Colin Watson: Free software activity in December 2024
Most of my Debian contributions this month were
sponsored by
Freexian, as well as one direct donation via
Liberapay (thanks!).
OpenSSH
I issued a bookworm
update
with a number of fixes that had accumulated over the last year, especially
fixing GSS-API key exchange which
was
quite
broken in bookworm.
base-passwd
A few months ago, the adduser maintainer started a discussion with me (as
the base-passwd maintainer) and the shadow maintainer about bringing all
three source packages under one team, since they often need to cooperate on
things like user and group names. I agreed, but hadn t got round to doing
anything about it until recently. I ve now officially moved it under team maintenance.
debconf
Gioele Barabucci has been working on eliminating duplicated code between
debconf and cdebconf, ultimately with the goal of migrating to cdebconf
(which I m not sure I m convinced of as a goal, but if we can make
improvements to both packages as part of working towards it then there s no
harm in that). I finally got round to reviewing and merging confmodule
changes in each of
debconf
and
cdebconf.
This caused an installer regression due
to a weirdness in cdebconf-udeb s packaging, which I fixed - sorry about that!
I ve also been dealing with a few patch submissions that had been in my
queue for a long time, but more on that next month if all goes well.
CI issues
I noticed and fixed a problem with
Restrictions:
needs-sudo
in autopkgtest.
I fixed broken aptly
images
in the Salsa CI pipeline.
Python team
Last month, I mentioned some progress on
sorting out the multipart vs. python-multipart name conflict in Debian
(#1085728), and said that I thought we d
be able to finish it soon. I was right! We got it all done this month:
- gavodachs
- matrix-synapse (uploaded by Andrej Shadura)
- Packaged multipart
- Converted python-wadllib to use the packaged version of multipart
- Made trac (build-)depend on python3-multipart, fixing build failures in trac-customfieldadmin and trac-wysiwyg
- audioread
- celery
- cloud-sptheme
- djangorestframework
- dominate
- fenics-basix (investigated and suggested a fix, although it hasn t yet been uploaded)
- ipykernel
- ipython
- jupyter-server (contributed upstream)
- mdp (contributed upstream)
- pastescript (contributed upstream)
- pypandoc (contributed upstream)
- python-aiosmtpd
- python-cheroot
- python-hjson
- python-miio
- python-pyramid
- python-trustme (uploaded by Robie Basak)
- rich (investigated and tested; uploaded by Sandro Tosi)
- supervisor
- tomopy
intersphinx_mapping
syntax which turned out to
still be in use by many packages in Debian. The fixes for this were
individually trivial, but there were a lot of them:
- alot
- dot2tex (contributed upstream)
- flask-paginate (contributed upstream)
- ipython
- klepto
- nose
- pathos
- pox
- ppft
- psycopg3
- pybindgen (contributed upstream)
- pyina
- pyrr (contributed upstream)
- pytest-mpi (contributed upstream)
- python-aiohttp-security (contributed upstream)
- python-aiohttp-session (contributed upstream)
- python-anyqt (contributed upstream)
- python-argon2
- python-cai (contributed upstream)
- python-django-analytical (contributed upstream)
- python-iptables (contributed upstream)
- python-nacl
- python-pygtrie
- python-proto-plus (contributed upstream)
- python-requests-toolbelt
- python-tinycss
- python-whoosh
- symmetrize (contributed upstream)
- vcr.py
- wtforms-components
- wtforms-test
- yoyo
- zope.deferredimport
- black
- datalad-next: #1080969 and #1088038 (contributed upstream)
- dipy (uploaded by Andreas Tille)
- pyfribidi
- pylibmc, fixing a build failure in cachelib
- pympress
- pytest-forked (contributed upstream)
- python-mongomock: c03f91b51048 and c485fb8fef23
- python-nox
- aioftp
- alot
- astroid
- buildbot
- cloudpickle (fixing a Python 3.13 failure)
- django-countries
- django-sass-processor
- djoser (fixing CVE-2024-21543)
- ipython
- jsonpickle
- lazr.delegates
- loguru (fixing a Python 3.13 failure)
- netmiko
- pydantic
- pydantic-core
- pydantic-settings
- pydoctor
- pygresql
- pylint (fixing Python 3.13 failures #1089758 and #1091029)
- pypandoc (fixing a Python 3.12 warning)
- python-aiohttp (fixing CVE-2024-52303 and CVE-2024-52304
- python-aiohttp-security
- python-argcomplete
- python-asyncssh
- python-click
- python-cytoolz
- python-jira (fixing a Python 3.13 failure)
- python-limits
- python-line-profiler
- python-mkdocs
- python-model-bakery
- python-pgspecial
- python-pyramid (fixing CVE-2023-40587)
- python-pythonjsonlogger
- python-semantic-release
- python-utils
- python-venusian
- pyupgrade
- pyzmq
- quart
- six
- sqlparse
- twisted
- vcr.py
- vulture
- yoyo
- zope.configuration
- zope.testrunner
twisted.internet.defer.returnValue
, realized it
was still used in many places in Debian, and went on a PR-filing spree
informed by codesearch to try to reduce
the future impact of such a change on Debian:
- foolscap
- gnome-keysign
- magic-wormhole
- matrix-synapse
- python-autobahn
- python-testtools
- python-treq
- tahoe-lafs: Inconclusive investigation
- txtorcon
make
--shuffle
(also see its
author s
explanation).
I fixed associated bugs in cccc (contributed
upstream), groff, and spectemu.
I backported an upstream patch to putty to fix undefined behaviour that
affected use of the small keypad .
I removed groff s Recommends: libpaper1
(#1091375,
#1091376), since it isn t currently all
that useful and was getting in the way of a transition to libpaper2. I
filed an upstream bug suggesting
better integration in this area.