e
> > available.
> >
> > * add support for the non-free-firmware section in more places:
> > ftpsync, debian-cd and more.
> >
> > and I plan to start on some of those soon.
> >
> > [1] https://blog.einval.com/2022/04/19#firmware-what-do-we-do
> > [2] https://lists.debian.org/debian-devel/2022/04/msg00130.html
> > [3]
> > https://debconf22.debconf.org/talks/43-fixing-the-firmware-mess/
> > [4] https://incoming.debian.org/debian-buildd/dists/buildd-unstable
> > [5] https://lists.debian.org/debian-devel/2022/04/msg00214.html
> >
> > --
> > Steve McIntyre, Cambridge, UK.
> > st...@einval.com
> > You raise the blade, you make the change... You re-arrange me 'til
> > I'm sane...
>
> Thanks Steve for this going forward!
> (seconded.)
Looks great, thank you Steve - seconded.
--
Kind regards,
Luca Boccassi
signature.asc
Description: This is a digitally signed message part
On Sun, 12 Nov 2023 at 15:10, Santiago Ruano Rincón
wrote:
>
> Dear Debian Fellows,
>
> Following the email sent by Ilu to debian-project (Message-ID:
> <4b93ed08-f148-4c7f-b172-f967f7de7...@gmx.net>), and as we have
> discussed during the MiniDebConf UY 2023 with other Debian Members, I
> would l
On Sun, 12 Nov 2023 at 17:29, Scott Kitterman wrote:
> On November 12, 2023 5:09:26 PM UTC, Luca Boccassi wrote:
> >On Sun, 12 Nov 2023 at 15:10, Santiago Ruano Rincón
> > wrote:
> >>
> >> Dear Debian Fellows,
> >>
> >> Following
On Sun, 12 Nov 2023 at 17:35, Ilulu wrote:
>
> Am 12.11.23 um 18:09 schrieb Luca Boccassi:
> > We do know whether something is commercial or not though ...
>
> I sincerely doubt that. Just to illustrate this I'm citing a part (only
> a part) of one of the regulation
On Sun, 12 Nov 2023 at 17:47, Lisandro Damián Nicanor Pérez Meyer
wrote:
>
> Hi,
>
> On Sun, 12 Nov 2023 at 14:35, Ilulu wrote:
> >
> [snip]
> > (10a) For example, a fully decentralised development model, where no
> > single commercial entity exercises control over what is accepted into
> > the p
On Sun, 12 Nov 2023 at 18:11, Ilulu wrote:
> Am 12.11.23 um 19:01 schrieb Luca Boccassi:
> > Yes - if it's "made available on the market", which is in the first
> > bit that was snipped. Pushing a repository on Gitlab is not "making
> > available on the
On Mon, 13 Nov 2023 at 10:55, Aigars Mahinovs wrote:
>
> Let me pipe in here. I have been exposed quite a bit with EU legislation in
> the process of our fight against software patents back in 2012. The EU
> legislators are quite sensible when the underlying issues are clearly
> explained to th
On Mon, 13 Nov 2023 at 12:20, Simon Richter wrote:
>
> Hi,
>
> On 13.11.23 19:54, Aigars Mahinovs wrote:
>
> > So a commercial company releasing open source
> > software that is *not* part of their commercial activity (for example a
> > router manufacturer releasing an in-house written Git UI) wou
On Mon, 13 Nov 2023 at 12:57, Aigars Mahinovs wrote:
>
> True, the employment status is irrelevant. However, in this example Microsoft
> will actually have the liability of
> providing the security assurances and support for systemd and related
> systems, because they are providing
> images of s
002473-ASW_EN.html
(2) Debian Social Contract No. 2, 3 and 4
https://www.debian.org/social_contract
- GENERAL RESOLUTION ENDS -
--
Kind regards,
Luca Boccassi
signature.asc
Description: This is a digitally signed message part
On Wed, 15 Nov 2023 at 06:23, Lucas Nussbaum wrote:
>
> On 15/11/23 at 00:49 +, Luca Boccassi wrote:
> > What do you think? Here's what I came up with:
>
> Hi,
>
> FWIW, I would likely second something along those lines. Some comments:
>
> > The
On Wed, 15 Nov 2023 at 12:59, Santiago Ruano Rincón
wrote:
>
> El 15/11/23 a las 00:49, Luca Boccassi escribió:
> > On Sun, 2023-11-12 at 12:10 -0300, Santiago Ruano Rincón wrote:
> > > Dear Debian Fellows,
> > >
> > > Following the email sent by Ilu to debi
On Wed, 15 Nov 2023 at 13:53, Lucas Nussbaum wrote:
>
> On 15/11/23 at 11:38 +, Luca Boccassi wrote:
> > On Wed, 15 Nov 2023 at 06:23, Lucas Nussbaum wrote:
> > >
> > > On 15/11/23 at 00:49 +, Luca Boccassi wrote:
> > > > What do you think?
