> the general
On Wed, Oct 27, 2021 at 10:53:10AM +0500, Anna Vyalkova wrote:
> Signed-off-by: Anna Vyalkova
> ---
> Related to this version bump and unmask:
> https://archives.gentoo.org/gentoo-proxy-maint/message/d86352b4ebad8c4ddd14fcd8ce37162f
>
> ...27-upgrade-to-net-news_rssguard-4_0.en.txt | 29
Signed-off-by: John Helmert III
---
eclass/mount-boot.eclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/eclass/mount-boot.eclass b/eclass/mount-boot.eclass
index 2b07160231a6..3111d9dcb9b5 100644
--- a/eclass/mount-boot.eclass
+++ b/eclass/mount-boot.eclass
@@ -4,7
On Fri, Jul 16, 2021 at 05:33:24PM +0200, Michał Górny wrote:
> Signed-off-by: Michał Górny
> ---
> eclass/bash-completion-r1.eclass | 13 +
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/eclass/bash-completion-r1.eclass
> b/eclass/bash-completion-r1.eclass
>
On Fri, Jul 23, 2021 at 07:42:48PM +0200, Dennis Lamm wrote:
> Hello,
>
> Package up for grabs due to to no consumer in 3dprint project and other
> portage package:
> dev-python/imread
>
> It has 1 open bug and a version bump pending according to Repology.
>
> IMHO: this should be removed from
# John Helmert III (2021-07-26)
# Open security bug, service backing it seems to be dead, making these
# packages useless. Old EAPIs. Removal on 2021-08-26. Bug #630814
app-portage/getdelta
app-portage/deltup
signature.asc
Description: PGP signature
# John Helmert III (2021-07-26)
# Maintained needed, open security bug, uninterested upstream.
# No revdeps. Removal on 2021-08-26. Bug #752408.
app-text/lout
signature.asc
Description: PGP signature
On Thu, Mar 10, 2022 at 12:07:40PM -0600, William Hubbs wrote:
> On Thu, Mar 10, 2022 at 09:29:59AM -0800, Matt Turner wrote:
> > On Wed, Mar 9, 2022 at 11:09 PM Joonas Niilola wrote:
> > >
> > > On 9.3.2022 23.00, Matt Turner wrote:
> > > > I'd like to deprecate and ultimately remove repoman. I
On Thu, Mar 10, 2022 at 04:53:10PM -0500, Joshua Kinard wrote:
> On 3/10/2022 14:44, Andreas K. Huettel wrote:
> >>>
> >>> I wouldn't block anyone from doing this, but it's not something I'm
> >>> personally interested in pursuing. I see very little value here.
> >>
> >> First, you're trying to
I don't really have any strong opinion, but I'll note this was
discussed here last year, too:
https://archives.gentoo.org/gentoo-dev/message/a51ef62765b577dccfde67d5d2d727ae
On Tue, Apr 05, 2022 at 01:41:50AM +0200, Jason A. Donenfeld wrote:
> Hi,
>
> I'd like to propose the following for
Hi all! Currently all security bugs are assigned to security@g.o,
always. This can easily lead to some confusion about who needs to do
something about a given bug; right now this is generally tracked by
whiteboard magic strings that probably not many people outside of the
Security Project
On Sat, Apr 23, 2022 at 03:49:32PM +0300, Joonas Niilola wrote:
> On 15.4.2022 4.38, John Helmert III wrote:
> > Hi all! Currently all security bugs are assigned to security@g.o,
> > always. This can easily lead to some confusion about who needs to do
> > something about a
On Tue, Jul 12, 2022 at 05:28:36AM +0500, Anna Vyalkova wrote:
> This patch uses more friendly language towards potential transgender
> and plural contributors.
>
> No other projects require to use a legal name, e.g. Linux says to use
> your real name[0].
I'm not sure there are *none*, but
On Sun, Jul 03, 2022 at 09:03:04PM -0700, Georgy Yakovlev wrote:
> I've been rather busy lately and can't keep up with all of my packages.
> There are pending bumps, some bugs, but nothing too crazy or hard.
> So I'm looking for someone to co-maintain (or even take over if you
> insist) the
On Thu, Jun 09, 2022 at 07:49:04PM +0200, Sebastian Pipping wrote:
> On 08.06.22 22:42, Robin H. Johnson wrote:
> > EGO_SUM vs dependency tarballs:
> > [..]
