/srv/irclogs.ubuntu.com/2011/11/03/#ubuntu-motu.txt

=== emma is now known as Em
=== nigelb_ is now known as nigelb
brodertumbleweed: i got back to my room and gave up on udd. when i rewrote the backport security/sru checker script in launchpadlib, it took me about 30 minutes and runs in 11 :)12:48
broderhttp://pastebin.ubuntu.com/727221/12:48
tumbleweedbroder: :)13:00
=== Quintasan_ is now known as Quintasan
=== bulldog98_ is now known as bulldog98
keesbroder: source or it didn't happen! ;)13:41
broderkees: http://paste.ubuntu.com/727242/13:41
broderi'm working on reformatting it to feed the output into harvest13:42
broderLaney: do you know why DEP-8 doesn't add any fields to the .dsc file?13:54
Laneydude13:55
LaneyI had never even looked at that page before this session13:55
tumbleweedangelabad: congrats :P20:26
angelabadtumbleweed, thanks! finally... :-D20:28
jdstrandbroder: re backport security/sru checker> oh! excellent, can you ping me when you start using it regularly?20:31
* jdstrand hugs broder :)20:31
tumbleweedjdstrand: he made that my problem... next on my todo list20:32
micahgheh20:32
* jdstrand hugs tumbleweed instead of broder 20:33
jdstrandbroder: ;)20:33
jdstrandtumbleweed: thanks!20:33
ajmitchlucky you20:33
jdstrandtumbleweed: so, would you mind pinging me when the backporters start using it regularly?20:33
tumbleweedjdstrand: I won't know that, but I can tell you when it's up20:46
=== yofel_ is now known as yofel
jdstrandtumbleweed: that would be great. thanks again20:59
broderjdstrand: did you see the preliminary output? it doesn't look like there are very many things that need to be re-backported21:11
broder(i've cleaned up some of the false positives since that edition of the code, but i don't think i've found any false negatives)21:12
broderand of the packages listed, quassel and clamav have already been handled, so that just leaves libvirt (jaunty->hardy), pidgin (intrepid->hardy), and tomcat6 (intrepid->hardy)21:14
broderand i think all of those will require some policy discussion from backports21:14
micahgbroder: any desktop backports for hardy can be ignored21:23
broderok, so we don't need to worry about pidgin, but we do need an answer for tomcat and libvirt21:24
brodergiven that they were backported from releases which are now desupported, i don't know what the right answer is. as a straw man, i propose reviving the security/SRU packages from the desupported releases as being no worse than what's in backports currently21:26
micahgright, you could also try to backport fixes from lucid if appropriate (or apply ones from hardy as appropriate)21:27
broderi'm concerned that creates more friction than is necessary21:27
broderi should probably check my backport-helper script and see if it will even agree to backport from a dead release...21:29
micahgwell, if want the backport properly patched, it would be necessary, if you want the path of least resistance, then you could just take what was done before21:29
broderbackports doesn't provide security support. we shouldn't get into the business of backporting security updates that aren't directly derived from the package that was originally backported21:30
brodertracking security/SRUs is already stretching that a good degree from what we've done traditionally21:30
brodervalid_series = set(s.name for s in lp.distributions['ubuntu'].series if s.active)> bah. too clever for my own good21:31
micahgright, it depends how much effort you want to put into it :)21:37
micahgI'd suggest showing them (maybe aggregated at the bottom), but flagging that they need extra patches from elsewhere (possibly surrounding supported releases)21:38
micahg*might need21:38
broderi'll leave them in the report. i'm planning to just spit out a machine-readable report and slurp that into harvest, and we can hide the ones we don't care about solving there21:42
=== jtechidna is now known as JontheEchidna

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!