Chris Lamb: Free software activities in September 2017
- Submitted a pull request to Quadrapassel (the Gnome version of Tetris) to start a new game when the pause button is pressed outside of a game. This means you would no longer have to use the mouse to start a new game. [...]
- Made a large number of improvements to AptFS my FUSE-based filesystem that provides a view on unpacked Debian source packages as regular folders including moving away from manual parsing of package lists [...] and numerous code tidying/refactoring changes.
- Sent a small patch to django-sitetree, a Django library for menu and breadcrumb navigation elements to not mask test exit codes from the surrounding shell. [...]
- Updated travis.debian.net, my hosted service for projects that host their Debian packaging on GitHub to use the Travis CI continuous integration platform to test builds:
- Add support for "sloppy" backports. Thanks to Bernd Zeimetz for the idea and ongoing testing. [...]
- Merged a pull request from James McCoy to pass DEB_BUILD_PROFILES through to the build. [...]
- Workaround Travis CI's HTTP proxy which does not appear to support SRV records. [...]
- Run debc from devscripts if the build was successful [...] and output the .buildinfo file if it exists [...].
- Fixed a few issues in local-debian-mirror, my package to easily maintain and customise a local Debian mirror via the DebConf configuration tool:
- Updated django-staticfiles-dotd, my Django staticfiles adaptor to concatentate static media in .d-style directories to support Python 3.x by using bytes objects (commit) and move away from monkeypatch as it does not have a Python 3.x port yet (commit).
- I also posted a short essay to my blog entitled "Ask the Dumb Questions" as well as provided an update on the latest Lintian release.
- Published a short blog post about how to determine which packages on your system are reproducible. [...]
- Submitted a pull request for Numpy to make the generated config.py files reproducible. [...]
- Provided a patch to GTK upstream to ensure the immodules.cache files are reproducible. [...]
- Within Debian:
- Updated isdebianreproducibleyet.com, moving it to HTTPS, adding cachebusting as well as keeping the number up-to-date.
- Submitted the following patches to fix reproducibility-related toolchain issues:
- Submitted a patch to fix a reproducibility issue in doit.
- Categorised a large number of packages and issues in the Reproducible Builds "notes" repository.
- Chaired our monthly IRC meeting. [...]
- Worked on publishing our weekly reports. (#123, #124, #125, #126 & #127)
reproducible-check is our script to determine which packages actually installed on your system are reproducible or not.
- Handle multi-architecture systems correctly. (#875887)
- Use the "restricted" data file to mask transient issues. (#875861)
- Expire the cache file after one day and base the local cache filename on the remote name. [...] [...]
diffoscope is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues.
- Filed an issue attempting to identify the causes behind an increased number of timeouts visible in our CI infrastructure, including running a number of benchmarks of recent versions. (#875324)
- New features:
- Bug fixes:
- Testing:
- Misc:
strip-nondeterminism is our tool to remove specific non-deterministic results from a completed build.
disorderfs is our FUSE-based filesystem that deliberately introduces non-determinism into directory system calls in order to flush out reproducibility issues.
- Add a simple autopkgtest. [...]
- Add 4.1.1 as a supported Standards-Version. (#875509)
- Warn about Django libraries that do not depend on Django itself. (#877292)
- Add a --list-tags option to print all tags Lintian knows about. (#779675)
- Prevent false positives in copyright-year-in-future when matching URLs, the Tcl license (#876360) and "meta" statements such as "Original Author" (#873323).
- Ensure that missing-build-dependency-for-dh_-command is not emitted for dh-strip-nondeterminism at Debhelper compatbility level 10. (#876443)
- Also ignore lines that self-reference "typo" when checking for spelling-error-in-changelog.
- Avoid false positives in missing-source checks for "CSS Browser Selector". (#874381)
- Clarify explanation of description-starts-with-leading-spaces tag. (#849622)
- Check for packages including ?rev=0&sc=0 in Vcs-Browser. (#681713)
- Drop problematic missing-classpath check. (#857123)
- Correct grammar and punctuation in the description of node-package-install-in-nodejs-rootdir.
