Freexian Collaborators: Debian Contributions: DebConf 25 preparations, PyPA tools updates, Removing libcrypt-dev from build-essential and more! (by Anupa Ann Joseph)

Debian Contributions: 2025-04
Contributing to Debian
is part of Freexian s mission. This article
covers the latest achievements of Freexian and their collaborators. All of this
is made possible by organizations subscribing to our Long Term Support
contracts and consulting
services.
DebConf 25 Preparations, by Stefano Rivera and Santiago Ruano Rinc n
DebConf 25 preparations continue. In April,
the bursary team reviewed and ranked bursary applications. Santiago Ruano Rinc n
examined the current state of the conference s finances, to see if we could
allocate any more money to bursaries. Stefano Rivera supported the bursary
team s work with infrastructure and advice and added some metrics to assist
Santiago s budget review. Santiago was also involved in different parts of the
organization, including Content team matters, as reviewing the first of
proposals, preparing public
information
about the new Academic Track; or coordinating different
aspects of the Day trip activities and the Conference Dinner.
PyPA tools updates, by Stefano Rivera
Around the beginning of the freeze (in retrospect, definitely too late) Stefano
looked at updating setuptools
in the archive to 78.1.0. This brings support
for more comprehensive license expressions
(PEP-639), that people are expected to
adopt soon upstream. While the reverse-autopkgtests all passed, it all came with
some unexpected complications, and turned into a mini-transition. The new
setuptools
broke shebangs for scripts
(pypa/setuptools#4952).
It also required a bump of wheel
to 0.46 and wheel
0.46 now has a dependency
outside the standard library (it de-vendored packaging
). This meant it was no
longer suitable to distribute a standalone wheel.whl
file to seed into new
virtualenvs, as virtualenv
does by default. The good news here is that
setuptools
doesn t need wheel
any more, it included its own
implementation of the bdist_wheel
command, in 70.1. But the world hadn t
adapted to take advantage of this, yet. Stefano scrambled to get all of these
issues resolved upstream and in Debian:
pip
: Don t check for wheel when invoked with --no-use-pep517
(pypa/pip#13330), automatically do
--no-use-pep517
builds without wheel
(pypa/pip#13358, rejected).
virtualenv
: Don t include wheel
(pypa/virtualenv#2868) except on
Python 3.8
(pypa/virtualenv#2876) as pip
dropped Python 3.8 support in the same release that included #13330.
python3.13
: Update bundled setuptools in test.wheeldata
(python/cpython#132415).
python-cffi
: No need to install wheel any more
(python-cffi/cffi#165).
We re now at the point where python3-wheel-whl
is no longer needed in Debian
unstable, and it should migrate to trixie.
Removing libcrypt-dev
from build-essential
, by Helmut Grohne
The crypt
function was originally part of glibc
, but it got separated to
libxcrypt
. As a result, libc6-dev
now depends on libcrypt-dev
. This poses
a cycle during architecture cross bootstrap. As the number of packages actually
using crypt
is relatively small, Helmut
proposed removing
the dependency. He analyzed an archive rebuild kindly performed by Santiago Vila
(not affiliated with Freexian) and estimated the necessary changes. It looks
like we may complete this with modifications to less than 300 source packages in
the forky
cycle. Half of the bugs have been filed at this time. They are
tracked with libcrypt-*
usertags.
Miscellaneous contributions
- Carles uploaded a new version of simplemonitor.
- Carles improved the documentation of salsa-ci-team/pipeline regarding piuparts
arguments.
- Carles closed an FTBFS on gcc-15 on qnetload.
- Carles worked on Catalan translations using po-debconf-manager: reviewed 57
translations and created their merge requests in salsa, created 59 bug reports
for packages that didn t merge in more than 30 days. Followed-up merge requests
and comments in bug reports. Managed some translations manually for packages
that are not in Salsa.
- Lucas did some work on the DebConf Content and Bursary teams.
- Lucas fixed multiple CVEs and bugs involving the upgrade from bookworm to
trixie in ruby3.3.
