> Can anyone provide me with examples of packages which are doing this
> in ways that you would consider appropriate? I would like to take a
When I was looking into this a while back, I found that the developers
reference [1] suggests looking at vim's packaging. If the package in
question uses de
positive spelling error
- Enable hardening flags
* Update dh compat to 10
Regards,
Bill Blough
On Tue, May 08, 2018 at 12:51:05AM +, Debian Bug Tracking System wrote:
> Date: Tue, 8 May 2018 02:49:25 +0200
> From: Adam Borowski
>
> One quite visible change is that the location of documentation has changed.
> This might be interesting to the user.
>
> Uploaded.
>
To be honest, I mis
ds version 4.1.4
- Update copyright format link to use https
* Lintian fixes
- Remove trailing whitespace from changelog
- Switch d/watch to use https
- Fix NOTICE file issues
- Remove unused override
Best regards,
Bill Blough
signature.asc
Description: PGP signature
he package with dget using this command:
dget -x
https://mentors.debian.net/debian/pool/main/x/xerces-c/xerces-c_3.2.0+debian-2.dsc
More information about xerces-c can be obtained from
https://xerces.apache.org/xerces-c
Changes since the last upload:
* Upload to unstable
Regard
Done. Thanks.
On Wed, Oct 25, 2017 at 09:08:22PM +0200, Tobias Frost wrote:
> Control: tags -1 moreinfo
>
> Hi Bill,
>
> On Tue, Oct 24, 2017 at 02:17:03PM -0400, Bill Blough wrote:
>
> > NOTE: Due to the SONAME change, this will require a transition.
>
re information about passwordsafe can be obtained from https://pwsafe.org/
Changes since the last upload:
* Add patch to fix test failure on 32-bit systems (forwarded)
Regards,
Bill Blough
signature.asc
Description: PGP signature
* Set dh compat to 10
* Patch: Fix test failures for parallel builds (forwarded)
Regards,
Bill Blough
signature.asc
Description: PGP signature
false positive spelling error
- Enable hardening flags
Regards,
Bill Blough
signature.asc
Description: PGP signature
On Thu, Feb 16, 2017 at 03:23:30PM -0500, Iban Eguia wrote:
> Debian by our package. As a summary, our package is written in Rust and
> currently requires java-jre as a dependency, since it also packages some Java
> projects we currently use for the analysis. All the project and dependencies
> we
On Wed, Dec 21, 2016 at 07:05:52AM +, Gianfranco Costamagna wrote:
> Hi
>
>
> a quick look seems to show a progress when removing debian/autoreconf file.
> http://debomatic-amd64.debian.net/distribution#unstable/xalan/1.11-6.1/buildlog
> G.
Yes, it looks like using debian/autoreconf with --s
On December 20, 2016 4:19:01 PM EST, Tobias Frost wrote:
>Uploaded!
>
>Tobi
Thanks!
On December 20, 2016 8:01:28 AM EST, Gianfranco Costamagna
wrote:
>
>what about bumping compat/debhelper level to 10, remove autoreconf from
>rules/control
>file?
>
>G.
That's causing the build to fail for some reason. I'll look into it.
Bill
nf
* Add bindnow hardening flag
* Add lintian override for doxygen's copy of jquery
* Build in release mode instead of debug mode. This works around
the assertion error reported in bug 783173.
* Remove and symlink duplicate files in examples (lintian fix)
Regards,
Bill Blough
On Mon, Dec 12, 2016 at 03:07:28AM +0500, Andrey Rahmatullin wrote:
> On Sun, Dec 11, 2016 at 12:03:56PM -0500, Bill Blough wrote:
> > > - Please remove the -dbg package in favour of the automatic dbgsym
> > > packages (https://wiki.debian.org/DebugPackage)
> >
>
On Sun, Dec 11, 2016 at 09:59:22PM +0100, Tobias Frost wrote:
>
> I did an test, seems so that adding this to d/rules would also have
> fixed it:
>
> export DEB_BUILD_MAINT_OPTIONS = hardening=+all
> export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic
> export DEB_LDFLAGS_MAINT_APPEND := -Wl,--as-n
On Sat, Dec 10, 2016 at 10:27:28AM +0100, Tobias Frost wrote:
> here's the review:
Thanks!
