June was the second month I contributed to Debian LTS under the Freexian umbrella. In total I spent ten hours working on:
Besides that I did CVE triaging of 17 CVEs to check if and how they affect oldoldstable security. The information provided by the Security team on these issues in data/CVE/list is an awesome help here. So I tried to be as verbose when triaging CVEs that weren't looked at for Wheezy or Jessie yet.
On non LTS time I patched our lts-cve-triage tool to allow to skip packages that are already in dla-needed.txt. This avoids wasting time on CVEs that were already triaged.
The first upload of new packages after TeX Live 2015 hit unstable. Against my expectations, the bugs didn’t come in in the thousands, more or less there were only some fixes necessary in the binary package, which lead to a few updates over the last week. This upload fixes an RC bug (missing replaces), and also takes a step further in the Debianization of the packages: I finally removed texconfig and texlinks programs, as they are not useful on Debian, and should actually not be used.
Besides a few other fixes, of course there was the usual chore of package updates.Updated packages
babel-french, biblatex-fiwi, biblatex-opcit-booktitle, c90, chemformula, chemgreek, cjkutils, ctex, curve2e, dozenal, eledmac, elements, enotez, garuda-c90, koma-script, l3build, latex, leadsheets, norasi-c90, pkuthss, poemscol, pstricks, pst-solides3d, siunitx, termmenu, texlive-scripts, tudscr, upmethodology, xindy.New packages
My primary work horse laptop is failing, and will need a replacement soon. The left 5 cm of the screen on my Thinkpad X230 started flickering yesterday, and I suspect the cause is a broken cable, as changing the angle of the screen some times get rid of the flickering.
My requirements have not really changed since I bought it, and is still as I described them in 2013. The last time I bought a laptop, I had good help from prisjakt.no where I could select at least a few of the requirements (mouse pin, wifi, weight) and go through the rest manually. Three button mouse and a good keyboard is not available as an option, and all the three laptop models proposed today (Thinkpad X240, HP EliteBook 820 G1 and G2) lack three mouse buttonsf. It is also unclear to me how good the keyboard on the HP EliteBooks are. I hope Lenovo have not messed up the keyboard, even if the quality and robustness in the X series have deteriorated since X41.
I wonder how I can find a sensible laptop when none of the options seem sensible to me? Are there better services around to search the set of available laptops for features? Please send me an email if you have suggestions.
Here's a simple guide for how I managed to bill one of my customers as is now mandated by law in Italy.Create a new virtualbox machine
I would never do any of this to any system I would ever want to use for anything else, so it's virtual machine time.
- I started virtualbox, created a new machine for Ubuntu 32bit, 8Gb disk, 4Gb RAM, and placed the .vdi image in an encrypted partition. The web services of Infocert's fattura-pa requires "Java (JRE) a 32bit di versione 1.6 o superiore".
- I installed Ubuntu 12.04 on it: that is what dike declares to support.
- I booted the VM, installed virtualbox-guest-utils, and de sure I also had virtualbox-guest-x11
- I restarted the VM so that I could resize the virtualbox window and have Ubuntu resize itself as well. Now I could actually read popup error messages in full.
- I changed the desktop background to something that gave me the idea that this is an untrusted machine where I need to be very careful of what I type. I went for bright red.
- apt-get install pcscd pcsc-tools opensc
- In virtualbox, I went to Devices/USB devices and enabled the smart card reader in the virtual machine.
- I ran pcsc_scan to see if it could see my smart card.
- I ran Firefox, went to preferences, advanced, security devices, load. Module name is "CRS PKCS#11", module path is /usr/lib/opensc-pkcs11.so
- I went to https://fattura-pa.infocamere.it/fpmi/service and I was able to log in. To log in, I had to type the PIN 4 times into popups that offered little explanations about what was going on, enjoying cold shivers because the smart card would lock itself at the 3rd failed attempt.
- Congratulations to myself! I thought that all was set, but unfortunately, at this stage, I was not able to do anything else except log into the website.
- I got the PDF with the setup instructions from here. Get it too, for a reference, a laugh, and in case you do not believe the instructions below.
- I went to https://www.firma.infocert.it/installazione/certificato.php, and saved the two certificates.
