Re: RFC: New Member Process documentation
e wiping https://www.debian.org/devel/join/nm* pages > > I don't know which other places in Debian (documentation, packages, wiki > pages, policy...) the https://www.debian.org/devel/join/nm* are > mentioned, but maybe it's good to set a list of redirects that we can > add to the Apache configuration of the website, so people are driven to > the new pages. > We would need a bit of help from your part with that (the list of old > pages to delete and the corresponding new pages). > and > > rework https://www.debian.org/devel/join/ (Enrico has draft a patch for the > > join page). > > Thanks! I'll send it in a day or so. > > I tried to incorporate anything I know about the NM Process, with Enrico's > > help, but I'm pretty sure this is far from perfect. If you have remarks on > > the > > content, these are more than welcome! > > Feel free to create a branch under the webwml repo, if you prefer > > https://salsa.debian.org/webmaster-team/webwml/ > > or use the BTS (www.debian.org pseudopackage), as you wish. > > Now, with my publicity team hat, I think it would be nice to publish > some news item (article in bits.debian.org or other) explaining the > move/rework so the new documentation/info pages arrive to a wider > audience, and reduces frustration of people trying to find the old > pages. Ping us at debian-publicity to coordinate that, if you find it is > a good idea. I like this idea! Probably it's also time for a news item about the recent single signon changes, and nm.debian.org UI improvements. Enrico -- GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini signature.asc Description: PGP signature
Bug#1008054: Remove debian-es.org links from website
Package: www.debian.org Severity: normal Hello, it looks like the debian-es.org domain has expired and has been picked up by some cybersquatter. We have some links to it in the website, which should probably be removed. Thanks, Enrico
Bug#700192: Debian New Members Corner: claims every member "has upload permissions for all packages"
On Tue, Sep 23, 2014 at 10:05:17PM +0200, Laura Arjona Reina wrote: Thanks for the patch! I like it, and it was sorely needed. > I'm not sure if for applicants to non-uploading DD there's an > alternative requirement for the "6 months being Debian Maintainer", so I > wrote "you should have been contributing to Debian for about six months". It could just be "you should have a visible and significant track record of work inside the project". > Debian Developer (DD): The traditional full membership role in Debian. A > DD > -can upload any package and can participate in Debian elections. Before > applying > -as DD, you should have been a DM for about six months. > + can participate in Debian elections. Packaging DDs can upload any package > to the archive. Before applying as packaging DD, you should have been a DM > for about six months. Non-packaging DDs have no permissions in the archive. > Before applying as non-packaging DD, you should have been contributing to > Debian for about six months. > + It's probably time to corrent the "DM for 6 months" thing, since it doesn't make sense for people who work in teams like the Perl team where it's trivial to find sponsors. I propose: "Before applying as packaging DD, unless you usually do your work inside a team you should have been a DM for about six months." >is member of the Debian project; >is allowed to vote about issues regarding the whole project; >can log in on most systems that keep Debian running; > - has upload permissions for all packages; > + has upload permissions for all packages > + (except non-uploading Developers, to whom this permission is not > granted); I would just say "except non-uploading Developers": "to whom this permission is not granted" sounds redundant and mean to me. Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini signature.asc Description: Digital signature
Bug#805451: Bugs/Reporting: please document for each pseudo-header in which addr...@bugs.debian.org it can be used
Package: www.debian.org Severity: wishlist Hello, whenever I want to use pseudoheaders in bug interaction I find myself missing a reference documentation of them, stating what they do, their exact syntax, and which are accepted by which part of the BTS. For example, can I use Version when I mail to -d...@bugs.debian.org? https://www.debian.org/Bugs/Developer#closing says that I can, but https://www.debian.org/Bugs/Reporting#pseudoheader does not mention it. Can I use Control: when I mail n...@bugs.debian.org? https://www.debian.org/Bugs/Reporting#control it documents in which address it can be used, and I find it very useful. Can I use Tags: when I mail n...@bugs.debian.org? I cannot find a mention of it, and I do not know where to look. Most times I want to interact with the BTS and Do Things Right The First Time, I end up asking such questions to #debian-devel and feeling frustrated for the need of asking such apparent trivialities. I wish there was a coincise reference to them: it would help me greatly. Thank you, Enrico -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Re: upgrading glinka