> > - EGO_SUM is verifiable/reproducible from Upstream Go systems
>
> Let's be explicit, there is a _security_ threat here: as a user of an
# John Helmert III (2022-06-15)
# Open security bug with patches for years. Upstream seems dead since
# 2020. Removal on 2022-07-15. Bug #718550.
sys-cluster/csync2
signature.asc
Description: PGP signature
gui-apps/wf-recorder has been dropped to maintainer-needed due to its
proxied maintainer being retired. I've gone ahead and bumped it to
0.3.0, fixing the only open bug against it.
signature.asc
Description: PGP signature
# John Helmert III (2022-06-19)
# Untouched by maintainer since Git transition. No reverse dependencies,
# unused by upstream, vulnerable. Removal in 30 days. Bug #678705
dev-libs/libvterm-neovim
signature.asc
Description: PGP signature
On Sat, Jul 16, 2022 at 08:42:39PM +0200, Agostino Sarubbo wrote:
> Hello all,
>
> I noticed that we have many people that, after received a bug report, ask for
> what the
> reported 'qa notice' means.
>
> Sometimes there is a tracker and people can take an hint from the resolved
> bugs but
On Mon, Jul 25, 2022 at 03:30:08PM -0400, Joshua Kinard wrote:
> On 7/25/2022 14:44, Sam James wrote:
> >
> >
> >> On 22 Jul 2022, at 20:10, Mikhail Koliada wrote:
> >>
> >> Hello!
> >>
> >> This idea has been fluctuating in my head for quite a while given that the
> >> migration had happened
On Mon, Jul 25, 2022 at 03:59:59PM -0400, Joshua Kinard wrote:
> On 7/25/2022 15:30, Joshua Kinard wrote:
> [snip]
>
> >
> > Some really quick looking around, I'm not finding any substantive
> > discussions on why yescrypt is better than argon2. It so far seems that it
> > just got implemented
On Sat, Jul 23, 2022 at 08:34:26AM -0400, Michael Orlitzky wrote:
> On Sat, 2022-07-23 at 02:49 +0100, Sam James wrote:
> > # Sam James (2022-07-22)
> > # Monolithic mask for dev-haskell/* packages which have no reverse
> > dependencies,
> > # are broken, or severely out of date. The aim is to
On Wed, Sep 07, 2022 at 04:56:37PM +0100, Marek Szuba wrote:
> Dear everyone,
>
> I wonder if we should create a virtual package to allow our users - or
> at least those who run systemd anyway - to choose between sys-apps/dbus
> and sys-apps/dbus-broken as D-Bus implementation for their
On Mon, Aug 22, 2022 at 02:10:47PM -0400, Kenton Groombridge wrote:
> Hi everyone,
>
> I noticed that there are many systemd units which are shipped by various
> packages which could be hardened, some further than they are currently and
> some
> that could use some hardening in general.
>
> For
On Wed, Sep 28, 2022 at 05:28:00PM +0200, Florian Schmaus wrote:
> I would like to continue discussing whether we should entirely deprecate
> EGO_SUM without the desire to offend anyone.
>
> We now have a pending GitHub PR that bumps restic to 0.14 [1]. Restic is
> a very popular backup
On Wed, Oct 19, 2022 at 07:08:44PM -, Martin Vaeth wrote:
> Mike Gilbert wrote:
> > user.eclass has been deprecated for two years. In the gentoo repo, it
> > is currently only used by acct-group.eclass and acct-user.eclass
>
> It is needed for ebuilds in non-gentoo repositories which cannot
On Sun, Sep 25, 2022 at 08:23:08PM +0200, Michał Górny wrote:
> Transform the URIs to lowercase in unpacker_src_uri_depends() for
> consistency with the behavior of _unpacker().
>
> Signed-off-by: Michał Górny
> ---
> eclass/unpacker.eclass | 3 ++-
> 1 file changed, 2 insertions(+), 1
On Sun, Sep 25, 2022 at 04:04:07PM -0500, John Helmert III wrote:
> On Sun, Sep 25, 2022 at 08:23:08PM +0200, Michał Górny wrote:
> > Transform the URIs to lowercase in unpacker_src_uri_depends() for
> > consistency with the behavior of _unpacker().
