apt-get install debian-wizard

Freexian’s report about Debian Long Term Support, April 2018

May 15, 2018 by Raphaël Hertzog Leave a Comment

A Debian LTS logo Like each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In March, about 183 work hours have been dispatched among 13 paid contributors. Their reports are available:

Abhijith PA did 5 hours (out of 10 hours allocated, thus keeping 5 extra hours for May).
Antoine Beaupré did 12h.
Ben Hutchings did 17 hours (out of 15h allocated + 2 remaining hours).
Brian May did 10 hours.
Chris Lamb did 16.25 hours.
Emilio Pozuelo Monfort did 11.5 hours (out of 16.25 hours allocated + 5 remaining hours, thus keeping 9.75 extra hours for May).
Holger Levsen did nothing (out of 16.25 hours allocated + 16.5 hours remaining, thus keeping 32.75 extra hours for May). He did not get hours allocated for May and is expected to catch up.
Hugo Lefeuvre did 20.5 hours (out of 16.25 hours allocated + 4.25 remaining hours).
Markus Koschany did 16.25 hours.
Ola Lundqvist did 11 hours (out of 14 hours allocated + 9.5 remaining hours, thus keeping 12.5 extra hours for May).
Roberto C. Sanchez did 7 hours (out of 16.25 hours allocated + 15.75 hours remaining, but immediately gave back the 25 remaining hours).
Santiago Ruano Rincón did 8 hours.
Thorsten Alteholz did 16.25 hours.

Evolution of the situation

The number of sponsored hours did not change. But a few sponsors interested in having more than 5 years of support should join LTS next month since this was a pre-requisite to benefit from extended LTS support. I did update Freexian’s website to show this as a benefit offered to LTS sponsors.

The security tracker currently lists 20 packages with a known CVE and the dla-needed.txt file 16. At two week from Wheezy’s end-of-life, the number of open issues is close to an historical low.

Thanks to our sponsors

New sponsors are in bold.

Platinum sponsors:

TOSHIBA (for 31 months)
GitHub (for 22 months)

Gold sponsors:

The Positive Internet (for 47 months)
Blablacar (for 46 months)
Linode (for 36 months)
Babiel GmbH (for 25 months)
Plat’Home (for 25 months)

Silver sponsors:

Domeneshop AS (for 46 months)
Université Lille 3 (for 46 months)
Trollweb Solutions (for 44 months)
Nantes Métropole (for 41 months)
Dalenys (for 37 months)
Univention GmbH (for 32 months)
Université Jean Monnet de St Etienne (for 32 months)
Ribbon Communications, Inc. (for 26 months)
maxcluster GmbH (for 20 months)
Exonet B.V. (for 16 months)
Leibniz Rechenzentrum (for 10 months)
Vente-privee.com (for 7 months)

Bronze sponsors:

David Ayers – IntarS Austria (for 47 months)
Evolix (for 47 months)
Offensive Security (for 47 months)
Seznam.cz, a.s. (for 47 months)
Freeside Internet Service (for 46 months)
MyTux (for 46 months)
Intevation GmbH (for 44 months)
Linuxhotel GmbH (for 44 months)
Daevel SARL (for 42 months)
Bitfolk LTD (for 41 months)
Megaspace Internet Services GmbH (for 41 months)
NUMLOG (for 41 months)
Greenbone Networks GmbH (for 40 months)
WinGo AG (for 40 months)
Ecole Centrale de Nantes – LHEEA (for 36 months)
Sig-I/O (for 33 months)
Entr’ouvert (for 31 months)
Adfinis SyGroup AG (for 28 months)
GNI MEDIA (for 23 months)
Laboratoire LEGI – UMR 5519 / CNRS (for 23 months)
Quarantainenet BV (for 23 months)
RHX Srl (for 20 months)
Bearstech (for 14 months)
LiHAS (for 14 months)
People Doc (for 11 months)
Catalyst IT Ltd (for 9 months)
Supagro (for 4 months)
Demarcq SAS (for 3 months)

My Free Software Activities in April 2018

May 7, 2018 by Raphaël Hertzog Leave a Comment

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donors (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

pkg-security team

I improved the packaging of openvas-scanner and openvas-manager so that they mostly work out of the box with a dedicated redis database pre-configured and with certificates created in the postinst. I merged a patch for cross-build support in mac-robber and another patch from chkrootkit to avoid unexpected noise in quiet mode.

I prepared an update of openscap-daemon to fix the RC bug #896766 and to update to a new upstream release. I pinged the package maintainer to look into the autopkgtest failure (that I did not introduce). I sponsored hashcat 4.1.0.