- Firefox, preferences, advanced, show certificates, I imported both CA certificates, trusted for everything, all my base are belong to them.
- apt-get install icedtea-plugin
- I went to https://fattura-pa.infocamere.it/fpmi/service and tried to sign. I could not: I got an error about invalid UTF8 for something or other in Firefox's stdandard error. Firefox froze and had to be killed.
- I removed icedtea so that I could use the site without firefox crashing.
- I installed DiKe For Ubuntu 12.04 32bit
- I ran dikeutil to see if it could talk to my smart card
- When signing with the website, I chose the manual signing options and downloaded the zip file with the xml to be signed.
- I got a zip file, unzipped it.
- I loaded the xml into dike.
- I signed it with dike.
- I got this error message: "nessun certificato di firma presente sul dispositivo di firma" and then this error message: "Impossibile recuperare il certificato dal dispositivo di firma". No luck.
- I went to https://www.pec.it/Download.aspx
- I downloaded ArubaSign for Linux 32 bit.
- Oh! People say that it only works with Oracle's version of Java.
- sudo add-apt-repository ppa:webupd8team/java
- apt-get update
- apt-get install oracle-java7-installer
- During the installation process I had to agree to also sell my soul to Oracle.
- tar axf ArubaSign*.tar*
- cd ArubaSing-*/apps/dist
- java -jar ArubaSign.jar
- I let it download its own updates. Another time I did not. It does not seem to matter: I get asked that question every time I start it anyway.
- I enjoyed the fancy brushed metal theme, and had an interesting time navigating an interface where every label on every icon or input field was truncated.
- I downloaded https://www.pec.it/documenti/Manuale_ArubaSign2_firma%20Remota_V03_02_07_2012.pdf to get screenshots of that interface with all the labels intact
- I signed the xml that I got from the website. I got told that I needed to really view carefully what I was signing, because the signature would be legally binding
- I enjoyed carefully reading a legally binding, raw XML file.
- I told it to go ahead, and there was now a .p7m file ready for me. I rejoiced, as now I might, just might actually get paid for my work.
Maybe fattura-pa would work with Oracle's Java plugin?
- I went to https://fattura-pa.infocamere.it/fpmi/service
- I got asked to verify java at www.java.com. I did it.
- I told FireFox to enable java.
- Suddenly, and while I was still in java.com's tab, I got prompted about allowing Infocert's applet to run: I allowed it to run.
- I also got prompted several times, still while the current tab was not even Infocert's tab, about running components that could compromise the security of my system. I allowed and unblocked all of them.
- I entered my PIN.
- Congratulations! Now I have two ways of generating legally binding signatures with government issued smart cards!
I shut down that virtual machine and I'm making sure I never run anything important on it. Except, of course, generating legally binding signatures as required by the Italian government.
Last month I started to track all the small Debian-related things that I do. My initial motivation was to be concious about how often I spend short periods of time working on Debian. Sometimes it’s during lunch breaks, weekends, first thing in the morning before regular work, after I am done for the day with regular work, or even during regular work, since I do have the chance of doing Debian work as part of my regular work occasionally.
Now that I have this information, I need to do something with it. So this is probably the first of monthly updates I will post about my Debian work. Hopefully it won’t be the last.
Upgrades to Jessie
I (finally) upgraded my two servers to Jessie. The first one, my home server, is a Utilite which is a quite nice ARM box. It is silent and consumes very little power. The only problem I had with it is that the vendor-provided kernel is too old, so I couldn’t upgrade udev, and therefore couldn’t switch to systemd. I had to force systemv for now, until I can manage to upgrade the kernel and configure uboot to properly boot the official Debian kernel.
On my VPS things are way better. I was able to upgrade nicely, and it is now running a stock Jessie system.
fixed https on ci.debian.net
pabs had let me know on IRC of an issue with the TLS certificate for ci.debian.net, which took me a few iterations to get right. It was missing the intermediate certificates, and is now fixed. You can now enjoy Debian CI under https .