> >
> >
On Fri, Sep 23, 2022 at 04:03:54PM +0200, Michał Górny wrote:
> Signed-off-by: Michał Górny
> ---
> glep-0074.rst | 13 +
> 1 file changed, 13 insertions(+)
>
> diff --git a/glep-0074.rst b/glep-0074.rst
> index 54bf216..bfbe092 100644
> --- a/glep-0074.rst
> +++ b/glep-0074.rst
>
On Wed, Aug 10, 2022 at 11:01:27PM -0500, John Helmert III wrote:
> # John Helmert III (2022-08-10)
> # Root privilege escalation vulnerability, many open bugs. Removal in 30
> # days, bug 630752
> net-analyzer/sguil-sensors
Sorry, that's net-analyzer/sguil-sensor, without a
# John Helmert III (2022-08-10)
# Root privilege escalation vulnerability, unmaintained since the git
# transition, multiple open bugs. Removal in 30 days, bug 630752
app-admin/logcheck
signature.asc
Description: PGP signature
# John Helmert III (2022-08-10)
# Root privilege escalation vulnerability, many open bugs. Removal in 30
# days, bug 630752
net-analyzer/sguil-sensors
signature.asc
Description: PGP signature
# John Helmert III (2022-08-14)
# Many vulnerabilities (including code execution and root privilege
# escalation), effectively unmaintained. Removal in 30 days, bugs
# #631552, #790296, #842789
sys-cluster/slurm
signature.asc
Description: PGP signature
# John Helmert III (2022-08-14)
# Dead upstream, vulnerable, no revdeps except a usedep. Removal in 30
# days, bug #618000
media-libs/libaacplus
signature.asc
Description: PGP signature
# John Helmert III (2022-08-14)
# Vulnerable and unmaintained for years, many open bugs, no revdeps,
# EAPI 6. Removal in 30 days, bug 733354
net-misc/calico-cni-plugin
net-misc/calicoctl
signature.asc
Description: PGP signature
app-shells/thefuck is up for grabs after the inactivity retirement of
its proxied maintainer. I've gone ahead and cleaned up its many
duplicate/obsolete bugs and cleaned up for a security bug, so it has
one test failure bug open.
signature.asc
Description: PGP signature
# John Helmert III (2022-08-14)
# Remote code execution vulnerability, dead upstream. Removal in 30
# days, bug #791004.
x11-terms/mrxvt
signature.asc
Description: PGP signature
# John Helmert III
signature.asc
Description: PGP signature
# John Helmert III (2022-08-14)
# Vulnerable, unmaintained in Gentoo, EAPI6. Removal in 30 days,
# bug #772209
app-crypt/keybase
signature.asc
Description: PGP signature
# John Helmert III (2022-08-16)
# Multiple vulnerabilities, unmaintained upstream, EAPI 6. Removal in 30
# days, bug #830138
media-gfx/gif2apng
signature.asc
Description: PGP signature
# John Helmert III (2022-08-16)
# Vulnerable, unmaintained upstream, maintainer says it's time for it to
# go. Removal in 30 days, bug #769758
www-servers/thttpd
signature.asc
Description: PGP signature
On Sun, Dec 25, 2022 at 06:02:11PM +, m1027 wrote:
> mgorny:
>
> > # Michał Górny (2022-12-25)
> > # make.conf writing is broken and package.use support incomplete.
> > # Last release in 2013. Attempted unsuccessfully fixing it in 2017.
> > # Use an editor instead.
> > # Removal on
The following packages are up for grabs due to the retirement of their
proxied maintainer:
app-arch/patool
app-backup/mkstage4
dev-python/prov
dev-python/pydotplus
dev-python/ratelimit
signature.asc
Description: PGP signature
# John Helmert III (2023-01-08)
# Multiple vulnerabilities include remote code execution, maintainer
# needed, removal in 30 days. Bug #834501
dev-util/artifactory-bin
signature.asc
Description: PGP signature
On Fri, Dec 23, 2022 at 11:11:46PM +0300, Alexey 'Alexxy' Shvetsov wrote:
> Hi!
Please make discussion on gentoo-dev rather than gentoo-dev-announce.
> Whats the reason to lastrite packages that use nose as dep for tests?
> e.g dev-python/pika (which is a usefull py lib)?
nose has been
On Fri, Dec 02, 2022 at 08:30:03PM +, Peter Stuge wrote:
> John Helmert III wrote:
> > > > There are multiple CVEs for it, is it really on us to discriminate
> > > > between which CVEs are valid and which are not?
> > >
> > > Yes.
> ..
>
So much yapping on the mailing lists, and no response in the bug which
triggered the last rites...
So, Peter, do you use Boa? If you do, what niche does it fill that
isn't filled by anything else? There are multiple CVEs for it, is it
really on us to discriminate between which CVEs are valid and
On Fri, Dec 02, 2022 at 06:29:28PM +, Peter Stuge wrote:
> John Helmert III wrote:
> > So much yapping on the mailing lists, and no response in the bug which
> > triggered the last rites...
>
> Apologies if I responed in the wrong forum. I thought on list would
> be g
On Fri, Dec 16, 2022 at 11:01:13PM -0500, Brian Evans wrote:
> On 12/15/22 20:08, Duncan wrote:
> > Florian Schmaus posted on Thu, 15 Dec 2022 21:40:19 +0100 as excerpted:
> >
> >> On 15/12/2022 21.10, Toralf Förster wrote:
> >>> On 12/15/22 20:22, Florian Schmaus wrote:
> o use
On Sat, Dec 17, 2022 at 05:42:43AM +, Sam James wrote:
>
>
> > On 15 Dec 2022, at 19:22, Florian Schmaus wrote:
> >
> > This is a public service announcement that the recently stabilized portage
> > version will truncate you repo's git history to 1.
>
> I wish you'd shown us in
On Mon, Dec 12, 2022 at 11:26:32PM +0100, Piotr Karbowski wrote:
> On 12/12/2022 23.06, Sam James wrote:
> > It's unusual to have discussion about a single package on the mailing
> > lists. I tend to keep an eye on PAM
> > bugs because I maintained pambase.
> >
> > Bugs are the primary method of
# John Helmert III (2022-11-24)
# Compatibility issues with openssl-1.1*, numerous build issues, version
# in tree is EOL upstream. Removal in 30 days. Bug #882759.
net-misc/cfengine
signature.asc
Description: PGP signature
# John Helmert III (2022-11-24)
# Binary package several releases behind the source-based package,
# multiple vulnerabilities, unmaintained for several years. Removal in
# 30 days. Bugs #849389, #882783.
dev-db/percona-xtrabackup-bin
signature.asc
Description: PGP signature
# John Helmert III (2022-11-29)
# Authentication bypass vulnerability, unmaintained in Gentoo, source
# package available. Use app-metrics/prometheus instead. Removal in 30
# days. Bug ##883637.
app-metrics/prometheus-bin
signature.asc
Description: PGP signature
# John Helmert III (2022-11-29)
# Unmaintained and outdated in Gentoo, compatibility issues with
# openssl-1.1. Removal in 30 days. Bug #696936.
sys-apps/ucspi-ssl
signature.asc
Description: PGP signature
Resending to correct subject line.
On Tue, Nov 29, 2022 at 08:56:34PM -0600, John Helmert III wrote:
> # John Helmert III (2022-11-29)
> # Unmaintained and outdated in Gentoo, compatibility issues with
> # openssl-1.1. Removal in 30 days. Bug #696936.
> sys-apps/ucspi-ssl
s
# John Helmert III (2022-11-27)
# Unmaintained upstream, several unresolved public vulnerabilities,
# Removal in 30 days. Bug #882773.
www-servers/boa
signature.asc
Description: PGP signature
Could you resend this in plaintext?
On Thu, Nov 24, 2022 at 05:46:45PM +0100, vaukai wrote:
>
>
>
>
>
>
>
>
> Michał Górny href="mailto:mgo...@gentoo.org;>mgo...@gentoo.org hat am 24.11.2022
> 15:03 CET geschrieben:
>
>
>
>
>
>
>
>
>
I've pruned a bunch of users (non-devs) from Gitolite ACLs who haven't
committed in many years (and more than a decade in many cases).
Let me know if you've lost access to something you think you shouldn't
have.