On Sun, Jan 17, 2016 at 11:57:49AM +0100, Peter Palfrader wrote: > debtags seems to have some python django breakage that needs to be fixed. It requires porting to a Django several versions newer. It'll take me a while, possibly a long while. Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini
Re: upgrading glinka
On Tue, Jan 19, 2016 at 11:39:18PM +0100, Enrico Zini wrote: > On Sun, Jan 17, 2016 at 11:57:49AM +0100, Peter Palfrader wrote: > > debtags seems to have some python django breakage that needs to be fixed. > It requires porting to a Django several versions newer. It'll take me a > while, possibly a long while. It seems to be up again, although there may be some parts of the site that do not work. I'll wait to see if anyone reports them, and if I find them before anyone else does, I might just decide to remove them as stuff that nobody uses. Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini
Bug#823180: SSO certificates for tracker.debian.org broken
On Mon, Jan 16, 2017 at 09:26:10PM -0800, Russ Allbery wrote: > Is there any way that I or someone can help with the current issue with > enrolling on sso.debian.org? It looks like this was originally reported > in May of last year on this bug. Sure. Although I'm bad at project managing myself[1], I'm very happy to help. > There are two problems: one is that if one goes to tracker.debian.org and > selects Login and then follows the bold link to sso.debian.org, that link > (https://sso.debian.org/spkac/enroll/) is 404. Ack. I refactored sso.debian.org when we got rid of DACS, and now there are two login pages, one for debian.org and one for alioth.debian.org, because sso.debian.org has now been setup with two views of the same functionalities each with a different apache authentication. That link should probably just be changed to https://sso.debian.org/ > If one goes directly to sso.debian.org, clicks on Debian account > certificates, and logs in, clicks on Get new certificate, and then > submits, it just produces "/usr/bin/openssl failed" as an error message at > the top of the page. That would be with chrome/chromium, I suppose? They disabled the certificate generation functionality by default: https://wiki.debian.org/DebianSingleSignOn#chromium_.2F_chrome I know of no way of doing certificate generation on recent chromes without explicitly enabling it as described on the wiki link above, and I read somewhere months ago[citation needed] that the chrome devs decided it's a feature that they intend to remove altogether. It'd be nice if they changed their mind or started suggesting alternatives. I started playing with the idea of a command line tool that would take care of browsers: https://github.com/spanezz/debsso-client and it looks like a promising avenue, in that it's possible to feed client certificates to chromium and firefox from the command line: https://lists.debian.org/debian-devel/2016/10/msg00131.html debsso-client could do SPKAC with sso.debian.org and inject the resulting certificate into the browsers key store: 1. openssl genrsa -out user.key 2048 openssl spkac -key user.key -challenge FvIu8NDJZxGmpKmA5pp3asMDZChXD4rc | cut -d= -f2- 2. Post it to https://sso.debian.org/debian/certs/enroll_manually or https://sso.debian.org/alioth/certs/enroll_manually authenticating with HTTP basic auth, together with the validity and comment fields that you see on the page 3. get the client certificate as the result of the POST 4. feed it into the browser key store > I'd be happy to try to help out with a fix if the problem is just that > you're swamped, although I'm not sure where all the pieces are and > probably don't have access, so it may require a bit of poking around. The code for sso.debian.org is at https://anonscm.debian.org/cgit/debian-sso/debian-sso.git/ and is deployed on diabelli.debian.org; would you like me to ask for you to have access to it? For the chrome enrollment issue specifically, can you get someone in silicon valley to describe a standard way to automatically negotiate a client certificate? More generally, you could join me/lead me writing and testing debssi-client or some other kind of command line tool for certificate negotiation. All the pieces are there, but I bail out at the idea of the responsibility of working and publishing and maintaining that kind of security sensitive code by myself. Enrico [1] http://www.enricozini.org/blog/2014/debian/on-responsibilities/ -- GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini signature.asc Description: PGP signature
Bug#636785: updates to http://www.debian.org/devel/join/nm-advocate to welcome non-packaging contributors
On Fri, Aug 05, 2011 at 06:03:48PM -0400, Daniel Kahn Gillmor wrote: > +yourself if you want to see them in Debian – if you think they > +should be a Debian developer then go ahead and recommend them. Thanks! It looks all good to me; only I fewar the last bit "go ahead and recommend them" could potentially be misread as "go ahead and recommend them to Front Desk" instead of "go ahead and encourage them to apply". I would then suggest a change of the last bit to "[…] if you think they should be a Debian developer then go ahead and encourage them to apply." Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini signature.asc Description: Digital signature