> Must-fixes:
> - Please remove the -dbg package in favour of the automatic dbgsym
> packages (https://wiki.debian.org/DebugPackage)
Done.
> - Please update to latest standard's version
Sorry, not sure h
hello can be obtained from https://soci.sourceforge.net
Changes since the last upload:
* Update build-depend to use default-libmysqlclient-dev (closes: #845909)
* Remove unneeded dh_clean override
Regards,
Bill Blough
for sure.
Regards,
Bill Blough
ve reproducibe-build.patch, which was applied upstream.
Regards,
Bill Blough
resh remaining patches
Regards,
Bill Blough
signature.asc
Description: Digital signature
standards version to 3.9.8 (no changes needed)
Regards,
Bill Blough
- End forwarded message -
On Tue, Apr 05, 2016 at 06:17:18PM +0200, Gianfranco Costamagna wrote:
> Hi Bill, unfortunately your package fails to build from source with
> -Wl,--as-needed flags
> (the default e.g. in Ubuntu).
>
> the attached patch fixes the issue, please let me know if I can upload it on
> Debian (of cours
e.org
Changes since the last upload:
Fixed logic error that caused the automated test suite to fail under certain
conditions on 32-bit systems
Regards,
Bill Blough
On Sat, Mar 19, 2016 at 11:07:02AM +, Mattia Rizzolo wrote:
> please "fix" the followings (I'm particularly bothered by
> d/s/included-binaries):
>
> * d/rules:
> + trailing whitespaces at line 5 and 15
> * debian/upstream-signing-key.pgp is kinda of deprecated place for the
> signature ke
bian/copyright (Lintian fix)
* Update lintian override for false positive
* Update standards version to 3.9.7 (no changes needed)
* Add upstream signing key and watch file pattern
Regards,
Bill Blough
va. Closes: #816021
* Updated standards version to 3.9.7 (no updates needed)
* Lintian fixes
Regards,
Bill Blough
On Wed, Oct 21, 2015 at 11:33:05PM +0200, Tobias Frost wrote:
> Hi Bill,
>
> srry, live got in between a bit..
No worries. I really appreciate you taking the time.
>
> Policy also says the you have to have "verbatim" copyright information,
> and this is understood that the information should a
On Tue, Oct 13, 2015 at 10:01:19PM +0200, Tobias Frost wrote:
>
> Looks good so far;
> I still need to complete copyright review, I'll let you know when I
> need something.
Thanks!
>
> PS: You removed the signing key on purpose? Why?
When upstream moved to Github, they stopped signing source p
On Fri, Sep 25, 2015 at 11:45:55PM +0200, Tobias Frost wrote:
> Control: owner -1 !
>
> Hi Bill,
>
> let me also take a look at xerces.
>
> As usual, my unsorted list of observations:
>
> - Please rebase your package to the latest version in Debian, to
> include the NMU (3.1.1-5.1) from Salvat
On Fri, Sep 25, 2015 at 10:38:14PM +0200, Tobias Frost wrote:
> > Issues with the translation files - When the .mo files get generated,
> > the .po files get updated with a new timestamp, causing repeat builds from
> > the same source to fail the dpkg-source check.
>
> That's ugly and I guess sho
Thanks so much for all the feedback.
On Wed, Sep 23, 2015 at 11:03:01PM +0200, Tobias Frost wrote:
>
> - d/source/options: Why do you have the option diff-ignore?
Issues with the translation files - When the .mo files get generated, the .po
files get updated with a new timestamp, causing repeat
Thanks for your review.
I normally use uscan, so I haven't really thought about get-orig-source. But
it seems like a good idea- I'll look into adding it.
As for sf.net vs github, the project is in the process of changing hosting.
The old repo has commits disabled and all new development is bein
e/passwordsafe
Alternatively, one can download the package with dget using this command:
dget -x
http://mentors.debian.net/debian/pool/main/p/passwordsafe/passwordsafe_0.95.1+dfsg-1.dsc
More information about passwordsafe can be obtained from http://www.pwsafe.org
Regards,
Bill Blough
Based on Tobias' feedback, I have repackaged with his work as a base.
