[HN Gopher] Debian's "secret" sauce
___________________________________________________________________
Debian's "secret" sauce
Author : signa11
Score : 96 points
Date : 2024-10-25 01:48 UTC (3 days ago)
(HTM) web link (lwn.net)
(TXT) w3m dump (lwn.net)
| sbergjohansen wrote:
| Thanks, I had been wondering about that! Lots of good info in
| this article.
|
| Edit: The article is about Debian's packaging and distribution
| process.
| chasil wrote:
| "...when the developer does not have access to, say, a big-endian
| system to test with."
|
| Currently, the most accessible big-endian platform that I know of
| is the Raspberry Pi running NetBSD.
|
| https://wiki.netbsd.org/ports/evbarm/
| kev009 wrote:
| NetBSD's cross build system
| (http://www.netbsd.org/docs/guide/en/chap-build.html) is such a
| joy to use for odd systems like this. Lately I have been
| playing around with a Ubiquiti EdgeRouter-4 (Octeon MIPS64)
| which is also big endian. Great little platform for home
| routing and serving under BSD.
| ajb wrote:
| Wow I did not know that was still possible.
|
| Big-endian seems to be something of Thomasson[1] these days. I
| wonder if there is any real use case apart from testing code to
| see if it still runs on old machines.
|
| [1] https://en.m.wikipedia.org/wiki/Hyperart_Thomasson
| BLKNSLVR wrote:
| First time I've come across the Thomasson concept. Thanks for
| the reference and link.
| boricj wrote:
| Incidentally, this article on Debian tooling reminded me of a
| CICD experiment I did a couple of years ago.
|
| I worked on a Debian-based product which had a three stage
| Jenkins -> OBS (Debian packaging) -> OBS (images) CI pipeline
| that required modernization for various reasons. One option I
| submitted was to create a Jenkins plugin that exposed a Debian
| source repository as a multibranch pipeline, as a replacement for
| the second stage.
|
| The idea was to encode both a Debian source package's version and
| its binary build dependencies into the SCM revision seen by
| Jenkins. If either changed, Jenkins would've triggered a build
| automatically and if the binary package built was pushed back
| onto the source repository, the tree of dependent packages would
| be iteratively rebuilt.
|
| I made both a plugin prototype and a Jenkins test instance, using
| Aptly as a repository manager and a dead-simple Jenkinsfile as
| build instructions. It was quite an elegant setup that allowed
| one orchestrator to oversee all the stages of building that
| product, but it wasn't selected at the end due to too much
| uncertainty when compared to off-the-shelf solutions. Maybe I
| should write a blog article about it...
| VWWHFSfQ wrote:
| This is the distro that allowed one of their package maintainers
| to silence a valgrind warning by commenting-out some code that
| they didn't know or understand that resulted in generating only
| ~32,000(?) possible SSH keys
| jefftk wrote:
| Over a decade ago, and after asking about it on the OpenSSL
| mailing list, yes. I don't think it is much of a reason not to
| use Debian now.
|
| Characteristically good piece on this by Russ Cox:
| https://research.swtch.com/openssl
| rikthevik wrote:
| Does that invalidate the project's many years of good work?
| Which distro would you use instead?
| VWWHFSfQ wrote:
| It doesn't invalidate anything and I'll continue to use
| Debian forever. But let's not pretend there is any "secret
| sauce". It's all just the same wild west of FOSS like any
| other distro or big project.
| forty wrote:
| The secret sauce is so that, despite the huge size of the
| project, that kind of incident doesn't happen too often :)
| FridgeSeal wrote:
| > but "in Debian, we like to improve things" by "applying our own
| judgment" to the code.
|
| Mmhhmm, yes I'm sure you Know Better(tm) but maybe don't complain
| when you do this to yourself, and then it makes your life hard?
___________________________________________________________________
(page generated 2024-10-28 23:01 UTC)