Bug#636570: Broken links on http://testing-security.debian.net/helping.html and /uploading.html
On Mon, Sep 19, 2011 at 03:50:45PM -0400, David Prévot wrote: > Hi Henri, thanks for your report, forwarding it to Nico who is taking > care of this service according to the DNS entry [0], to the brand new > debian-services-admin mailing list (is it OK to forward such bugs report > here?), and to the Alioth admins, since “the problems [will be fixed] as > they are reported” [1]. I'd say that if you know who's looking after the service, you don't need to keep debian-services-ad...@lists.debian.org in the loop. If instead you don't know who's looking after the service, or how to deal with it, then debian-services-ad...@lists.debian.org would be the place to ask. Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini signature.asc Description: Digital signature
Re: mistakes on the website
On Thu, Jan 26, 2012 at 12:04:26AM +0100, Simon Paillard wrote: > > I propose you: [...] > > private one-to-one communication, it also supports chat rooms, and it is > > used > > in the XMPP network as well as for the IM capabilities for the Google Talk > > network. > > > > In contrast to other IM networks like MSN, ICQ or AIM, the XMPP servers > > are free software and can be used to create a private chat platform or have > > an own server to connect to the XMPP network. > > > > Link: http://xmpp.org/ Link: > > https://en.wikipedia.org/wiki/Extensible_Messaging_and_Presence_Protocol Thank you Neustradamus and Simon. Indeed the meaning of Jabber/XMPP has changed since that description was last taken from Wikipedia. I am lazy and I like reusing content, so I prefer to track Wikipedia with tag descriptions. I'd keep the tag name as protocol::jabber for now, as changing a tag name is a rather heavyweight thing; however I agree that at some point protocol::jabber should probably become protocol::xmpp, especially as more non-chat software will appear that use XMPP. Here is the patch I committed, let me know if it sounds reasonable: --- a/debian-packages +++ b/debian-packages @@ -1858,18 +1858,20 @@ Description: IRC Link: http://en.wikipedia.org/wiki/Internet_Relay_Chat Tag: protocol::jabber -Description: Jabber - The Jabber protocol is an instant messaging protocol on the basis of the XMPP - protocol. Additionally to private one-to-one communication, it also supports - chat rooms, and it is used in the Jabber IM network as well as for the IM - capabilities for the new GoogleTalk network. - . - In contrast to other IM networks like MSN, ICQ or AIM, the Jabber servers are - free software and can be used to create a private chat platform or have an own - server to connect to the Jabber network. - . - Link: http://www.jabber.org - Link: http://en.wikipedia.org/wiki/Jabber +Description: XMPP + Extensible Messaging and Presence Protocol (XMPP) is an open-standard + communications protocol for message-oriented middleware based on XML + (Extensible Markup Language). + . + The protocol was originally named Jabber, and was developed for + near-real-time, extensible instant messaging (IM), presence information, and + contact list maintenance. + . + Designed to be extensible, the protocol today also finds application in VoIP + and file transfer signaling. + . + Link: http://xmpp.org/ + Link: http://en.wikipedia.org/wiki/XMPP Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini signature.asc Description: Digital signature
Re: Fwd: Today the public review period for ADMS.F/OSS v0.3 began
On Fri, May 11, 2012 at 02:25:13PM +0200, Olivier Berger wrote: > You may be interested in knowing that a draft of a vocabulary intended > to be used for describing software developped in forges, or listed in > catalogues has been published by a working group attached to the > European Commission (ISA programme), for review by the public. > > I imagine it could well be used some day to publish metadata about > Debian distributions and or software packaged in Debian on the Semantic > Web (for instance to interlink records of an upstream software, some > user reviews, its debian packages, and other distributions', etc.). I'm sorry I don't have the time to participate personally, but should you need something to complement Trove categories, there are several facets in Debtags that are pretty well defined and useful. These are general purpose facets that are imo ready for prime time, and very useful: role, implemented-in, interface, system, uitoolkit, works-with, works-with-format, hardware. These are domain-specific facets that support important use cases: accessibility, admin, devel, field, game, iso15924, mail, network, protocol, office, science, security, sound, web. The "use" facet is one with a lot of potential, but which requires more thinking: it could be a good starting point for an interesting discussion. If you need anything debtags-related, you know where to find me: I hope I'll be able to respond in a timely manner. Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini signature.asc Description: Digital signature