ropa.eu/doceo/document/E-9-2023-002473-ASW_EN.html
(2) Debian Social Contract No. 2, 3 and 4
https://www.debian.org/social_contract
- GENERAL RESOLUTION ENDS -
--
Kind regards,
Luca Boccassi
signature.asc
Description: This is a digitally signed message part
On Sun, 19 Nov 2023 at 00:21, Sam Hartman wrote:
>
> > "Bart" == Bart Martens writes:
> >>
> >> * A commercial company writes free-software that for all
> >> practical purposes can be used only for access to their
> >> proprietary web service. I'd rather not allow arguments a
t;
There are many such problems with the proposed text. An alternative
text that aims to solve them is currently looking for seconds:
https://lists.debian.org/debian-vote/2023/11/msg00065.html
--
Kind regards,
Luca Boccassi
signature.asc
Description: This is a digitally signed message part
nately time available is limited by the GR process.
--
Kind regards,
Luca Boccassi
signature.asc
Description: This is a digitally signed message part
On Tue, 21 Nov 2023 at 08:14, Thomas Goirand wrote:
>
> On 11/20/23 00:21, Luca Boccassi wrote:
> > Second version, taking into account feedback. Looking for seconds at
> > this point:
> >
> > - GENERAL RESOLUTION STARTS -
> >
> >
On Tue, 21 Nov 2023 at 16:46, Salvo Tomaselli wrote:
>
> In data martedì 21 novembre 2023 16:13:32 CET, Luca Boccassi ha scritto:
>
> > Microsoft was not happy with having to unbundle Bing and Edge from
> > Windows.
>
> It is still impossible to uninstall edge...
http
On Sun, 2023-11-19 at 23:21 +, Luca Boccassi wrote:
> Second version, taking into account feedback. Looking for seconds at
> this point:
Elbrus spotted a typo, fixed below - that's the only change, "taking
taking" -> "taking" in the second paragraph
On Wed, 22 Nov 2023 at 09:28, Bart Martens wrote:
>
> On Tue, Nov 21, 2023 at 09:14:05AM +0100, Thomas Goirand wrote:
> > I feel like we're getting trapped by big corp and their lobbying
> > power, and we need to use stronger words.
>
> Probably in a different way. I'd rather prefer Debian to defe
On Wed, 22 Nov 2023 at 20:35, Bart Martens wrote:
>
> On Wed, Nov 22, 2023 at 06:46:06PM +, Luca Boccassi wrote:
> > On Wed, 22 Nov 2023 at 09:28, Bart Martens wrote:
> > >
> > > On Tue, Nov 21, 2023 at 09:14:05AM +0100, Thomas Goirand wrote:
> > > >
On Fri, 8 Dec 2023 at 23:04, Bart Martens wrote:
>
> On Fri, Dec 08, 2023 at 10:06:45PM +0100, Lucas Nussbaum wrote:
> > Hi,
> >
> > On 08/12/23 at 21:58 +0100, Kurt Roeckx wrote:
> > > [ ] Choice 1: CRA and PLD proposals include regulations detrimental to
> > > FOSS
> > > [ ] Choice 2: The EU sh
On Sat, 30 Dec 2023 at 20:25, Florian Weimer wrote:
>
> * Paul Wise:
>
> > Does anyone have any more info about the changes?
>
> Isn't that the crux of the matter?
>
> It appears that everyone in the EU political process is withholding
> details, like the concrete text as it exists today. Selecti
On Thu, 4 Apr 2024 at 11:39, Andreas Tille wrote:
>
> Hi Marc,
>
> Am Wed, Apr 03, 2024 at 05:53:46PM +0200 schrieb Marc Haber:
> > On Wed, Apr 03, 2024 at 10:37:37AM +0200, Andreas Tille wrote:
> > "we now use Wayland
> > instead of X11", "please don't create your system users with adduser and
>
On Thu, 4 Apr 2024 at 13:40, Andreas Tille wrote:
>
> Hi Luca,
>
> Am Thu, Apr 04, 2024 at 12:47:11PM +0100 schrieb Luca Boccassi:
> > > > That's the price we currently pay for being not a commercial entity,
> > >
> > > I fully subscribe to t
On Thu, 4 Apr 2024 at 21:30, Salvo Tomaselli wrote:
>
> > In practical terms, it would probably be made easier if it was
> > mandatory for all packages to be on Salsa, either in the 'debian'
> > namespace or in a team namespace (but not under individual users).
>
> Realistically, even if you decid
On Fri, 5 Apr 2024 at 11:18, Andreas Tille wrote:
>
> Am Thu, Apr 04, 2024 at 02:41:00PM +0100 schrieb Luca Boccassi:
> > > Please don't get me wrong: I do not consider Fedora a commercial
> > > entity. I simply subscribe the statement that we are facing some
>
is dgit server seems to
just be a ye olde git-web interface. If this goes forward, in my
opinion it should exclusively use Salsa as the git server, to avoid
duplicating infrastructure. That way we have only one place to look at
for all git repos.
Kind regards,
Luca Boccassi
On Wed, 12 Jun 2024 at 02:31, Russ Allbery wrote:
>
> Luca Boccassi writes:
>
> > And on the implementation details, I really do not like the idea of
> > having a competing git forge with Salsa. This dgit server seems to just
> > be a ye olde git-web interface.
>
On Wed, 12 Jun 2024 at 10:14, Helmut Grohne wrote:
>
> On Wed, Jun 12, 2024 at 06:50:44AM +0200, Ansgar 🙀 wrote:
> > In addition it reintroduces trust in weak cryptographic hashes which
> > effort was spent to remove.
>
> Thanks for reminding. While I've seen arguments in favour of the
> weaknesse
On Wed, 12 Jun 2024 at 09:35, Jonas Smedegaard wrote:
>
> Quoting Luca Boccassi (2024-06-12 10:21:40)
> > On Wed, 12 Jun 2024 at 02:31, Russ Allbery wrote:
> > >
> > > Luca Boccassi writes:
> > >
> > > > And on the implementation details
On Wed, 12 Jun 2024 at 12:03, Jonas Smedegaard wrote:
>
> Quoting Luca Boccassi (2024-06-12 12:28:21)
> > On Wed, 12 Jun 2024 at 09:35, Jonas Smedegaard wrote:
> > >
> > > Quoting Luca Boccassi (2024-06-12 10:21:40)
> > > > On Wed,
On Wed, 12 Jun 2024 at 12:10, Ian Jackson
wrote:
>
> Luca Boccassi writes ("Re: [RFC] General Resolution to deploy tag2upload"):
> > On Wed, 12 Jun 2024 at 02:31, Russ Allbery wrote:
> > > Does it support gitweb? I thought it only supported regular Git
> >
On Wed, 12 Jun 2024 at 12:52, Ian Jackson
wrote:
>
> Luca Boccassi writes ("Re: [RFC] General Resolution to deploy tag2upload"):
> > As far as I can tell, from what was shared in these documents, the
> > security feature needed is an append-only repository, with safeg
On Wed, 12 Jun 2024 at 13:47, Jonas Smedegaard wrote:
>
> Quoting Luca Boccassi (2024-06-12 14:40:01)
> > On Wed, 12 Jun 2024 at 12:52, Ian Jackson
> > wrote:
> > >
> > > Luca Boccassi writes ("Re: [RFC] General Resolution to deploy
> > > tag
On Wed, 12 Jun 2024 at 14:15, Jonas Smedegaard wrote:
>
> Quoting Luca Boccassi (2024-06-12 14:55:13)
> > On Wed, 12 Jun 2024 at 13:47, Jonas Smedegaard wrote:
>
> [...]