- Recognise autopkgtest-pkg-octave as a valid test suite. (#875985)
- Update the description of unknown-testsuite to reflect that autopkgtest is not the only valid value. (#876003)
- Apply patch from Guillem Jover to add more package section mappings. (#874121)
- Update the data/fields/perl-provides and data/fields/virtual-packages files from the archive; the latter fixes a false positive in bacula-director. (#835120)
- Apply a patch from Jakub Wilk to prevent test failures on armhf/arm64, etc. (#877147)
- Apply patch from Gianfranco Costamagnato fix a failing LFS test on 32-bit architectures. (#876343)
- Apply patches from Guillem Jover & Boud Roukema to improve the description of the binary-file-built-without-LFS-support tag. (#874078)
- Correct Depends of python2.7 python3 in Python 3 test package.
- Update private/generate-tag-summary to ensure that git-describe(1) will always emit 7 hexadecimal digits as the abbreviated object name, use deb.debian.org as the default mirror, and update the remote locations of Contents-<arch> files.
- debconf: Please add a context manager to debconf.py. (#877096)
- nm.debian.org: Add pronouns to ALL_STATUS_DESC. (#875128)
- user-setup: Please drop set_special_users hack added for "the convenience of heavy testers". (#875909)
- postgresql-common: Please update README.Debian for PostgreSQL 10. (#876438)
- django-sitetree: Should not mask test failures. (#877321)
- charmtimetracker:
- "Frontdesk" duties, triaging CVEs, etc.
- Documented an example usage of autopkgtests to test security changes.
- Issued DLA 1084-1 and DLA 1085-1 for libidn and libidn2-0 to fix an integer overflow vulnerabilities in Punycode handling.
- Issued DLA 1091-1 for unrar-free to prevent a directory traversal vulnerability from a specially-crafted .rar archive. This update introduces an regression test.
- Issued DLA 1092-1 for libarchive to prevent malicious .xar archives causing a denial of service via a heap-based buffer over-read.
- Issued DLA 1096-1 for wordpress-shibboleth, correcting an cross-site scripting vulnerability in the Shibboleth identity provider module.
- python-django:
- redis:
- 4.0.2-1 New upstream release.
- 4.0.2-2 Update 0004-redis-check-rdb autopkgtest test to ensure that the redis.rdb file exists before testing against it.
- 4.0.2-2~bpo9+1 Upload to stretch-backports.
- aptfs (0.11.0-1) New upstream release, moving away from using /var/lib/apt/lists internals. Thanks to Julian Andres Klode for a helpful bug report. (#874765)
- lintian (2.5.53, 2.5.54) New upstream releases. (Documented in more detail above.)
- bfs (1.1.2-1) New upstream release.
- docbook-to-man (1:2.0.0-39) Tighten autopkgtests and enable testing via travis.debian.net.
- python-daiquiri (1.3.0-1) New upstream release.
- vimoutliner (0.3.4+pristine-9.3):
- bittornado (0.3.18-10.3):
- Make the build reproducible. (#796212).
- Add missing Build-Depends on dh-python.
- dtc-xen (0.5.17-1.1):
- Make the build reproducible. (#777322)
- Add missing Build-Depends on dh-python.
- dict-gazetteer2k (1.0.0-5.4):
- Make the build reproducible. (#776376).
- Override empty-binary-packagea Lintian warning to avoid dak autoreject.
- cgilib (0.6-1.1) Make the build reproducible. (#776935)
- dhcping (1.2-4.2) Make the build reproducible. (#777320)
- dict-moby-thesaurus (1.0-6.4) Make the build reproducible. (#776375)
- dtaus (0.9-1.1) Make the build reproducible. (#777321)
- fastforward (1:0.51-3.2) Make the build reproducible. (#776972)
- wily (0.13.41-7.3) Make the build reproducible. (#777360)
- clipit: Please choose a sensible startup default in "live" mode. (#875903)
- git-buildpackage: Please add a --reset option to gbp pull. (#875852)
- bluez: Please default Device "friendly name" to hostname without domain. (#874094)
- bugs.debian.org: Please explicitly link to packages,tracker .debian.org. (#876746)
- Requests for packaging: