Posts by dvzrv@chaos.social
(DIR) Post #AQLEjFU8K0qJNp9J3o by dvzrv@chaos.social
2022-12-06T20:51:20Z
0 likes, 0 repeats
@falktx I just unsubscribed from a lot of mailing lists and issue trackers. Makes mails much more managable again.Also big fan of server-side filtering to sort mails by type etc.
(DIR) Post #AQbRW8AKdCeaqqJyC0 by dvzrv@chaos.social
2022-12-14T16:30:01Z
0 likes, 0 repeats
@falktx LOL snap
(DIR) Post #AR58sCEI8JlFRHmMwi by dvzrv@chaos.social
2022-12-28T23:54:26Z
0 likes, 1 repeats
Wondered when #github mention based #spam would become a thing for me.Apparently today is the day! 🤮
(DIR) Post #ARLOUu1MNGUOSjQeem by dvzrv@chaos.social
2023-01-05T11:43:00Z
0 likes, 1 repeats
Maybe I suffer from confirmation bias , but my assumption in regards to (corporate or community led) projects developed on mailing lists by now is:* I will *never* get answers to any of my questions* Improvements for build or release process are ignored* Suggestions for improvements (e.g. test infrastructure, CI) are met with aggression#archlinux #packagerlife
(DIR) Post #AS54Rco7Nx7xMunX8K by dvzrv@chaos.social
2023-01-27T20:12:34Z
0 likes, 0 repeats
No DESTDIR support in the year 2023. 😭 Okay, no more #packaging for me today!#archlinux #packagerlife
(DIR) Post #ATzJwx5g1QXDopAvBI by dvzrv@chaos.social
2023-03-25T22:34:32Z
0 likes, 0 repeats
@nitrokey signing commits and tags in #git repositories. But probably signing packages for #archlinux even more so
(DIR) Post #AV9I47NjUDHGVQsNGq by dvzrv@chaos.social
2023-04-29T15:36:03Z
0 likes, 1 repeats
#Python 3.11 just reached the testing repositories.#ArchLinux #py311
(DIR) Post #AVxWYGBKo82UYv4fi4 by dvzrv@chaos.social
2023-05-23T19:32:49Z
0 likes, 1 repeats
Today's prize for worst #CVE handling goes to #ncurses for bulk releasing a huge patchset (http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56) for CVE-2023-29491 (probably(?), as it is never mentioned in the NEWS file...) instead of providing atomic patches for changes. Why do people not use git repositories properly, if they have them? 😭 For downstreams this is extremely painful to deal with.#ArchLinux #packagerlife
(DIR) Post #AXUMiSHAvVLxKd5yCW by dvzrv@chaos.social
2023-07-08T13:01:36Z
1 likes, 1 repeats
A couple of days ago #sequoia `sq` 0.31.0 has been released (https://gitlab.com/sequoia-pgp/sequoia-sq/-/tags/v0.31.0).This new version comes with a few usability improvements and a notable new feature (adding of subkeys), that are explained in more detail in this blog article: https://sequoia-pgp.org/blog/2023/07/05/202307-sq-commandline-improvements/#openpgp
(DIR) Post #AXgNziqA4nnJmiWFNo by dvzrv@chaos.social
2023-07-14T09:20:36Z
1 likes, 3 repeats
It seems we'll have a lot of "fun" with the #PyPi decision to remove signatures for sdist tarballs (https://blog.pypi.org/posts/2023-05-23-removing-pgp/) going forward.To scream into the void: Yes, PyPi, someone was using those signatures. Distro package maintainers secured user supply chains with it!I'm not looking forward to asking dozens of upstreams to host their signatures elsewhere (just stumbled across one case). Meanwhile #reproduciblebuilds is now broken for those packages.#ArchLinux #packagerlife #Python
(DIR) Post #AZ29T88DtxGd269om0 by dvzrv@chaos.social
2023-08-23T17:59:59Z
0 likes, 1 repeats
Yay, my #RFC about sources for #Python packaging has been merged.https://rfc.archlinux.page/0020-sources-for-python-packaging/#ArchLinux #PyPI
(DIR) Post #AZMXdRdAXi94SvHWxk by dvzrv@chaos.social
2023-09-02T16:01:00Z
0 likes, 0 repeats
Tales from the crypt:It seems #juce moved modules/juce_audio_plugin_client/utility/juce_CreatePluginFilter.h to modules/juce_audio_plugin_client/detail/juce_CreatePluginFilter.h between 7.0.5 and 7.0.7... (this of course breaks builds...)Come on... at least bump the minor version for something like this... 🙄Stuff based on juce is already terrible to maintain as is. It doesn't have to be made even harder by something like this.#ArchLinux #packagerlife
(DIR) Post #Abnp17S6rqyTsE9GVc by dvzrv@chaos.social
2023-11-14T09:33:31Z
0 likes, 0 repeats
I wrote a bit about my experience with applying for #funding 💰 for #ArchLinux related projects over the past years:https://sleepmap.de/2023/grants-for-operating-systems/#NextGenerationInternet #NGI #NLnet #ProtoTypeFund #SovereignTechFund #STF
(DIR) Post #AmOv8In9TIAa8B3R8C by dvzrv@chaos.social
2024-09-26T15:58:05Z
0 likes, 0 repeats
My talk "Boring Infrastructure: Building a secure signing environment" from #asg2024 is online:https://media.ccc.de/v/all-systems-go-2024-263-boring-infrastructure-building-a-secure-signing-environmentYou can find the slides for it at: https://pkgbuild.com/~dvzrv/presentations/all-systems-go-2024/#AllSystemsGo #OpenPGP #DigitalSignature #Signing #Berlin #Linux #ArchLinux #Signstar
(DIR) Post #AroHPdOM9UoWGXrtui by dvzrv@chaos.social
2025-03-06T09:48:17Z
1 likes, 0 repeats
#Bootstrap fun: #libassuan upgraded its symbols separately from its #soname in a patch-level release (with several months in between!)On #ArchLinux we had upgraded to the weird version that has a soname change but no symbol change.Since #pacman requires the library transitively via #gpgme, there now is no clean way to upgrade this without patching all consumers in some intermediate step. 🗑️ 🔥 (The staging build environment would otherwise have a broken pacman and thus not be functional).