- Lucas fixed a CVE in valkey in unstable.
- Stefano updated beautifulsoup4, python-authlib, python-html2text,
python-packaging, python-pip, python-soupsieve, and unidecode.
- Stefano packaged python-dependency-groups, a new vendored library in python-pip.
- During an afternoon Bug Squashing Party in Montevideo, Santiago uploaded a
couple of packages fixing RC bugs #1057226
and #1102487. The
latter was a sponsored upload.
- Thorsten uploaded new upstream versions of brlaser, ptouch-driver and
sane-airscan to get the latest upstream bug fixes into Trixie.
- Rapha l filed an upstream bug on
zim for a
graphical glitch that he has been experiencing.
- Colin Watson upgraded openssh to
10.0p1 (also known as
10.0p2),
and debugged various follow-up bugs. This included adding
riscv64 support to
vmdb2 in passing,
and enabling native wtmpdb support so that
wtmpdb last
now reports the correct tty for SSH connections.
- Colin fixed dput-ng s override option,
which had never previously worked.
- Colin fixed a security bug in debmirror.
- Colin did his usual routine work on the Python team: 21 packages upgraded to
new upstream versions, 8 CVEs fixed, and about 25 release-critical bugs fixed.
- Helmut filed patches for 21 cross build failures.
- Helmut uploaded a new version of
debvm
featuring a new tool
debefivm-create
to generate EFI-bootable disk images compatible with other tools such as libvirt
or VirtualBox
. Much of the work was prototyped in earlier months. This
generalizes mmdebstrap-autopkgtest-build-qemu
.
- Helmut continued reporting undeclared file conflicts and suggested package
removals from
unstable
.
- Helmut proposed build profiles for libftdi1
and gnupg2. To deal with recently added
dependencies in the architecture cross bootstrap package set.
- Helmut managed the /usr-move transition. He worked on ensuring that
systemd
would comply with Debian s policy.
Dumat continues to locate problems
here and there yielding discussion occasionally. He sent a patch for an upgrade
problem in zutils.
- Anupa worked with the Debian publicity team to publish Micronews and Bits
posts.
- Anupa worked with the DebConf 25 content team to review talk and event
proposals for DebConf 25.
PyPA tools updates, by Stefano Rivera
Around the beginning of the freeze (in retrospect, definitely too late) Stefano
looked at updating setuptools
in the archive to 78.1.0. This brings support
for more comprehensive license expressions
(PEP-639), that people are expected to
adopt soon upstream. While the reverse-autopkgtests all passed, it all came with
some unexpected complications, and turned into a mini-transition. The new
setuptools
broke shebangs for scripts
(pypa/setuptools#4952).
It also required a bump of wheel
to 0.46 and wheel
0.46 now has a dependency
outside the standard library (it de-vendored packaging
). This meant it was no
longer suitable to distribute a standalone wheel.whl
file to seed into new
virtualenvs, as virtualenv
does by default. The good news here is that
setuptools
doesn t need wheel
any more, it included its own
implementation of the bdist_wheel
command, in 70.1. But the world hadn t
adapted to take advantage of this, yet. Stefano scrambled to get all of these
issues resolved upstream and in Debian:
pip
: Don t check for wheel when invoked with --no-use-pep517
(pypa/pip#13330), automatically do
--no-use-pep517
builds without wheel
(pypa/pip#13358, rejected).
virtualenv
: Don t include wheel
(pypa/virtualenv#2868) except on
Python 3.8
(pypa/virtualenv#2876) as pip
dropped Python 3.8 support in the same release that included #13330.
python3.13
: Update bundled setuptools in test.wheeldata
(python/cpython#132415).
python-cffi
: No need to install wheel any more
(python-cffi/cffi#165).
We re now at the point where python3-wheel-whl
is no longer needed in Debian
unstable, and it should migrate to trixie.
