[08:18] wgrant: hi again, I think the debian archive copy is genuinely lagging behind debian this time? :) [08:20] tjaalton: this time we have problems caused by Debian experimental dropping Sources.gz [08:20] cjwatson: ah, so it's causing mayhem everywhere :) [08:20] damn [08:21] tjaalton: I'll have to get the relevant debmirror patch backported and installed on iron; will look at that once I'm properly awake [08:22] ok no worries, I'll just wait [08:22] thanks [09:40] cjwatson: I heard archvsync is better than debmirror to mirror the debian archive, btw. (at least, zack is doing the move for the mirror under sources.d.n cause debmirror used to cause several annoyances) [09:40] mapreri: hi, debmirror upstream here [09:40] o/ [09:40] ok, maybe you have enough knowledge to fix it whatever troubles it might have :) [09:41] archvsync is certainly fundamentally simpler, but if you need any kind of per-suite selection then you need something in the class of debmirror not archvsync [09:42] (and to be fair I only recently took over debmirror, but ...) [09:42] I have a feeling ganneff might have fixed archvsync preemptively knowing he was going to break the world :> [09:42] debmirror handles xz now, it's just that the system where LP's Debian sync runs is on precise [09:44] I see, it was fixed only some months ago [09:45] cjwatson: btw, that fix is not even on xenial. [09:49] I know, I nagged the last merger a while back to see if I could steal the merge [09:49] I'm doing it now [09:50] Need to find some quality time to review the outstanding Ubuntu patch stack [09:51] yeah, that patch is huge. ok. thanks for sharing :) [10:44] hmm, even current debmirror is actually not too happy about mirroring experimental, let's see [12:48] how can PPAs get new keys? [12:49] trying to solve https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1558331 [12:49] Launchpad bug 1558331 in apt (Ubuntu) "After upgrading to apt 1.2.7 in Xenial, PPAs and most other third-party repositories become unusable with "The repository is insufficiently signed by key (weak digest)"" [Undecided,Confirmed] [12:49] icey: that's not about new keys, that's a dup of a Launchpad bug for which I pushed a branch for review a couple of days ago [12:50] cj great, sorry then [12:50] bug 1556666 [12:50] bug 1556666 in Launchpad itself "PPA (In)Release files use SHA1 digests for GPG signature" [High,In progress] https://launchpad.net/bugs/1556666 [12:52] wgrant: Could you please have a look at https://code.launchpad.net/~cjwatson/launchpad/digest-algo-sha512/+merge/289052, since this apparently just got urgent? [12:52] wgrant: We may need to think about a job that goes around re-signing all the existing Release files too [15:08] Existential question: can a package depend on itself in order to be built on Launchpad? [15:18] sidi: If it only needs a previous version of itself, then as long as it's been bootstrapped once in Ubuntu, that's allowed. [15:19] sidi: If it hasn't been bootstrapped yet, then we have some privileged mechanisms for doing that if need be for bootstrapping compilers and such. [15:19] sidi: Obviously best avoided if you have an alternative. [15:28] cjwatson, honestly no idea what boostrapped means. Basically i have a binary package with a library, Firejail, which requires GLib. GLib requires that library, and has a build-dep and dep on the binary package firejail. [15:28] cjwatson, when building a new version of firejail, I get multiple build errors because the .so for the library isnt found, which seems to indicate the build bot does not have a previous version of firejail installed [15:29] sidi: Uh, you're saying *GLib* requires this library? Are you sure? [15:29] cjwatson, the code itself is rather complicated but removing the firejail dependency in glib would be... hard. [15:29] cjwatson, it's a modified version, for my study. I'd have to copy/paste and modify a *lot* of code if i didnt include that library [15:29] Ah [15:29] sidi: Can you point me to a failing build? [15:30] cjwatson, https://launchpadlibrarian.net/248482506/buildlog_ubuntu-vivid-amd64.firejail_0.9.42-1_BUILDING.txt.gz lookup for libexechelperutils.so [15:31] firejail also has a very very non-standard build toolchain, and the firejail Ubuntu package doesnt separate bins and libraries as far as I can tell [15:31] So I could fix that, though if there is a more time-sensitive solution I'd rather go for that. [15:32] sidi: But the only bit of glib in your PPA that depends on firejail is libglib2.0-tests, which isn't installed here [15:32] sidi: Perhaps you simply put the firejail dependency in the wrong place in glib's control file, or perhaps need to add it to libglib2.0-dev's Depends, or similar [15:33] sidi: It should work if you actually put the dependency in a place that will be used :-) [15:36] cjwatson, this is very odd, it shouldn't be the case. all my glib packages depend on Firejail as far as I can tell. I will check my glib build and re-push it to make sure that's the case though... [15:36] will check if there is a debian/control not being properly updated from debian/control.in too... [15:50] sidi: The Packages file in your PPA disagrees with you :-) [15:50] at least for vivid [16:04] <_Groo_> hi/2 all [16:05] <_Groo_> could some kind soul take a look at https://answers.launchpad.net/launchpad/+question/288748 ? [16:08] _Groo_: done [16:09] <_Groo_> cjwatson: thank you sir, you are the best ^.^ [17:00] cjwatson, i'm not gonna argue with you, I can't possibly trust past-me for having packaged that stuff properly :p [17:14] icey: OK, so my branch from earlier plus https://code.launchpad.net/~cjwatson/launchpad/publish-distro-careful-release/+merge/289401 will hopefully let us deal with this. [17:17] yay cjwatson === mhall119 is now known as mhall119_canonic === mhall119_canonic is now known as mhall119_cct === mhall119_cct is now known as mhall119_CC === mhall119_CC is now known as mhall119_CCT === mhall119_CCT is now known as mhall119 === pavlushka_ is now known as pavlushka [21:32] cjwatson: Hum, I guess announcements for breaking changes aren't a thing :) [21:38] wgrant: of LP ? [21:39] lifeless: Of apt. [21:39] wgrant: ! [21:39] See backscroll, now rejects SHA-1 sigs. [21:39] nice .... [21:39] Not unreasonable in itself, but in a 0.0.1 increment and without warning... [21:39] I mean, it is thoroughly broken and all [21:45] it doesn't quite reject it, but the warning is confusable with an error by some users and some frontends [21:48] Ah, that's not so bad. [21:48] Do those frontends need bugs? [21:51] I understand apt .8 improves things; haven't checked details