Distro Tracker

While it slowed down, I continued to get merge requests. I merged two of them for some newcomer bugs:

I reviewed a merge request suggesting to add a “team search” feature.

I did some work of my own too: I fixed many exceptions that have been seen in production with bad incoming emails and with unexpected maintainer emails. I also updated the contributor guide to match the new workflow with salsa and with the new pre-generated database and its associated helper script (to download it and configure the application accordingly). During this process I also filed a GitLab issue about the latest artifact download URL not working as advertised.

I filed many issues (#13 to #19) for things that were only stored in my personal TODO list.

Misc Debian work

Bug Reports. I filed bug #894732 on mk-build-deps to filter build dependencies to include/install based on build profiles. For reprepro, I always found the explanation about FilterList very confusing (bug #895045). I filed and fixed a bug on mirrorbrain with redirection to HTTPS URLs.

I also investigated #894979 and concluded that the CA certificates keystore file generated with OpenJDK 9 is not working properly with OpenJDK 8. This got fixed in ca-certificates-java.

Sponsorship. I sponsored pylint-plugin-utils 0.2.6-2.

Packaging. I uploaded oca-core (still in NEW) and ccextractor for Freexian customers. I also uploaded python-num2words (dependency for oca-core). I fixed the RC bug #891541 on lua-posix.

Live team. I reviewed better handling of missing host dependency on live-build and reviewed a live-boot merge request to ensure that the FQDN returned by DHCP was working properly in the initrd.

Thanks

See you next month for a new summary of my activities.

Freexian’s report about Debian Long Term Support, March 2018

April 16, 2018 by Raphaël Hertzog Leave a Comment

A Debian LTS logo Like each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In March, about 214 work hours have been dispatched among 13 paid contributors. Their reports are available:

Abhijith PA did 8 hours.
Antoine Beaupré did 9.75h.
Ben Hutchings did 15 hours (out of 15h allocated + 2 remaining hours, thus keeping 2 extra hours for April).
Brian May (second report) did 15.75 hours.
Chris Lamb did 18 hours.
Emilio Pozuelo Monfort did 12.5 hours (out of 17.5 hours allocated, thus keeping 5 extra hours for April).
Holger Levsen did 1.5 hours (out of 18 hours allocated, thus keeping 16.5 extra hours for April).
Hugo Lefeuvre did 35.5 hours (out of 17.5 hours allocated + 22.25 remaining hours, thus keeping 4.25 extra hours for April).
Markus Koschany did 23.25 hours.
Ola Lundqvist did 9.5 hours (out of 14 hours allocated + 5 remaining hours, thus keeping 9.5 extra hours for April).
Roberto C. Sanchez did 7.5 hours (out of 23.25 hours allocated, thus keeping 15.75 extra hours for April).
Santiago Ruano Rincón did 12 hours (out of 10 hours allocated + 2 remaining hours).
Thorsten Alteholz did 23.25 hours.

Evolution of the situation

The number of sponsored hours did not change.

The security tracker currently lists 31 packages with a known CVE and the dla-needed.txt file 26. Thanks to a few extra hours dispatched this month (accumulated backlog of a contributor), the number of open issues came back to a more usual value.

Thanks to our sponsors

New sponsors are in bold.

Platinum sponsors:

TOSHIBA (for 30 months)
GitHub (for 21 months)

Gold sponsors:

The Positive Internet (for 46 months)
Blablacar (for 45 months)
Linode (for 35 months)
Babiel GmbH (for 24 months)
Plat’Home (for 24 months)

Silver sponsors:

Domeneshop AS (for 45 months)
Université Lille 3 (for 45 months)
Trollweb Solutions (for 43 months)
Nantes Métropole (for 39 months)
Dalenys (for 36 months)
Univention GmbH (for 31 months)
Université Jean Monnet de St Etienne (for 31 months)
Ribbon Communications, Inc. (for 25 months)
maxcluster GmbH (for 19 months)
Exonet B.V. (for 15 months)
Leibniz Rechenzentrum (for 9 months)
Vente-privee.com (for 6 months)

Bronze sponsors:

