On 08/02/18 20:29, Axel Beckert wrote: > Control: tag -1 + confirmed > > Hi, > > OmegaPhil wrote: >> I use aptitude as a Devuan user, but with vanilla aptitude it is not >> possible to download changelogs for packages due to the hardcoded origin >> check in generic/apt/pkg_changelog.cc:check_valid_origin: >> >> https://sources.debian.org/src/aptitude/0.8.10-6/src/generic/apt/pkg_changelog.cc/#L691 >> >> Please can the whitelist be user-configurable? > > We should at least make this more flexible. Not sure, what's the best > way. > > There are though plans to further shrink the diff to Ubuntu by making > more stuff vendor-dependent. > > And currently Ubuntu patches exactly these lines of code (plus more > related lines): > https://patches.ubuntu.com/a/aptitude/aptitude_0.8.10-6ubuntu1.patch
Thanks for getting back so quickly - ah, that figures. I have an awful hack locally (https://git.devuan.org/devuan/devuan-project/uploads/15e61354c9588024eabc0a6fc4a3faaa/allow-devuan-repo-changelog-source-v2.patch , now it has to fall back to the Label to check in the Devuan case). >> For reference currently the recommended Devuan repo has no Origin >> specified (it used to), > > That's a really bad decision. Why have they done it? They don't gain > anything from it except breaking their infrastructure and annoying > their users. > >> but talking on IRC it sounds like they will fix this if aptitude is >> changed to allow non-Debian repos as a valid source. > > Huh? That sounds a lot like extortion. If it was meant like that, they > won't get any farther — neither here nor anywhere else. > > Regards, Axel (running Debian Unstable with sysvinit or openrc) Yes, they didn't think it was a notable issue. Devuan is also very busy getting Ascii out the door, so its probably just down to being too busy. Thank you for what you have said though - good evidence for me :)
signature.asc
Description: OpenPGP digital signature
