FOSS Activites in April 2020
Here’s my (seventh) monthly update about the activities I’ve done in the F/L/OSS world.
It’s been 14 months since I’ve started contributing to Debian.
And 4 months since I’ve been a Debian Developer. And in this beautiful time,
I had this opprotunity to do and learn lots of new and interesting things. And most
importantly, meet and interact with lots of lovely people! 💖
- libgit2 (0.28.5+dfsg.1-1) - new upstream version.
- ruby-ffi-compiler (1.0.1-1) - NEW (#955497).
- rake (13.0.1-3/4) - using
--gem-install layoutand fixing autopkgtest.
- mcollective (2.12.5+dfsg-1) - new upstream version.
- ruby-guard (2.16.2-1) - fix regression caused by pry’s upload (#954724).
- ruby-pry-byebug (3.9.0-1) - fix regression caused by pry’s upload (#954572).
- ruby-ahoy-matey (3.0.2-1) - new upstream version.
- ruby-http-parser (1.2.1-1) - NEW (#955589).
- ruby-http-parser.rb (0.6.0-5) - Drop
- golang-github-awalterschulze-gographviz (2.0.1-1) - new upstream version.
- ruby-ffi-yajl (2.3.1-3) - fix build in
- ruby-http (4.4.1-1) - new upstream version ((#890075 and #858140).
- ruby-twitter (7.0.0-1) - new upstream version.
- ruby-rack (2.1.1-2) - migration to unstable.
- ruby-rack-oauth2 (1.11.0-1) - fix FTBFS.
- ruby-crb-blast (0.6.9-4) - fix regression caused by ruby-bio (#954536).
- ruby-sassc-rails (2.1.2-5) - Add
Breaks+Replacesfor ruby-sass-rails (#952682 and #954544).
- libdbd-firebird-perl (1.32-1) - new upstream version.
- ruby-minitest-global-expectations (1.0.1-1) - NEW (#956051).
- golang-github-cheekybits-genny (1.0.0-1) - NEW (#956128).
- node-clipboard (2.0.6+ds-1~bpo10+1) - backporting to buster.
- micro (2.0.2-3) - use
cut -d'-' -f1to just show upstream version.
- golang-github-go-errors-errors (1.0.1-4) - fix build and autopkgtest (#954521).
- micro (2.0.2-3~bpo10+1) - backporting to buster.
- libgit2 (1.0.0+dfsg.1-1) - new upstream version.
- micro (2.0.3-1) - add support for +LINE:COL flag syntax for cursor position (#953427).
- Attended Ruby team meeting. Logs here.
- Attended Perl team LHF. Report here.
- Sponsored a lot of uploads for William Desportes and Adam Cecile.
- Mentoring for newcomers.
- FTP Trainee reviewing.
- Moderation of -project mailing list.
- Applied for DUCI project for Google Summer of Code 2020.
Ruby2.7 was recently released on 25th December, 2019. Santa’s gift. Believe it or not.
We, the Debian Ruby team, have been trying hard to make it migrate to testing. And it finally happened.
The default version in testing is ruby2.7. Here’s the news! \o/
Here’s what I worked on this month for this transition.
Opened several issues and proposed patches (in the form of PRs):
- Issue #35 against
encryptorfor Ruby2.7 test failures.
- Issue #28 against
image_sciencefor removing relative paths.
- Issue #106 against
ffi-yajlfor Ruby2.7 test failures.
- PR #5 against
aggregatefor simply using
- PR #6 against
aggregatefor modernizing CI and adding Ruby 2.5 and 2.7 support.
- Issue #13 against
espeak-rubyfor Ruby2.7 test failures.
- Issue #4 against
tty-whichfor test failures in general.
- Issue #11 against
packablefor Ruby2.7 test failures. PR #12 has been proposed.
- Issue #10 against
growlfor test failures and proposed an initial patch.
I fixed and uploaded the following packages in Debian:
- puppet-beaker (4.21.0-1) - new upstream version and fix FTBFS (#956595 and #954614).
