Paul Wise | 24 Apr 04:57 2014
Picon

goals for hardening Debian: ideas and help wanted

Hi all,

I have written a non-exhaustive list of goals for hardening the Debian
distribution, the Debian project and computer systems of the Debian
project, contributors and users.

https://wiki.debian.org/Hardening/Goals

If you have more ideas, please add them to the wiki page.

If you have more information, please add it to the wiki page.

If you would like to help, please choose an item and start work.

--

-- 
bye,
pabs

http://wiki.debian.org/PaulWise
Barry Warsaw | 24 Apr 00:54 2014
Picon

Bug#745673: ITP: wheel -- PEP 427-based built-package format for Python

Package: wnpp
Severity: wishlist
Owner: Barry Warsaw <barry <at> debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

* Package name    : wheel
  Version         : 0.23.0
  Upstream Author : Daniel Holth <dholth <at> fastmail.fm>
* URL             : http://wheel.readthedocs.org/en/latest/
* License         : Expat/MIT
  Programming Lang: Python
  Description     : PEP 427-based built-package format for Python

A wheel is a ZIP-format archive with a specially formatted filename
and the .whl extension.  It is designed to contain all the files for a
PEP 376 compatible install in a way that is very close to the on-disk
format.  Many packages will be properly installed with only the
“Unpack” step (simply extracting the file onto sys.path), and the
unpacked archive preserves enough information to “Spread” (copy data
and scripts to their final locations) at any later time.

The wheel project provides a bdist_wheel command for setuptools. 

This package will be team maintained by the Debian Python Modules Team.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

(Continue reading)

Matthias Klose | 23 Apr 22:03 2014
Picon

Bug#745656: are binary-indep -dev packages really worth the space savings?

Package: general
Severity: important

looking at recent GCC uploads, I see install ability problems for the build
dependencies for GCC packages (triggered by libgcj build dependencies, gtk+2.0).
 I can't think of any value besides some minor space savings to have -dev
packages to be architecture independent.   If you really need some newer -dev
version you should be able to do this with an updated build dependency.

A source upload for a library always requires a rebuild on any architecture, so
there is no buildd time savings to make the -dev package architecture independent.

So why are people trying to optimize for space instead of turn-around-time?

Daniel Pocock | 23 Apr 19:22 2014

Bug#745640: ITP: hazelcast - distributed cache

Package: wnpp
Severity: wishlist
Owner: Daniel Pocock <daniel <at> pocock.pro>
X-Debbugs-CC: debian-java <at> lists.debian.org,debian-devel <at> lists.debian.org

(Would appreciate feedback from other Java users)

Brief: Hazelcast claims to be quite simple and powerful at the same
time.  Well documented.  Not using millions of dependencies from Maven,
all but two are already packaged.

Upstream:

  http://www.hazelcast.org

Source:

  https://github.com/hazelcast/hazelcast

License:

  Apache 2 License

Hazelcast is a clustering and highly scalable data distribution platform
for Java.

With its various distributed data structures, distributed caching
capabilities, elastic nature, memcache support, integration with Spring
and Hibernate and more importantly with so many happy users, Hazelcast
is feature-rich, enterprise-ready and developer-friendly in-memory data
(Continue reading)

Nico Schlömer | 23 Apr 17:07 2014
Picon

new netcdf packages: first review

Hi all,

as noted earlier, I'm working on moving the long-outdated netCDF
version in Debian <https://packages.debian.org/source/sid/netcdf>.
This is not entirely trivial since upstream as decided to split netcdf
in three separate packages, supporting C (the basis package), Fortran,
and C++.

I've been working with upstream to get some solid builds on dev/master
and put the result on

https://github.com/nschloe/debian-netcdfc
https://github.com/nschloe/debian-netcdff
https://github.com/nschloe/debian-netcdfcxx

As soon as the new version is released (we're not at rc3 I think, so
it should take much longer), I'll put it on alioth.

For now, please let me know if you spot some obvious mistakes in the builds.

Cheers,
Nico

Neil Williams | 23 Apr 16:18 2014
Picon

Bug#745627: ITP: django-testproject -- Django test project support

Package: wnpp
Severity: wishlist
Owner: Neil Williams <codehelp <at> debian.org>

* Package name    : django-testproject
  Version         : 0.1.2
  Upstream Author : Zygmunt Krynicki <zkrynicki <at> gmail.com>
* URL             : https://pypi.python.org/pypi/django-testproject
* License         : LGPL
  Programming Lang: Python
  Description     : Django test project support

 This package provides django test project support to
 make it easier to run application unit tests without
 testing other parts of django core.
 .
 Projects can use run_tests to specify which parts of
 the codebase listed in INSTALLED_APPLICATIONS will
 run unit tests.

https://git.linaro.org/lava/django-testproject.git

Paul Wise | 23 Apr 15:34 2014
Picon

Re: Glom DEBIAN packaging

This looks like the relevant part of the log file:

On Wed, 2014-04-23 at 14:21 +0200, Oscar Tark wrote:

> You need to install postgresql-server-dev-X.Y for building a server-side extension or libpq-dev for
building a client-side application.
> ./configure: line 19641: /pg_ctl: No such file or directory
> configure:19644: error: 
> The Postgres utilities could not be found. They are needed for
> self-hosting of Glom databases. Please make sure that Postgres
> is installed, and if necessary specify the correct directory
> explicitly with the --with-postgres-utils option.