I have re-uploaded the new package to mentors.d.n
The links are the same as before:
URL: http://mentors.debian.net/package/soci
dget command:
dget -x http://mentors.debian.net/debian/pool/main/s/soci/soci_3.2.3-1.dsc
Bill
On Wed, Jun 03, 2015 at 02:41:08PM +0200, Tobias Frost wrote:
> Quoting Bill Blough :
>
> I suggest that you base your work on my repository. (link to the repository
> is in the ITP).
You raise some good points. I did some of what you suggest, but didn't go as
far with it
existed in the archive, but was removed several
years ago due to maintainer request and a mostly-dead upstream. Upstream
development has resumed, and my coworkers and I use this library often,
so I would like to reintroduce it to the archive and maintain it.
Regards,
Bill Bloug
On Thu, May 07, 2015 at 04:36:58PM -0300, Henrique de Moraes Holschuh wrote:
> On Tue, May 5, 2015, at 01:27, Bill Blough wrote:
> > * Added lintian overrides for issues that won't be fixed right now:
> > no-upstream-changelog, no-symbols-control-file, shlib-call
* Added lintian override for false positive (hardening)
* Build docs from scratch
* Repack upstream source to remove 3rd party libs and prebuilt docs per
policy
* Lintian cleanup - removed duplicate files, removed embedded jquery
Regards,
Bill Blough
signature.asc
Description: Digital signature
e/passwordsafe
Alternatively, one can download the package with dget using this command:
dget -x
http://mentors.debian.net/debian/pool/main/p/passwordsafe/passwordsafe_0.95.1+dfsg-1.dsc
More information about passwordsafe can be obtained from http://www.pwsafe.org
Regards,
On Fri, Nov 07, 2014 at 04:53:42PM +0100, basti wrote:
> Hello,
>
> I know that this can be a bit off-topic.
> When I try to build a package based on git and use
>
> git-buildpackage => docs are not include in deb-file.
> dpkg-buildpackage => docs ARE include in deb-file.
>
> dh_installdocs is
The previous upload to mentors.d.n expired due to inactivity, so the RFS was
automatically closed.
I have updated the package to the newest upstream version and have reuploaded
it to mentors.d.n, so I am reopening this RFS.
The package's page on mentors.d.n is:
http://mentors.debian.net/pac
On Tue, Oct 07, 2014 at 07:07:42PM -0400, Bill Blough wrote:
>
> Hi mentors,
>
The original submitter of the bug downgraded the severity himself so it's no
longer a decision I need to make. At least not right now.
Thanks again to Paul and Adam for your insights.
Bill
On Wed, Oct 08, 2014 at 02:12:30PM +0800, Paul Wise wrote:
> On Wed, Oct 8, 2014 at 2:08 PM, Bill Blough wrote:
>
> > Probably so. And while it's an intriguing idea to think about, in my
> > opinion
> > it defeats the purpose, since xalan is an xlst impleme
On Wed, Oct 08, 2014 at 12:21:57PM +0800, Paul Wise wrote:
> On Wed, Oct 8, 2014 at 11:40 AM, Bill Blough wrote:
>
> > That's an interesting thought. That would likely resolve the issue as
> > filed in
> > the bug report against the xalan executables. Howeve
On Wed, Oct 08, 2014 at 10:53:04AM +0800, Paul Wise wrote:
> That sounds of a potential denial of service vulnerability.
>
> How likely is it that Xalan would be used with untrusted stylesheets
> supplied by attackers?
In my opinion, people *shouldn't* be running untrusted stylesheets any more
th
Hi mentors,
I am the current maintainer for Xalan [1] and could use some feedback with
regard to a particular bug [2].
The bug is currently tagged grave severity due to the possibility of a
user-supplied stylesheet causing an out-of-memory condition (due to infinite
recursion) and crashing the
Hi folks,
It's been a couple of months since my initial RFS went out, but there haven't
been any volunteers. So I thought I'd ping again and see if anyone would be
willing to review/upload.
Thanks!
Bill
- Forwarded message from Bill Blough -
Date: Fri, 18 Apr 2014
ned from
http://www.pwsafe.org/
Regards,
Bill Blough
--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140418083059.ga15...@blough.us
It's been a few months since there was any activity on this, so I
thought I'd bring it up again in case anyone has recently acquired
some extra free time, or is otherwise interested.
Thanks,
Bill
Dear mentors,
I am looking for a sponsor for my package "amanda"
* Package name: amanda
I finally feel like the package is in a better shape to be uploaded now,
so I am reopening my RFS.
Here are the updated details:
* Package name: amanda
Version : 1:3.3.4-1
Upstream Author : Amanda Development Team
* URL : http://www.amanda.org
* License
On Thu, Jul 18, 2013 at 05:59:56PM -0700, Octavio Alvarez wrote:
> On Wed, 17 Jul 2013 20:08:50 -0700, Bill Blough wrote:
>
> That bit me too days ago. I just incremented the Debian version and
> uploaded the new version. That worked.
It's been worked around for now. I gu
On Thu, Jul 18, 2013 at 10:38:33PM +0200, bilibop project wrote:
> Not sure the answer to this question can solve the issue, but:
> Are you trying to upload the same package with the same version number ?
No, the current version was a -1 release and I've been trying to upload
a -2 release.
sign
On Thu, Jul 18, 2013 at 05:46:19AM -0400, Bill Blough wrote:
> On Thu, Jul 18, 2013 at 11:08:28AM +0200, Arno Töll wrote:
> > Bill, your package was rejected in lack of a signature. You should have
> > gotten that by mail, too:
> >
> > 2013-07-16 + 02:09:45,380 ER
On Thu, Jul 18, 2013 at 10:54:50AM -0430, PICCORO McKAY Lenz wrote:
> > i have the same problem when i upload a sources.. so then what i suppost
> to do?
You need to upload your public key on the "My Account" page of the
mentors website. And you need to sign your package using your private
key.
On Thu, Jul 18, 2013 at 11:08:28AM +0200, Arno Töll wrote:
> Bill, your package was rejected in lack of a signature. You should have
> gotten that by mail, too:
>
> 2013-07-16 + 02:09:45,380 ERROR [debexpo.importer.26427] Rejected:
> Your upload does not contain a valid signature. Output was:
On Thu, Jul 18, 2013 at 10:38:37AM +0200, Mathieu Malaterre wrote:
>
> You could:
>
> $ dcut --input xalan_1.11-2_source.changes
>
> If you do not want to wait another 6 hours.
I've tried that before and can't seem to get it to work. I *think* that
by not specifying mentors as the host it defa
On Thu, Jul 18, 2013 at 08:40:48AM +0200, Mathieu Malaterre wrote:
> I would either dput -f just in case. What is the exact message you are
> getting when uploading ?
If I don't wait long enough between uploads, then it errors because the
files are still in the upload directory. But I stumbled ac
I emailed support@mentors.d.n about this, but I since I haven't heard
back (and I have no idea how often that email queue is checked), I
figured I'd check here and see if anyone has suggestions.
Here's the short(-ish) version:
I had an upload rejected due to a signing key issue. I fixed that (I
I have two ITA packages, both with RFS bugs created.
Based on the review and comments on one package, I realized that the other
package needs a lot more work before uploading it. So, in hindsight, I
shouldn't have opened an RFS for it yet.
But since I did, what is the preferred way to handle th
On Tue, Jun 18, 2013 at 09:18:25AM +0200, Mathieu Malaterre wrote:
> Package looks pretty good. However I cannot build it a second time.
> Looks like the clean rule is missing something:
It looks like that problem is a result of the switch from using the
shipped configure script to regenerating i
Thanks Jakub!
On Mon, Jun 17, 2013 at 10:40:44PM +0200, Jakub Wilk wrote
> X: libxalan111: binary-file-built-without-LFS-support
> usr/lib/i386-linux-gnu/libxalan-c.so.111.0
> (It might be worth fixing upstream, but I'm not sure if opening
> files larger than 2GB is a realistic use-case for thi
w upstream release (1.11)
Update patches to apply to new version
Remove obsolete patches
Update package name and SONAME to match new version
Update Xerces dependency (2.x to 3.x)
Minor documentation install tweaks
Regards,
Bill Blough
signature.asc
Description: Digital signature
Regards,
Bill Blough
signature.asc
Description: Digital signature
64 matches
Mail list logo