Ruby 2.2 transition
I was able to start the Ruby 2.2 transition, which has the goal of switch to Ruby 2.2 on unstable. The first step was updating ruby-defaults adding support to build Ruby packgaes for both Ruby 2.1 and Ruby 2.2. This was followed by updates to gem2deb (0.18, 0.18.1, 0.18.2, and 0.18.3) and rubygems-integration . At this point, after a few rebuild requests only 50 out of 137 packages need to be looked at; some of them just use the default Ruby, so a rebuild once we switch the default will be enough to make it use Ruby 2.2, while others, specially Ruby libraries, will still need porting work or other fixes.
Updated the Chef stack
Bringing chef to the very latest upstream release into unstable was quite some work.
I had to update:
- ruby-columnize (0.9.0-1)
- ruby-mime-types (2.6.1-1)
- ruby-mixlib-log 1.6.0-1
- ruby-mixlib-shellout (2.1.0-1)
- ruby-mixlib-cli (1.5.0-1)
- ruby-mixlib-config (2.2.1-1)
- ruby-mixlib-authentication (1.3.0-2)
- ohai (8.4.0-1)
- chef-zero (4.2.2-1)
- ruby-specinfra (2.35.1-1)
- ruby-serverspec (2.18.0-1)
- chef (12.3.0-1)
- ruby-highline (1.7.2-1)
- ruby-safe-yaml (1.0.4-1)
In the middle I also had to package a new dependency, ruby-ffi-yajl, which was very quickly ACCEPTED thanks to the awesome work of the ftp-master team.
- Sponsored a upload of redir by Lucas Kanashiro
- chake, a tool that I wrote for managing servers with chef but without a central chef server, got ACCEPTED into the official Debian archive.
- vagrant-lxc , a vagrant plugin for using lxc as backend and lxc containters as development environments, was also ACCEPTED into unstable.
- I got the deprecated ruby-rack1.4 package removed from Debian
Today saw the release of PostgreSQL 9.5 Alpha 1. Packages for all supported Debian and Ubuntu releases are available on apt.postgresql.org:
deb http://apt.postgresql.org/pub/repos/apt/ YOUR_RELEASE_HERE-pgdg main 9.5
The package is also waiting in NEW to be accepted for Debian experimental.
Being curious which PostgreSQL releases have been in use over time, I pulled some graphics from Debian's popularity contest data:
Before we included the PostgreSQL major version in the package name, "postgresql" contained the server, so that line represents the installation count of the pre-7.4 releases at the left end of the graph.
Interestingly, 7.4 reached its installation peak well past 8.1's. Has anyone an idea why that happened?
A per-domain-listing is now also available here.DUCK challenge at DebConf15
After announcing DUCK in mid-june 2012, the number of source packages with issues is still somewhat stable around 1700. After a recent update of the curl libs, i also managed to get rid of 200 false positives, caused by SSL-verification issues, as can be seen here.
To speed things up a bit and lower the number of broken links, i hereby propose the following challenge:
The first 99 persons who fix at least 1 broken URL and upload the fixed package before end of DebConf15 will get an awesome "200 OK" DUCK-branded lighter at DebConf15!
The challenge starts right now!
I will try hard to not forget anyone who fixes packages (note the s ;-), but if you feel missed out, please contact me at DC15.
Also, please remember that this is not a valid excuse to NMU packages ;-).
This release has many important bug fixes, and everyone is recommended to upgrade. Of the many, one important fix is to, more reliably check for Device Mapper based devices, which is common these days with Crypt and LVM.
For the summary of changes to quote from git log:1.67 - Thu Jul 2 17:05:07 IST 2015 * Relax minimum window size to accomodate low res screens * Fix variable name to comply with our "constants" assuptions * Get more aggressive in power saving for Intel HD Audio * Account Device Mapper devices * Add swsusp freeze support * Switch battery-level-polling default to True * Detect ethernet carrier, early and relibaly * changes the boolean setting *_ACTIVATE_SATA_POWER to a customizable *_SATA_POLICY, with backward-compatible defaults and documentation Thanks Yuir D'Elia
PS: On a side note, over the years, Linux's power savings functionality has improved a lot, all thanks to its use in the mobile worlds. At the same time, because of more companies shipping drivers depending on external firmware, stability has become less reliable. And to add to that, bare functionality of devices typically ask for disabling, you know what, LPM.
So, at the end, the result is the same.Categories:
Last oktober I was involved on behalf of NUUG with recording the talks at MakerCon Nordic, a conference for the Maker movement. Since then it has been the plan to publish the recordings on Frikanalen, which finally happened the last few days. A few talks are missing because the speakers asked the organizers to not publish them, but most of the talks are available. The talks are being broadcasted on RiksTV channel 50 and using multicast on Uninett, as well as being available from the Frikanalen web site. The unedited recordings are available on Youtube too.
This is the list of talks available at the moment. Visit the Frikanalen video pages to view them.
- Evolutionary algorithms as a design tool - from art to robotics (Kyrre Glette)
- Make and break (Hans Gerhard Meier)
- Making a one year school course for young makers (Olav Helland)
- Innovation Inspiration - IPR Databases as a Source of Inspiration (Hege Langlo)
- Making a toy for makers (Erik Torstensson)
- How to make 3D printer electronics (Elias Bakken)
- Hovering Clouds: Looking at online tool offerings for Product Design and 3D Printing (William Kempton)
- Travelling maker stories (Øyvind Nydal Dahl)
- Making the first Maker Faire in Sweden (Nils Olander)
- Breaking the mold: Printing 1000’s of parts (Espen Sivertsen)
- Ultimaker — and open source 3D printing (Erik de Bruijn)
- Autodesk’s 3D Printing Platform: Sparking innovation (Hilde Sevens)
- How Making is Changing the World – and How You Can Too! (Jennifer Turliuk)
- Open-Source Adventuring: OpenROV, OpenExplorer and the Future of Connected Exploration (David Lang)
- Making in Norway (Haakon Karlsen Jr., Graham Hayward and Jens Dyvik)
- The Impact of the Maker Movement (Mike Senese)
Part of the reason this took so long was that the scripts NUUG had to prepare a recording for publication were five years old and no longer worked with the current video processing tools (command line argument changes). In addition, we needed better audio normalization, which sent me on a detour to package bs1770gain for Debian. Now this is in place and it became a lot easier to publish NUUG videos on Frikanalen.
Recently I saw the “Hash Sum mismatch” usually only when using “random” mirrors with e.g. httpredir.debian.org in apt’s sources.list, but with a static mirror such issues usually don’t exist anymore. A customer of mine has a Debian mirror and this issue wasn’t a problem there neither, until recently:
Since the mirror also includes packages provided to customers and the mirror needs to be available 24/7 we decided to provide another instance of the mirror and put those systems behind HAProxy (version 1.5.8-3 as present in Debian/jessie). The HAProxy setup worked fine and we didn’t notice any issues in our tests, until the daily Q/A builds randomly started to report failures:Failed to fetch http://example.org/foobar_amd64.deb Hash Sum mismatch
When repeating the download there was no problem though. This problem only appeared about once every 15-20 minutes with random package files and it affected only Debian/squeeze clients (wheezy and jessie aren’t affected at all). The problem also didn’t appear when directly accessing the mirrors behind HAproxy. We tried plenty of different options for apt (Acquire::http::No-Cache=true, Acquire::http::No-Partial=true,…) and also played with some HAProxy configurations, nothing really helped. With apt’s “Debug::Acquire::http=True” we saw that there really was a checksum failure and HTTP status code 102 (‘Processing‘, or in terms of apt: ‘Waiting for headers‘) seems to be involved. The actual problem between apt on Debian/squeeze and HAProxy is still unknown to us though.
While digging deeper into this issue is on my todo list yet, I found a way to avoid those “Hash Sum mismatch” failures: switch from http to https in sources.list. As soon as https is used the problem doesn’t appear anymore. I’m documenting it here just in case anyone else should run into it.
Well, there we are, trying to build another round of TeX Live packages for Debian, just to realize that the lintian error that should have been downgraded to warning (or removed) is still around, due to doubts about the license. Ok. Well, anyway, but what I found is even more funny:E: texlive-extra source: license-problem-non-free-img-lenna texmf-dist/doc/latex/reflectgraphics/lenna.jpg
which is about one of the most used images in images processing courses, Lenna:
Without comments, I just quote the lintian error … it is a whole lot of fun to read.
This image is a picture of Lena Söderberg, shot by photographer Dwight Hooker, cropped from the centerfold of the November 1972 issue of Playboy magazine.
According to Hutchison, Jamie (May–June 2001). “Culture, Communication, and an Information Age Madonna” (PDF). IEEE Professional Communication Society Newsletter 45 (3). (page 5 second column second paragraph), this image is distributable but not free.
Moreover, Lenna photo has been pointed to as an example of sexism in the sciences, reinforcing gender stereotypes.
Please use well known and free test image.
Please also submit md5sum, sha1sum, and sha256 of this file as a bug report for lintian.
How fortunate our generation is that we don’t have anything else to care about …
Anyway, back to rebuilding orig.tars, source packages, and binary packages!
I have just released version 1.10 of Obnam, my backup program. See the website at http://obnam.org for details on what it does. The new version is available from git (see http://git.liw.fi) and as Debian packages from http://code.liw.fi/debian, and uploaded to Debian, hopefully soon in unstable.
The NEWS file extract below gives the highlights of what's new in this version.Version 1.10, released 2015-07-01
Major bug fixes:
- Lars Wirzenius fixed the obnam backup command to lock the whole repository, the same way as obnam forget does, when it removes checkpoint generations. This means that during checkpoint removal, no other client can make a backup, which is unfortunate. To avoid that, set leave-checkpoints = yes in the configuration. That will prevent obnam backup from removing checkpoints.
Minor new features:
Lars Wirzenius added the obnam list-formats command to list all repository formats.
The default value for the upload-queue-size setting is now 1024, chosen based on some benchmarking made by Lars Wirzenius to balance speed and memory use.
An EXPERIMENTAL new repository format, green-albatross, as been introduced. It is not ready for actual use, and is only added so that its code doesn't diverge far from the main line of development.
Teemu Hukkanen reported that the Synology NAS device returns EACCES instead of ENOENT when user tries to remove a non-existent file. Obnam now copes with either error code.
python setup.py build no longer formats the manual page into plain text. This is now done in python setup.py docs instead. The latter is an optional build step, and probably only works on Debian.
obnam restore --to=DIR now requires that the directory DIR either doesn't exist, or it is empty when the restore starts. This is to prevent users from restore on top of a running system.
So recently I posted on twitter about a sudden gain in strength:
I have conquered pull-ups! On Saturday night I could do 1.5. Today I could do 11! (Chinups were always easy.) #fitness— Steve Kemp (@Stolen_Souls) June 15, 2015
To put that more into context I should give a few more details. In the past I've been using an assisted pull-up machine, which offers a counterweight to make such things easier.
When I started the exercise I assumed I couldn't do it for real, so I used the machine and set it on 150lb. Over a few weeks I got as far as being able to use it with only 80lb. (Which means I was lifting my entire body-weight minus 80lb. With the assisted-pullup machine smaller numbers are best!)
One evening I was walking to the cinema with my wife and told her I thought I'd be getting close to doing one real pull-up soon, which sounds a little silly, but I guess is pretty common for random men who are 40 as I almost am. As it happens there were some climbing equipment nearby so I said "Here see how close I am", and I proceeded to do 1.5 pullups. (The second one was bad, and didn't count, as I got 90% of the way "up".)
Having had that success I knew I could do "almost two", and I set a goal for the next gym visit: 3 x 3-pullups. I did that. Then I did two more for fun on the way out (couldn't quite manage a complete set.)
So that's the story of how I went from doing 1.5 pullus to doing 11 in less than a week. These days I can easily do 3x3, but struggle with more. It'll come, slowly.
So pull-up vs. chin-up? This just relates to which way you place your hands: palm facing you (chin-up) and palm way from you (pull-up).
Some technical details here but chinups are easier, and more bicep-centric.
Anyway too much writing. My next challenge is the one-armed pushup. However long it takes, and I think it will take a while, that's what I'm working toward.
Well 123-reg mostly I think you don't know how to do email.
It has been quite some time since I blogged on Planet Debian,so today, I just want to give some news to fellow Debian pals.
My involvment in Debian is still there. I'm probably less visible nowadays, but I'm still actively working on some packages, monotiring some i18n activities and doing work on D-I.
But, as you know, running has taken precedence nowadays and is still becoming a growing part of my life (along with my family, of course).
This year, I had a first "summit" running the "Vulcain" trail race in French "Massif Central" (mountains in Central France), which was 80km and 3000m positive climb race. It was run mostly in snow and with quite bad weather conditions, a good training for more difficult races. I completed it in about more than 12 hours, for a race that finally had less than 60% finishers.
Later on, most races were preparation races for the summer moutain races : I mostly ran three 50km trail races in the Paris and neighbourhood area. All of them were very good results with a good feeling. Some were run along with friends from the Kikourou.net web community, where I am now very active.
My training was also strongly increased wrt former years (yes that *is* possible), peaking at more than 500km during May, where I was mostly on holidays all month long (lucky man).
And now, the first Great Great Thing of the year is coming : La Montagn'hard, 110 kilometers, about 9000 meters positive climb, around Les Contamines, close to Mont-Blanc in French Alps.
That is a Big One, indeed. Technically more difficult than the TDS race I ran last August, during DebConf (120km, but "only" 7000 meters climb). Montagn'hard is indeed known as one of the most difficult moutain trail races in France.
I plan to complete it in about 29 hours....but that can indeed be 30, 32 or even 35, who knows what can happen? Given the very high temperatures over Europe this week (they'll peak at about 38°C on Saturday in the Alps), that will be an incredibly difficult challenge and we expect about only 40% finishers.
A live tracking will be available for thos who care at http://chrono.geofp.com/montagnhard2015/v3/. Wish me luck !
Next challenge will be end of August, with the "Echappee Belle" race : 144km and 10.000 meters positive climb, still in French Alps (Belledonne range, this time). About 48 hours, or even up to 55, two nights out.....harder and hopefully better, faster, stronger...:-)
Jo and I spent a few days in Sweden and had an awesome time! The main reason for being there was Leif and Maria's wedding way up north in Skellefteå. They cunningly organised their ceremony for the Midsummer weekend, which was an excellent plan - we had a full weekend of partying while we were there. :-)
We had some time to ourselves while we were there, so we wandered about a little and got to see some of the beautiful coastal countryside.
Then on the way home we stopped off in Umeå to visit Mattias Wadenstein (maswan) and his wife Melanie, and he showed me around some of the machines that he's been admining on behalf of Debian. Maybe I'm a sad geek, but I feel quite a bond with one of the machines there, pettersson.debian.org. It's the official CD build machine for Debian, and I've been responsible for thrashing it really hard for the last 5 years or so... :-)
The only downsides from the trip were the massive tiredness (midnight sun is pretty, but notconducive to sleep!) the mosquito bites and the nasty plague^Wcold that we picked up while we were there... Ah well. :-)
While I mentioned last September that I had failed to be selected for an H-1B and had been having discussions at DebConf about alternative employment, I never got around to elaborating on what I’d ended up doing.
Short answer: I ended up becoming a law student, studying for a Masters in Legal Science at Queen’s University Belfast. I’ve just completed my first year of the 2 year course and have managed to do well enough in the 6 modules so far to convince myself it wasn’t a crazy choice.
Longer answer: After Vello went under in June I decided to take a couple of months before fully investigating what to do next, largely because I figured I’d either find something that wanted me to start ASAP or fail to find anything and stress about it. During this period a friend happened to mention to me that the applications for the Queen’s law course were still open. He happened to know that it was something I’d considered before a few times. Various discussions (some of them over gin, I’ll admit) ensued and I eventually decided to submit an application. This was towards the end of August, and I figured I’d also talk to people at DebConf to see if there was anything out there tech-wise that I could get excited about.
It turned out that I was feeling a bit jaded about the whole tech scene. Another friend is of the strong opinion that you should take a break at least every 10 years. Heeding her advice I decided to go ahead with the law course. I haven’t regretted it at all. My initial interest was largely driven by a belief that there are too few people who understand both tech and law. I started with interests around intellectual property and contract law as well as issues that arise from trying to legislate for the global nature of most tech these days. However the course is a complete UK qualifying degree (I can go on to do the professional qualification in NI or England & Wales) and the first year has been about public law. Which has been much more interesting than I was expecting (even, would you believe it, EU law). Especially given the potential changing constitutional landscape of the UK after the recent general election, with regard to talk of repeal of the Human Rights Act and a referendum on exit from the EU.
Next year will concentrate more on private law, and I’m hoping to be able to tie that in better to what initially drove me to pursue this path. I’m still not exactly sure which direction I’ll go once I complete the course, but whatever happens I want to keep a linkage between my skill sets. That could be either leaning towards the legal side but with the appreciation of tech, returning to tech but with the appreciation of the legal side of things or perhaps specialising further down an academic path that links both. I guess I’ll see what the next year brings. :)
What happened about the reproducible builds effort this week:Toolchain fixes
Lunar submitted recently rebased patches to make the file order of files inside .deb stable.
Mattia Rizzolo started a discussion regarding the failure to build from source of subversion when -Wdate-time is added to CPPFLAGS—which happens when asking dpkg-buildflags to use the reproducible profile. SWIG errors out because it doesn't recognize the aforementioned flag.
akira discovered—while proposing a fix for simgrid—that CMake internal command to create tarballs would record a timestamp in the gzip header. A way to prevent it is to use the GZIP environment variable to ask gzip not to store timestamps, but this will soon become unsupported. It's up for discussion if the best place to fix the problem would be to fix it for all CMake users at once.Infrastructure-related work
Andreas Henriksson did a delayed NMU upload of pbuilder which adds minimal support for build profiles and includes several fixes from Mattia Rizzolo affecting reproducibility tests.
The following packages became reproducible after getting fixed:
- 0xffff/6.1-3 uploaded by Sebastian Reichel, original patch by Dhole.
- fusionforge/6.0-1 uploaded by Roland Mas and fixed upstream.
- geis/2.2.17-1 uploaded by Stephen M. Webb, original patch by akira.
- gramadoir/0.7-3 uploaded by Alastair McKinstry, original patch by Chris Lamb.
- ht/2.1.0-1 by Anton Gladky.
- ispell-fo/0.4.2-8 by Agustin Martin Domingo.
- ispell-gl/0.5-42 by Agustin Martin Domingo.
- libosmium by Bas Couwenberg.
- maven-dependency-analyzer/1.4-1 by Emmanuel Bourg.
- migrate/0.9.6-2 uploaded by Thomas Goirand, original patch by Juan Picca.
- mustache-java/0.8.17-3 by Miguel Landaeta.
- myspell-pt-br/20131030-6 by Agustin Martin Domingo.
- myspell.pt/20091013-9 by Agustin Martin Domingo.
- nss-wrapper/1.0.3-3 by Jakub Wilk.
- osmcoastline by Bas Couwenberg.
- osmium-tool/1.0.1-2 uploaded by Bas Couwenberg, original patch by Chris Lamb.
- python-gmpy2/2.0.5-1 by Martin Kelly.
- python-pathlib/1.0.1-2 uploaded by Frank Brehm, original patch by Reiner Herrmann
- python-pysaml2/2.4.0-2 uploaded by Thomas Goirand, original patch by Juan Picca.
- python-pysqlite2 uploaded by Joel Rosdahl, original patch by Juan Picca.
- python-scrapy/1.0.0-1 uploaded by Yaroslav Halchenko, original patch by Juan Picca.
- softcatala-spell/0.20111230b-9 by Agustin Martin Domingo.
- tempest/4-2 uploaded by Thomas Goirand, original patch by Juan Picca.
- tiptop/2.2-3 by Tomasz Buchert.
- ucl/1.03+repack-3 by Robert Luberda.
- welcome2l/3.04-26 by Robert Luberda.
- xuxen-eu-spell/0.4.20081029-11 by Agustin Martin Domingo.
- y-u-no-validate/2013052401-4 uploaded by Jakub Wilk, original patch by Chris Lamb.
Some uploads fixed some reproducibility issues but not all of them:
- camitk/3.4.0-2 by Emmanuel Promayon.
- mariadb-10.0/10.0.20-1 by Otto Kekäläinen.
- mathjax-docs/2.5+20150518-1 uploaded by Dmitry Shachnev, original patch by Juan Picca.
- wxwidgets3.0/3.0.2-2 by Olly Betts.
Untested uploaded as they are not in main:
Patches submitted which have not made their way to the archive yet:
- #789648 on apt-dater by Dhole: allow the build date to be set externally and set it to the time of the latest debian/changelog entry.
- #789715 on simgrid by akira: fix doxygen and patch CMakeLists.txt to give GZIP=-n for tar.
- #789728 on aegisub by Juan Picca: get rid of __DATE__ and __TIME__ macros.
- #789747 on dipy by Juan Picca: set documentation date for Sphinx.
- #789748 on jansson by Juan Picca: set documentation date for Sphinx.
- #789799 on tmexpand by Chris Lamb: remove timestamps, hostname and username from the build output.
- #789804 on libevocosm by Chris Lamb: removes generated files which include extra information about the build environment.
- #789963 on qrfcview by Dhole: removes the timestamps from the the generated PNG icon.
- #789965 on xtel by Dhole: removes extra timestamps from compressed files by gzip and from the PNG icon.
- #790010 on simbody by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790023 on stx-btree by akira: pass HTML_TIMESTAMP=NO to Doxygen.
- #790034 on siscone by akira: removes $datetime from footer.html used by Doxygen.
- #790035 on thepeg by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790072 on libxray-spacegroup-perl by Chris Lamb: set $Storable::canonical = 1 to make space_groups.db.PL output deterministic.
- #790074 on visp by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790081 on wfmath by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790082 on wreport by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790088 on yudit by Chris Lamb: removes timestamps from the build system by passing a static comment.
- #790122 on clblas by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790133 on dcmtk by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790139 on glfw3 by akira: patch for Doxygen timestamps further improved by James Cowgill by removing $datetime from the footer.
- #790228 on gtkspellmm by akira: set HTML_TIMESTAMP=NO in Doxygen configuration.
- #790232 on ucblogo by Reiner Herrmann: set LC_ALL to C before sorting.
- #790235 on basemap by Juan Picca: set documentation date for Sphinx.
- #790258 on guymager by Reiner Herrmann: use the date from the latest debian/changelog as build date
- #790309 on pelican by Chris Lamb: removes useless (and unreproducible) tests.
Version 24 was released on June 23rd in a hurry to fix an undefined variable introduced in the previous version. (Reiner Herrmann)
debbindiff now has a test suite! It is written using the PyTest framework (thanks Isis Lovecruft for the suggestion). The current focus has been on the comparators, and we are now at 93% of code coverage for these modules.
Several problems were identified and fixed in the process: paths appearing in output of javap, readelf, objdump, zipinfo, unsqusahfs; useless MD5 checksum and last modified date in javap output; bad handling of charsets in PO files; the destination path for gzip compressed files not ending in .gz; only metadata of cpio archives were actually compared. stat output was further trimmed to make directory comparison more useful.
Having the test suite enabled a refactoring of how comparators were written, switching from a forest of differences to a single tree. This helped removing dust from the oldest parts of the code.
Together with some other small changes, version 25 was released on June 27th. A follow up release was made the next day to fix a hole in the test suite and the resulting unidentified leftover from the comparator refactoring. (Lunar)Documentation update
Ximin Luo improved code examples for some proposed environment variables for reference timestamps. Dhole added an example on how to fix timestamps C pre-processor macros by adding a way to set the build date externally. akira documented her fix for tex4ht timestamps.Package reviews
94 obsolete reviews have been removed, 330 added and 153 updated this week.
Hats off for Chris West (Faux) who investigated many fail to build from source issues and reported the relevant bugs.
The next meeting will happen on Tuesday 2015-07-07 at 17:00 UTC.Misc.
Don't worry, they can't cope with our atmosphere.
Perhaps they are just playing dead. Don't turn your back if you see one.
Folks may want to use this alien in free software. The original photo is available on request. To the extent possible under law, I have waived all copyright and related or neighboring rights to this work. The alien has signed a model release. An email or a link to this page would be appreciated though.