Re: Stats of hits of translated web pages
On Fri, Oct 04, 2013 at 02:09:56AM -0700, Marcin Owsiany wrote: > Looks like dde (which is how the stats are propagated to website building > scripts) is having a bad time. Enrico, can you have a look? > > porridge@beczulka:~$ LANG=C wget -4 > http://dde.debian.net/dde/q/static/porridge /stats?t=json [...] > Connecting to dde.debian.net (dde.debian.net)|206.12.19.10|:80... connected. > HTTP request sent, awaiting response... Read error (Connection reset by peer) > in headers. ssh paganini.debian.org timeouts for me. It looks like the host is having issues, I'm Cc-ing DSA. Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini -- To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131004093201.ga27...@enricozini.org
"People who installed X also have packages Y, Z and T installed"
Hello, I started building the dataset to do just that: http://people.debian.org/~enrico/Suggestions.gz This has been build on my laptop, it took about one hour and a half. I have the infrastructure to rebuild it installed on people.debian.org (where the popcon data reside), but I haven't run it there yet. Once the pocon data are mirrored on puccini we can run it there with more horsepower. But where the data is built doesn't matter too much, as it doesn't need to be rebuilt very often. The main point is: that is a simple to parse file with the data inside, and I hope it can easily be integrated in packages.debian.org. Ciao, Enrico -- GPG key: 1024D/797EBFAB 2000-12-05 Enrico Zini <[EMAIL PROTECTED]> signature.asc Description: Digital signature
Re: "People who installed X also have packages Y, Z and T installed"
On Fri, Mar 02, 2007 at 11:00:56PM +0100, Martin Zobel-Helas wrote: > > Although I think the idea is nice, I don't think the current data is all > > that usable. Some examples of "links" that IMO are completely useless in > > practice, just from the top of the file and not even complete for the > > selected packages: > > 3dchess: kworldclock > > 3ddesktop: module-assistant, devscripts > > 915resolution: linux-image-2.6.18-3-686 > > 9base: xserver-xephyr, libxml2-dev > > IMO some heavy filtering needs to be done for this data to be anything > > more than a toy and publishable. > i agree with you that we need to do some data filtering here. OTOH this > intends to be an "amazon"like feature, where not every package needs to > stand in any relation to the other package. What needs to be done is > some filtering, so not every package lists libfoo or bar-common, but i > guess Enrico has already done so. So far I've seen two causes for bad suggestions: 1) Suggestions for a package that is too popular tend to be meaningless: this is because when I query Xapian with, for example, "please give me 20 typical systems that have 'grep' installed", I get random systems as all systems have grep installed. This *might* be detectable looking at the Xapian's relevance estimate, which I'd expect to be low in cases like this. 2) Packages being partially tagged. I normally filter out all the libfoobar0 and foo-common packages using this tag expression: '!role::shared-lib && !role::app-data' but this filtering fails if a -common package, for example, is not well tagged and does not have the role::app-data tag. This is, afaict, only solvable by fixing the tags. I'd be happy if people could find out more. > Perhaps you can give some idea on how you would implement a better > filtering. > PS: I would really like to see that feature on packages.debian.org :) Me too. I wouldn't actually mind if we just added it as it is, marked *experimental*, and see where we can go from there. Ciao, Enrico -- GPG key: 1024D/797EBFAB 2000-12-05 Enrico Zini <[EMAIL PROTECTED]> signature.asc Description: Digital signature
Bug#601337: RSS feeds
Hello, I have a bit of an history of debian-related talks, but I'm guilty of never having notified the www-team. Apologies. However, I wouldn't want to update the wiki after each talk, as I already have to provide info to the event organisers and fill in the bits for the talk to appear in my own website. I also know that more often than not I'd forget to notify the www team. However, it would take me very little effort to setup a rss feed with all my debian related talks. There already is a RSS feed with my talks, so it'd be just a matter of tagging them and providing a tag-specific feed, as I already do with my blog. Which leads me to this: would it be useful/welcome if people provided the www team with RSS feeds of their debian-related talks? That would ensure, at least for those like me for which this is easy to set up, that you'd be guaranteed to get timely notifications with no added effort on my part. Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini signature.asc Description: Digital signature
Bug#612208: review of the new website style