--

-- 
bye,
pabs

http://wiki.debian.org/PaulWise
Gianfranco Costamagna | 23 Apr 10:10 2014
Picon

Question about binNMU and transition, how can this package NOT segfault?

Hi Debian Developers,

A while ago sdlgfx [1] package changed the API/ABI, and for this reason we started a transition from .23 to
.25 release

the new package has been uploaded on unstable (after two experimental releases), on
[2014-04-07] Accepted 2.0.25-3 in unstable (medium)

so after that time every package uploaded on debian has been built with the new soname.

Another package (just an example) is this one, gambas3 [2] that uses sdlgfx as B-D
that has been uploaded on unstable on
[2014-04-11] Accepted 3.5.2-2 in unstable (low)

So you might see that everything is correct, but (please correct me if I'm wrong)
I see TWO bugs:
-gambas3 reached testing prior to sdlgfx 2.0.25, so how can people installing it be sure the package won't
segfault for the library change?
-gambas3 has been uploaded on debian after TWO weeks in new queue, so the amd64 package has been built on
Date: Wed, 02 Apr 2014 16:23:48 +1100

the situation now is:
gambas3 for amd64 still uses the old sdlgfx
for other archs uses the new API/ABI,

it has reached testing for an unknown reason to me

[1] http://packages.qa.debian.org/s/sdlgfx.html
[2] http://packages.qa.debian.org/g/gambas3.html

(Continue reading)

David Mohr | 23 Apr 06:29 2014
Picon

Bug#745588: ITP: grub-choose-default -- A GUI for easily changing the default in grub2

Package: wnpp
Severity: wishlist
Owner: David Mohr <bugs <at> da.mcbf.net>

* Package name    : grub-choose-default
  Version         : 1.1
  Upstream Author : David Mohr <david <at> mcbf.net>
* URL             : http://de.mcbf.net/david/grubchoosedefault/
* License         : GPL
  Programming Lang: C
  Description     : A GUI for easily changing the default in grub2

A GUI for changing the default for grub2, either permanently or for the
next reboot only. It is specially useful for making one time excursion
to another OS and safely returning to the Debian homeland on the next
reboot. It can be considered a GUI version of grub-set-default and
grub-reboot.

I think it is feasible to maintain this package by myself: I am the
author, the package is fairly simple, and the grub config is not likely
to change frequently.

A while back I published Ubuntu packages at
https://launchpad.net/~bugs-da/+archive/grub-choose-default/ which I
would use as a basis for the Debian packages.

Florian Schlichting | 23 Apr 01:00 2014
Picon

Bug#745575: ITP: libplack-middleware-removeredundantbody-perl -- Plack::Middleware which sets removes body for HTTP response if it's not required

Package: wnpp
Owner: Florian Schlichting <fsfs <at> debian.org>
Severity: wishlist
X-Debbugs-CC: debian-devel <at> lists.debian.org,debian-perl <at> lists.debian.org

* Package name    : libplack-middleware-removeredundantbody-perl
  Version         : 0.03
  Upstream Author : Upasana <me <at> upasana.me>
* URL             : https://metacpan.org/release/Plack-Middleware-RemoveRedundantBody
* License         : Artistic or GPL-1+
  Programming Lang: Perl
  Description     : Plack::Middleware which removes an unnecessary HTTP response body

Plack::Middleware::RemoveRedundantBody is in some ways the opposite of
Plack::Middleware::FixMissingBodyInRedirect: it removes the body from HTTP
responses that do not require one.

Florian Schlichting | 23 Apr 00:21 2014
Picon

Bug#745572: ITP: libplack-middleware-methodoverride-perl -- Override REST methods to Plack apps via POST

Package: wnpp
Owner: Florian Schlichting <fsfs <at> debian.org>
Severity: wishlist
X-Debbugs-CC: debian-devel <at> lists.debian.org,debian-perl <at> lists.debian.org

* Package name    : libplack-middleware-methodoverride-perl
  Version         : 0.10
  Upstream Author : David E. Wheeler <david <at> kineticode.com>
* URL             : https://metacpan.org/release/Plack-Middleware-MethodOverride
* License         : Artistic or GPL-1+
  Programming Lang: Perl
  Description     : Plack::Middleware to override REST methods via POST

Plack::Middleware::MethodOverride provides a workaround for writing RESTful
Plack applications that also support web browsers. Using a header named
X-HTTP-Method-Override or a form action parameter named x-tunneled-method,
the REQUEST_METHOD key of the Plack environment hash will be replaced with
the specified value, allowing a POST request to be used in place of any the
other HTTP methods.


Gmane