Removing libcrypt-dev
from build-essential
, by Helmut Grohne
The crypt
function was originally part of glibc
, but it got separated to
libxcrypt
. As a result, libc6-dev
now depends on libcrypt-dev
. This poses
a cycle during architecture cross bootstrap. As the number of packages actually
using crypt
is relatively small, Helmut
proposed removing
the dependency. He analyzed an archive rebuild kindly performed by Santiago Vila
(not affiliated with Freexian) and estimated the necessary changes. It looks
like we may complete this with modifications to less than 300 source packages in
the forky
cycle. Half of the bugs have been filed at this time. They are
tracked with libcrypt-*
usertags.
Miscellaneous contributions
- Carles uploaded a new version of simplemonitor.
- Carles improved the documentation of salsa-ci-team/pipeline regarding piuparts
arguments.
- Carles closed an FTBFS on gcc-15 on qnetload.
- Carles worked on Catalan translations using po-debconf-manager: reviewed 57
translations and created their merge requests in salsa, created 59 bug reports
for packages that didn t merge in more than 30 days. Followed-up merge requests
and comments in bug reports. Managed some translations manually for packages
that are not in Salsa.
- Lucas did some work on the DebConf Content and Bursary teams.
- Lucas fixed multiple CVEs and bugs involving the upgrade from bookworm to
trixie in ruby3.3.
- Lucas fixed a CVE in valkey in unstable.
- Stefano updated beautifulsoup4, python-authlib, python-html2text,
python-packaging, python-pip, python-soupsieve, and unidecode.
- Stefano packaged python-dependency-groups, a new vendored library in python-pip.
- During an afternoon Bug Squashing Party in Montevideo, Santiago uploaded a
couple of packages fixing RC bugs #1057226
and #1102487. The
latter was a sponsored upload.
- Thorsten uploaded new upstream versions of brlaser, ptouch-driver and
sane-airscan to get the latest upstream bug fixes into Trixie.
- Rapha l filed an upstream bug on
zim for a
graphical glitch that he has been experiencing.
- Colin Watson upgraded openssh to
10.0p1 (also known as
10.0p2),
and debugged various follow-up bugs. This included adding
riscv64 support to
vmdb2 in passing,
and enabling native wtmpdb support so that
wtmpdb last
now reports the correct tty for SSH connections.
- Colin fixed dput-ng s override option,
which had never previously worked.
- Colin fixed a security bug in debmirror.
- Colin did his usual routine work on the Python team: 21 packages upgraded to
new upstream versions, 8 CVEs fixed, and about 25 release-critical bugs fixed.
- Helmut filed patches for 21 cross build failures.
- Helmut uploaded a new version of
debvm
featuring a new tool
debefivm-create
to generate EFI-bootable disk images compatible with other tools such as libvirt
or VirtualBox
. Much of the work was prototyped in earlier months. This
generalizes mmdebstrap-autopkgtest-build-qemu
.
- Helmut continued reporting undeclared file conflicts and suggested package
removals from
unstable
.
- Helmut proposed build profiles for libftdi1
and gnupg2. To deal with recently added
dependencies in the architecture cross bootstrap package set.
- Helmut managed the /usr-move transition. He worked on ensuring that
systemd
would comply with Debian s policy.
Dumat continues to locate problems
here and there yielding discussion occasionally. He sent a patch for an upgrade
problem in zutils.
- Anupa worked with the Debian publicity team to publish Micronews and Bits
posts.
- Anupa worked with the DebConf 25 content team to review talk and event
proposals for DebConf 25.
