[Pkg-privacy-maintainers] RFS: codecrypt, the post-quantum cryptography tool

Ximin Luo infinity0 at debian.org
Mon Apr 18 15:20:45 UTC 2016


Miroslav Kratochvil:
> Hello,
> 
> I must apologize for a bit of delay, a heap of other work came and
> codecrypt had to wait.
> 
> The "pure" separated gbp repo is here --
> https://github.com/exaexa/codecrypt-debian
> I hope it is usuable (at least gbp doesnt complain about anything) -- if it
> looks okay, I'll create an account on alioth and push it there.
> 
> Package with the new version containing some documentation improvements and
> all fixes you mentioned (now 1.7.4-1) and also fixes from the discussion in
> the RFS  bug (thanks to Gianfranco Costamagna) should appear on mentors in
> no time (I dput'ed it ~10 mins ago).
> 
> Thanks in advance for comments on the new package.
> 

Hey, nice work. Yes go ahead and create an account on Alioth. A few minor things:

a) debian/copyright: https links please

b) debian/rules: if you want, you can add 'export DEB_BUILD_MAINT_OPTIONS = hardening=+all' before the dpkg-buildflags stuff to switch on PIE and bindnow. They are off by default because they break some builds, more info on https://wiki.debian.org/Hardening.

c) since you generate the release tarballs before importing them into the debian repo, it would be good to track them using 'pristine-tar'. this happens automatically with 'gbp import-orig' if you add this to your debian/gbp.conf:

----
[DEFAULT]
pristine-tar = True
----

For the versions that you already commited to the 'upstream' branch, you will have to add the original tarballs by manually running 'pristine-tar commit <orig.targz>' directly.

> -mk
> 
> PS. Side note about https on my site: I've set up a letsencrypt
> certificate, it works in browser but uscan still reports validation errors,
> at least on my machine. I guess it doesn't have letsencrypt CA cert for
> some reason. I'll see if I can do something with that.
> 

Yes I get this behaviour too. It may be a Debian bug in ca-certificates, feel free to file a bug to them.

-- 
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git



More information about the Pkg-privacy-maintainers mailing list