David Ayers – IntarS Austria (for 46 months)
Evolix (for 46 months)
Offensive Security (for 46 months)
Seznam.cz, a.s. (for 46 months)
Freeside Internet Service (for 45 months)
MyTux (for 45 months)
Intevation GmbH (for 43 months)
Linuxhotel GmbH (for 43 months)
Daevel SARL (for 41 months)
Bitfolk LTD (for 40 months)
Megaspace Internet Services GmbH (for 40 months)
Greenbone Networks GmbH (for 39 months)
NUMLOG (for 39 months)
WinGo AG (for 39 months)
Ecole Centrale de Nantes – LHEEA (for 35 months)
Sig-I/O (for 32 months)
Entr’ouvert (for 30 months)
Adfinis SyGroup AG (for 27 months)
GNI MEDIA (for 22 months)
Laboratoire LEGI – UMR 5519 / CNRS (for 22 months)
Quarantainenet BV (for 22 months)
RHX Srl (for 19 months)
Bearstech (for 13 months)
LiHAS (for 13 months)
People Doc (for 10 months)
Catalyst IT Ltd (for 8 months)
Supagro (for 3 months)
Demarcq SAS

My Free Software Activities in March 2018

April 4, 2018 by Raphaël Hertzog Leave a Comment

Distro Tracker

I reviewed and merged 14 merge requests from multiple contributors:

Add unit tests to team-related views (Arthur Del Esposte)
Display component (main/contrib/non-free) of source package (Chirath R)
Add debci link in links panel (Lucas Kanashiro)
Use proper plural formal depending on the number of commits since last upload (James Clarke)
Support next parameter in login url to redirect after login (Chirath R)
Display transitive reverse dependencies in autoremoval action item (Lucas Kanashiro)
Fail gracefully when adding the same email twice into a team (Arthur Del Esposte)
Switch handling of britney’s excuses to use its YAML file instead of parsing the raw HTML (Pierre-Elliott Bécue and Christophe Siraut)
Use friendlier news URL that include the title (Arthur Del Esposte)
Accept trailing slash on news URL (Arthur Del Esposte)
Improve description of autoremoval action items by adding links to buggy dependencies (Arthur Del Esposte)
Refactoring: rename PackageExtractedInfos into PackageData (Pierre-Elliott Bécue)
Fix regression in UpdatesExcusesTask (Pierre-Elliott Bécue)
Add missing version to some long description of autoremovals action items (Pierre-Elliott Bécue)

On top of this, I updated the Salsa/AliothMigration wiki page with information about how to best leverage tracker.debian.org when you migrate to salsa.

I also filed a few issues for bugs or things that I’d like to see improved:

A few thoughts on how to redesign the “Task” mechanism
Failure in /accounts/confirm/*token* due to multiple authentication backends
Regression in UpdateExcusesTask (that got quickly fixed by Pierre Elliot Bécue, see above)

I also gave my feedback about multiple mockups prepared by Chirath R in preparation of his Google Summer of Code project proposal.

Security Tools Packaging Team

Following the departure of alioth, the new list that we requested on lists.debian.org has been created: https://lists.debian.org/debian-security-tools/

I updated (in the git repositories) all the Vcs-* and all the Maintainer fields of the packages maintained by the team.

I prepared and uploaded afflib 3.7.16-3 to fix RC bug #892599. I sponsored rhash 1.3.6 for Aleksey Kravchenko, ccrypt 1.10-5 for Alexander Kulak and ledger-wallets-udev 0.1 for Stephne Neveu.

Debian Live

This project also saw an unexpected resurgence of activity and I had to review and merge many merge requests:

It’s nice to see two derivatives being so active in upstreaming their changes.

Misc stuff

Hamster time tracker. I was regularly hit a by a bug leading to a gnome-shell crash (leading to a graphical session crash due to the design of wayland) and this time I decided that enough was enough so I started to dig in the code and did my best to fix the issues I encountered. During the month, I tested multiple versions and submitted three pull requests. Right now, the version in git is working fine for me. Still, it really smells of a bad design that mistakes in shell extensions can have such dramatic consequences.

Packaging. I forwarded #892063 to upstream in a new ticket. I updated zim to version 0.68 (final release replacing release candidate that I had already packaged). I filed #893083 suggesting that the hello source package should be a model for other packages and as such it should have a git repository hosted on salsa.debian.org.

Sponsorship. I sponsored pylint-django 0.9.4-1 for Joseph Herlant. I also sponsored urwid 2.0.1-1 (new upstream version), xlwt 1.3.0-1 (new version with python 3 support), elastalert 0.1.29-1 (new upstream release and RC bug fix) which have been updated for Freexian customers.

Thanks

See you next month for a new summary of my activities.

Individual reports

Evolution of the situation

Thanks to our sponsors

pkg-security team

Distro Tracker

Misc Debian work

Thanks

Individual reports

Evolution of the situation

Thanks to our sponsors

Distro Tracker

Security Tools Packaging Team

Debian Live

Misc stuff

Thanks

Tags

Recent Posts