signature.asc
Description: PGP signature
On Mon, Jan 23, 2023 at 05:35:50PM +, Marco Scardovi wrote:
> id="protonmail_mobile_signature_block">Sent from Proton Mail for
> iOS Il lun, gen 23, 2023 alle
> 18:22, Tomas Mozes mailto:hydrapo...@gmail.com;
> class="">hydrapo...@gmail.com ha scritto: class="protonmail_quote"
On Sun, Jan 29, 2023 at 02:15:19AM +0300, Torokhov Sergey wrote:
> The similar names in PyPi is a real problem for users when trying to
> find associated packages. It's also could be a security issue for them with
> malicious packages named like popular packages. />So in ::guru I try to save
On Sat, Jan 28, 2023 at 10:23:45PM +0100, Ulrich Mueller wrote:
> > On Sat, 28 Jan 2023, Andrew Ammerlaan wrote:
>
> > Each of these is a different package. The package you usually want is
> > GitPython, but if we would name it gitpython or git-python, things
> > would get very confusing very
On Sat, Jan 28, 2023 at 10:15:02PM +0500, Anna (cybertailor) Vyalkova wrote:
> I'd prefer if PyPI names are guidelines, not a strict policy. I don't
> like CamelCase and separators other than dash ("-") :P
>
> Also I don't like when packages are named "dev-python/python-foo"
> instead of just
On Fri, Jan 13, 2023 at 02:35:45PM +0100, Michał Górny wrote:
> Friends,
>
> Our dear friend zlogene has been inactive recently, and for this reason
> the packages listed below are looking for new maintainers. Please take
> a look and see if you're interested in a few of them.
>
>
On Sun, Nov 06, 2022 at 09:15:40AM +0100, Michał Górny wrote:
> Hi, everyone.
>
> Arch testing's relying on automation a lot these days. Not saying
> that's bad, if it improves the state of affairs. However, I have some
> concerns, based on what I've seen lately.
>
> On top of that, it seems
On Tue, Nov 08, 2022 at 09:43:19AM +0100, Agostino Sarubbo wrote:
> Hi,
>
> Whatever outside the arch testing (like tinderbox) is off topic here since it
> is a completely different argument.
>
> To make John Helmert III happy, I just switched to tatt; so my actual
> work
On Thu, Nov 10, 2022 at 10:43:55AM +0200, Jaco Kroon wrote:
> Hi,
>
> On 2022/11/10 06:13, John Helmert III wrote:
> >>> - Drop synopsis and description fields. These fields contain the same
> >>> information and will be superceded by the existing impact
On Thu, Nov 10, 2022 at 10:55:03PM +0200, Mart Raudsepp wrote:
> Ühel kenal päeval, N, 10.11.2022 kell 22:07, kirjutas Jaco Kroon:
> > > Like glsa-check?
> > We currently use that, but it really just says which GLSAs are
> > applicable to the system, it doesn't tell me net-misc/asterisk-
> >
On Thu, Nov 10, 2022 at 09:49:27PM +0100, Jonas Stein wrote:
> On 10/11/2022 03:27, John Helmert III wrote:
> > The first GLSA in glsa.git is GLSA-200310-03, the third GLSA of
> > October 2003. It used roughly the same format of the GLSAs we release
> > today, in 2022, maki
On Mon, Nov 07, 2022 at 08:26:15AM +0200, Joonas Niilola wrote:
> On 7.11.2022 8.07, Oskari Pirhonen wrote:
> > On Sun, Nov 06, 2022 at 11:37:24 +0100, Piotr Karbowski wrote:
> >> I would be in favour of stepping up the social contract and actually
> >> prohibiting this kind of things, we had
On Mon, Nov 07, 2022 at 07:23:33PM -0500, Rich Freeman wrote:
> On Mon, Nov 7, 2022 at 6:16 PM Sam James wrote:
> >
> > > On 7 Nov 2022, at 06:07, Oskari Pirhonen wrote:
> > >
> > > On Sun, Nov 06, 2022 at 11:37:24 +0100, Piotr Karbowski wrote:
> > >> I would be in favour of stepping up the
The first GLSA in glsa.git is GLSA-200310-03, the third GLSA of
October 2003. It used roughly the same format of the GLSAs we release
today, in 2022, making that format almost as old as me.
Somewhere along the way, it started to become necessary to target
multiple version ranges within the same
On Sun, Nov 06, 2022 at 08:03:16PM +0100, Agostino Sarubbo wrote:
> On domenica 6 novembre 2022 14:27:40 CET John Helmert III wrote:
> > As far as I can tell, there's ONE person relying completely on a
> > proprietary arch testing system.
> >
> > Ago, could you comme
On Thu, Nov 10, 2022 at 04:43:01AM +0100, Michał Górny wrote:
> On Wed, 2022-11-09 at 20:27 -0600, John Helmert III wrote:
> > The first GLSA in glsa.git is GLSA-200310-03, the third GLSA of
> > October 2003. It used roughly the same format of the GLSAs we release
> > t
1 - 100 of 110 matches
Mail list logo