- ruby-fakeweb (1.3.0+git20170806+dfsg1-2) - fix autopkgtest (#952042).
- puppet-lint (2.4.2-2) - fix FTBFS for Ruby2.7 migration.
- ruby-hoe (3.22.1+dfsg1-1) - new upstream version and fix FTBFS (#952041).
- rake-compiler (1.0.5-2) - fix FTBFS.
- ruby-aggregate (0.2.2-3) - fix autopkgtest.
- facter (3.11.0-4) - fix autopkgtest (#955582).
Debian Long Term Support (LTS) is a project to extend the lifetime of all Debian stable releases
to (at least) 5 years. Debian LTS is not handled by the Debian security team, but by a separate group
of volunteers and companies interested in making it a success.
This was my seventh month as a Debian LTS paid contributor. I was assigned 24.00 hours and worked on the following things:
CVE Fixes and Announcements:
Issued DLA 2178-1, fixing CVE-2020-11728 and CVE-2020-11729, for awl.
For Debian 8 “Jessie”, these problems have been fixed in version 0.55-1+deb8u1.
Issued DLA 2179-1, fixing CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11619, and CVE-2020-11620, for jackson-databind.
For Debian 8 “Jessie”, these problems have been fixed in version 2.4.2-2+deb8u14.
Issued DLA 2180-1, fixing CVE-2020-11736, for file-roller.
For Debian 8 “Jessie”, this problem has been fixed in version 3.14.1-1+deb8u2.
Issued DLA 2190-1, fixing CVE-2020-10663, for ruby-json.
For Debian 8 “Jessie”, this problem has been fixed in version 1.8.1-1+deb8u1.
Other LTS Work:
- Triaged jackson-databind, libconvert-asn1-perl, file-roller, awl, dom4j, and openvpn.
- Mark CVE-2013-7488/libconvert-asn1-perl as no-dsa for Jessie.
- Mark CVE-2020-11810/openvpn as no-dsa for Jessie.
- Ping ntp’s upstream for relevant commits.
- Mark CVE-2019-16782/ruby-rack as no-dsa for Jessie.
- Attended first LTS meeting. Logs here.
- General discussion on LTS mailing list.
Sometimes it gets hard to categorize work/things into a particular category.
That’s why I am writing all of those things inside this category.
This includes two sub-categories and they are as follows.
This month I could get the following things done:
- Most importantly, I finally migrated to a new website. Huge UI imporvement! \o/
From Jekyll to Hugo, it was not easy. But it was worth it! Many thanks to Luiz for writing hugo-coder, Clement, and Samyak! 🔥
If you find any flaws, issues and pull requests are welcomed at utkarsh2102/utkarsh2102.com
- Wrote battery-alert, a mini-project of my own to show battery alerts at <10% and >90%.
Written in shell, it brings me all the satisfaction as it has saved my life on many occasions.
And guess what? It has more users than just myself! 😉
Reviews and patches are welcomed \o/
- Mentored in HackOn Hackathon. Thanks to Manvi for reaching out! 🤗
It was fun to see people developing some really nice projects.
- Thanks to Ray and John, I became a GitLab Hero! 🥳
(I am yet to figure out my role and responibility though)
- Atteneded Intro Sec Con and had the most fun!
Heard Ian’s keynote and attended other talks and learned how to use WireShark! 🦈
Again, this contains all the things that I couldn’t categorize earlier.
Opened several issues and pull requests:
- Issue #297 against
hugo-coder, asking to enable RSS feed for blogs.
- PR #316 for
hugo-coderfor fixing the above issue myself.
- Issue #173 against
arbrefor requesting a release.
- Issue #104 against
combustion, asking to relax dependency on rubocop. Fixed in this commit.
- Issue #16 against
ffi-compilerfor requesting to fix homepage and license.
- Issue #57 against
gographvizfor requesting a release.
- Issue #14 against
crb-blast, suggesting compatability with bio 2.0.x.
- Issue #58 against
uniform_notifierfor asking to drop the use of ruby-growl.
- PR #2072 for
polybar, adding installation instructions on Debian systems.
Until next time.
:wq for today.