>
> > > > > Luca Boccassi writes ("Re: [RFC] General Resolution to deploy
> >
On Wed, 12 Jun 2024 at 15:34, Ian Jackson
wrote:
>
> Luca Boccassi writes ("Re: [RFC] General Resolution to deploy tag2upload"):
> > And I think it is very much relevant, given the obvious end goal of
> > some individuals is to kill Salsa, which this proposal - as it s
On Wed, 12 Jun 2024 at 15:20, Jonas Smedegaard wrote:
>
> Quoting Luca Boccassi (2024-06-12 15:27:36)
> > On Wed, 12 Jun 2024 at 14:15, Jonas Smedegaard wrote:
> > > You apparently find it equally sensible, specifically as a security
> > > measure, a) apply ACLs o
On Wed, 12 Jun 2024 at 19:24, Russ Allbery wrote:
>
> "Adam D. Barratt" writes:
> > On Wed, 2024-06-12 at 10:43 -0700, Russ Allbery wrote:
>
> >> There was more confusion about this point than I had anticipated, so I
> >> want to emphasize that the dgit-repos server is not a forge, is not a
> >>
On Wed, 12 Jun 2024 at 17:46, Russ Allbery wrote:
>
> Luca Boccassi writes:
>
> > As per the security review just shared, admin access to Salsa allows
> > to push commits anyway which would get uploaded just the same,
>
> I'm not sure that I understand what
On Wed, 12 Jun 2024 at 21:32, Russ Allbery wrote:
>
> Luca Boccassi writes:
>
> > But you don't push to snapshot, it's just a backup method, it doesn't
> > take any input from DDs (AFAIK? Am I wrong?). Given
> > https://browse.dgit.debian.org/ exists a
On Wed, 12 Jun 2024 at 22:01, Joerg Jaspert wrote:
>
> On 17258 March 1977, Luca Boccassi wrote:
>
> >
> > "My security recommendation in this case is therefore to centralize
> > the risk as much as possible, moving it off of individual uploader
> > systems w
On Wed, 12 Jun 2024 at 22:08, Joerg Jaspert wrote:
>
> On 17258 March 1977, Luca Boccassi wrote:
>
> > And I think it is very much relevant, given the obvious end goal of
> > some individuals is to kill Salsa, which this proposal - as it stands
> > - would facilitate.
On Wed, 12 Jun 2024 at 22:26, Jonas Smedegaard wrote:
>
> Quoting Luca Boccassi (2024-06-12 22:00:04)
> > On Wed, 12 Jun 2024 at 15:20, Jonas Smedegaard wrote:
> > >
> > > Quoting Luca Boccassi (2024-06-12 15:27:36)
> > > > On Wed, 12 Jun 2024 at 14:
On Wed, 12 Jun 2024 at 22:35, Joerg Jaspert wrote:
>
> On 17258 March 1977, Luca Boccassi wrote:
>
> >> Whatever end goals some individuals may have is *NOT* a good base to
> >> decide on how a technical implementation for Debian should be.
>
> >> If it turn
On Thu, 13 Jun 2024 at 12:47, Ian Jackson
wrote:
>
> Andreas Tille writes ("Re: [RFC] General Resolution to deploy tag2upload"):
> > That means some package build process is done before the source
> > package is forwarded to dak and sends some e-mail back?
>
> Only a source package build.
As far
On Thu, 13 Jun 2024 at 14:49, Ian Jackson
wrote:
>
> Timo Röhling writes ("Re: [RFC] General Resolution to deploy tag2upload"):
> > Luca Boccassi [2024-06-13 14:23]:
> > >As far as I understand in the current proposal the trigger is a
> > >webhook
On Thu, 13 Jun 2024 at 14:34, Timo Röhling wrote:
>
> Hi,
>
> * Luca Boccassi [2024-06-13 14:23]:
> >As far as I understand in the current proposal the trigger is a
> >webhook running on Salsa after a push - have you considered instead
> >having the trigger be a
49 matches
Mail list logo