pip
: Don t check for wheel when invoked with --no-use-pep517
(pypa/pip#13330), automatically do
--no-use-pep517
builds without wheel
(pypa/pip#13358, rejected).virtualenv
: Don t include wheel
(pypa/virtualenv#2868) except on
Python 3.8
(pypa/virtualenv#2876) as pip
dropped Python 3.8 support in the same release that included #13330.python3.13
: Update bundled setuptools in test.wheeldata
(python/cpython#132415).python-cffi
: No need to install wheel any more
(python-cffi/cffi#165).libcrypt-dev
from build-essential
, by Helmut Grohne
The crypt
function was originally part of glibc
, but it got separated to
libxcrypt
. As a result, libc6-dev
now depends on libcrypt-dev
. This poses
a cycle during architecture cross bootstrap. As the number of packages actually
using crypt
is relatively small, Helmut
proposed removing
the dependency. He analyzed an archive rebuild kindly performed by Santiago Vila
(not affiliated with Freexian) and estimated the necessary changes. It looks
like we may complete this with modifications to less than 300 source packages in
the forky
cycle. Half of the bugs have been filed at this time. They are
tracked with libcrypt-*
usertags.
Miscellaneous contributions
- Carles uploaded a new version of simplemonitor.
- Carles improved the documentation of salsa-ci-team/pipeline regarding piuparts
arguments.
- Carles closed an FTBFS on gcc-15 on qnetload.
- Carles worked on Catalan translations using po-debconf-manager: reviewed 57
translations and created their merge requests in salsa, created 59 bug reports
for packages that didn t merge in more than 30 days. Followed-up merge requests
and comments in bug reports. Managed some translations manually for packages
that are not in Salsa.
- Lucas did some work on the DebConf Content and Bursary teams.
- Lucas fixed multiple CVEs and bugs involving the upgrade from bookworm to
trixie in ruby3.3.
- Lucas fixed a CVE in valkey in unstable.
- Stefano updated beautifulsoup4, python-authlib, python-html2text,
python-packaging, python-pip, python-soupsieve, and unidecode.
- Stefano packaged python-dependency-groups, a new vendored library in python-pip.
- During an afternoon Bug Squashing Party in Montevideo, Santiago uploaded a
couple of packages fixing RC bugs #1057226
and #1102487. The
latter was a sponsored upload.
- Thorsten uploaded new upstream versions of brlaser, ptouch-driver and
sane-airscan to get the latest upstream bug fixes into Trixie.
- Rapha l filed an upstream bug on
zim for a
graphical glitch that he has been experiencing.
- Colin Watson upgraded openssh to
10.0p1 (also known as
10.0p2),
and debugged various follow-up bugs. This included adding
riscv64 support to
vmdb2 in passing,
and enabling native wtmpdb support so that
wtmpdb last
now reports the correct tty for SSH connections.
- Colin fixed dput-ng s override option,
which had never previously worked.
- Colin fixed a security bug in debmirror.
- Colin did his usual routine work on the Python team: 21 packages upgraded to
new upstream versions, 8 CVEs fixed, and about 25 release-critical bugs fixed.
- Helmut filed patches for 21 cross build failures.
- Helmut uploaded a new version of
debvm
featuring a new tool
debefivm-create
to generate EFI-bootable disk images compatible with other tools such as libvirt
or VirtualBox
. Much of the work was prototyped in earlier months. This
generalizes mmdebstrap-autopkgtest-build-qemu
.
- Helmut continued reporting undeclared file conflicts and suggested package
removals from
unstable
.
- Helmut proposed build profiles for libftdi1
and gnupg2. To deal with recently added
dependencies in the architecture cross bootstrap package set.
- Helmut managed the /usr-move transition. He worked on ensuring that
systemd
would comply with Debian s policy.
Dumat continues to locate problems
here and there yielding discussion occasionally. He sent a patch for an upgrade
problem in zutils.
- Anupa worked with the Debian publicity team to publish Micronews and Bits
posts.
- Anupa worked with the DebConf 25 content team to review talk and event
proposals for DebConf 25.
wtmpdb last
now reports the correct tty for SSH connections.debefivm-create
to generate EFI-bootable disk images compatible with other tools such as libvirt
or VirtualBox
. Much of the work was prototyped in earlier months. This
generalizes mmdebstrap-autopkgtest-build-qemu
.unstable
.systemd
would comply with Debian s policy.
Dumat continues to locate problems
here and there yielding discussion occasionally. He sent a patch for an upgrade
problem in zutils.