Package: www.debian.org Severity: minor Hello, first of all, thanks for the huge work involved in taking control of the website layout, and across so many parts of the Debian web ecosystem. That was impressive work! There are a few minor issues I noticed in the new website design that I thought of collecting here. I'm doing it in the hope it can be useful, but I don't dare opening a new bug report for every one of them unless you tell me to, and I really don't mind if you just say "meh" and close this bug. Here's the list of issues I noticed: * The news and other prime time links end up way down in the screen. This may be because I have a 12" widescreen laptop display which is wide and short, the screenshot is at http://store.enricozini.org/debianorg.png On the other hand, text that runs the full width of the page tends to give me a headache as I read it. With widescreen displays becoming more and more like the standard, I feel like it may make sense to chop some space on the side to use for links, although looking at the new design I have the feeling that removing the sidebar was an explicit choice, so never mind. * The gradient behind the top left swirl logo does not match the gradient of the rest of the top part. The difference between the two is especially visible after the 'n' in 'debian' just below the swirl. * I see no reason why having a white margin below the top left swirl logo: it gives me the feeling of a layout problem rather than an explicit choice. * Alignment is an issue throughout the whole home page. If you draw a vertical line anywhere through the page, you don't see any two consecutive text objects that will align to it. The overall feeling is of confusion and untidyness rather than elegange. * There is no alignment at all on the right margin, either: justifying the introduction text at the top instead of having it left-aligned makes already a great difference. Making ul#hometoc-cole and the sponsor link right-aligned also makes quite a difference. * "Getting started", "News" and "Security advisories" here occupy only the left half of the screen, and seem to call for a two-column layout. * The "Getting started", "News" and "Security advisories" titles don't differentiate enough, graphically, from the rest of the body text, and they appear to me as just a slightly bigger body text. A quick stab at making them serif and bold, for example, gives a much clearer graphical distinction. * In "News" and "Security advisories", the monospace dates feel odd to me. Partly because they are not aligned together with the title, nor indented enough to make the lack of alignment look intentional. And partly because of the subtle font change, from a fixed-width sans to a proportional sans, which again isn't quite the same but isn't that different either. The square brackets in the dates also don't quite work for me: the distinction between the date and the headline can be rendered with a sharp distinction in font size, and colour, for example. The dates can use a proportional font, too, and alignment can be achieved by other means. The Google News search results can be an example of timestamped entries with tidy alignments and clear graphical distinction between the various elements. It must be that years ago I've read a cute book indroducing some typographic rules[1] and my mind's been corrupted since then. Ciao, Enrico [1] http://books.google.co.uk/books?id=n1AuwXafMO8C&printsec=frontcover&dq=the+non+designer's+design+book -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110206184932.5881.39128.reportbug@localhost
Re: Better visibility of "what can you do with Debian" on the Debian main page
On Tue, Apr 12, 2011 at 05:47:18PM +0200, Adrian von Bidder wrote:
> My proposal (which is orthogonal) is linking to applications, just to show
> that Debian is not just an operating system as defined on our title page
> ("set of basic programs and utilities that make your computer run.")
It seems odd not to see the AppStream project mentioned here: I think
that is the direction in which to focus these kinds of efforts:
http://www.enricozini.org/2011/debian/appinstaller2011/
I'm chiming in with a few links and comments, and I urge you to have a
good look because most of what you are talking about has been
prototyped, or at least standardised in a cross-distro way:
http://distributions.freedesktop.org/wiki/AppStream/Implementation
Although in AppStream you will see that the main point is to build an
application installer, as a precondition for that there is a need to
build standard ways of accessing extra useful information like
screenshots, various kinds of ratings, tags and user comments.
Those standards could and should be used to build all sorts of other
things, including fancy web-based application browsers:
http://www.enricozini.org/2011/debian/pkgshelf/
In fact, you can take the graph at
http://distributions.freedesktop.org/wiki/AppStream/Implementation
and replace 'Software Center' and 'PackageKit' with 'Website': this
gives you pretty much the architecture you need.
I suggest you do exactly that: you'll find code and people to talk to,
and it's a development effort that is likely to be shared with other
groups and built upon.
Ciao,
Enrico
--
GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini
signature.asc
Description: Digital signature
