Shengjing Zhu <z...@debian.org> writes: > On Tue, Nov 19, 2024 at 3:56 PM Simon Josefsson <si...@josefsson.org> wrote: >> >> Hi >> >> The crc package: >> >> https://tracker.debian.org/pkg/golang-github-crc-org-crc >> >> points to this git repository: >> >> https://salsa.debian.org/go-team/packages/crc >> >> Which is marked as Visibility:Private, so nobody except logged in Salsa >> people can access it. >> > > This is a common mistake that people push git repo to salsa before > creating the repo with the web ui/API. > And I really didn't find a way to disable such a create-on-push > feature in gitlab. > The recommended way to create the salsa repo for go-team is using the > `dh-make-golang create-salsa-project` command so it has consistent > repo configurations.
I've noticed this too in the past, and also wish there was a "make project public" knob for the create-on-push approach. It would be nice with a fork-on-push knob too, to specify which old project a new project was clone'd from, to avoid duplicates on the server and to setup the "forked from" property on the new project. > >> I suggest to: >> >> 1) Change it to Public - could someone help me do that? I don't have >> maintainer privs to the Go salsa group. >> > > I just bumped your role in the salsa go-team. Thank you! I changed the project to Public:Visibility now. >> 2) Rename the repository to golang-github-crc-org-crc to be more in >> style with other golang library packages. I realized that this is better done in relation to a new upload (for Vcs-* URLs), so I'll wait with this part. It doesn't really hurt anything but the eye, I think. I wanted to open a Salsa issue to remember it, but it seems we disable the use of Salsa issues -- I find salsa issue useful for things like this where a bugs.debian.org report feels weird. /Simon >> >> Thoughts? >> >> I noticed this while working on cosign, I'm deep in a dependency chain >> involving buildkite and webpki-jsoncanonicalizer and noticed that the >> crc package states a requirement on webpki-jsoncanonicalizer but never >> seems to use it. So I'd like to do an upload to drop it as a B-D (after >> carefully confirming that it doesn't break reverse rebuilds). >> >> /Simon
signature.asc
Description: PGP signature
