Notices by David Runge (dvzrv@chaos.social)

#Bootstrap fun: #libassuan upgraded its symbols separately from its #soname in a patch-level release (with several months in between!)
On #ArchLinux we had upgraded to the weird version that has a soname change but no symbol change.
Since #pacman requires the library transitively via #gpgme, there now is no clean way to upgrade this without patching all consumers in some intermediate step. 🗑️ 🔥
(The staging build environment would otherwise have a broken pacman and thus not be functional).

We have just released the first version of the nethsm-backup #crate 📦 🦀

https://crates.io/crates/nethsm-backup/0.1.0

The #RustLang library, written by the wonderful @wiktor, is used to #parse, #decrypt, #validate and #browse #NetHSM #backups.

#Nitrokey #ArchLinux #Signstar #Rust

Maximum Chaos im #ICE2949 als Ersatz für #ICE759: Bekomme Mails dass meine #Sitzplatzreservierung übertragen wurde, im Zug allerdings diverse reservierte Sitzplätze (von anderen Zügen die auch mit diesem zusammengelegt wurden?!).
Zugbegleitung sagt es gäbe keine Platzreservierung.
Kaum verwirrend 👌

#ICE #DeutscheBahn #BahnFail

Will frame "I don't count it that way" for whenever there need to be thousands of lines of arbitrary changes made to the build system of a widely used project on a weekly basis in one dump commit.

Obfuscation of other changes? High complexity? No reproducibilty because you use a custom #autotools 2.13 fork?

Just say "I don't count it that way" and the problem will disappear!
If it doesn't, pair with "I have done it like this since the 90s" for extra effect. 😘👌

#ArchLinux #PackagerLife

"Yo 🐶 , I heard you like packages, so I put packages in your package... and if I can't download them I'll build them from untrusted and unverified sources in arbitrary versions instead..." 😬

#ArchLinux #PackagerLife

When shit gets stolen from your basement (again) because your "landlord" still has not fixed a door to be less unsafe from the last time there was a break-in.

"Quality service", 0/5 can not recommend....

Very nice #FOSDEM this year. Met many fellow #ArchLinux people and even managed to go on the ferris wheel to observe the splendid weather from above.

I wrote a follow-up article to my previous one, which is about (what appears to be) #OperatingSystem #bias in #NextGenerationInternet (#NGI) and #NLnet:

https://sleepmap.de/2023/operating-system-bias-in-next-generation-internet-and-nlnet/

#ArchLinux #EuropeanCommission #Linux #Nix #NixOS #NixOSFoundation #funding

Getting ready for #feliciafestival in #Magdeburg.

#modularsynth #flowerbadge #eoc #electronicorchestracharlottenburg

Tales from the crypt:

It seems #juce moved modules/juce_audio_plugin_client/utility/juce_CreatePluginFilter.h to modules/juce_audio_plugin_client/detail/juce_CreatePluginFilter.h between 7.0.5 and 7.0.7... (this of course breaks builds...)

Come on... at least bump the minor version for something like this... 🙄
Stuff based on juce is already terrible to maintain as is. It doesn't have to be made even harder by something like this.

#ArchLinux #packagerlife

Yay, my #RFC about sources for #Python packaging has been merged.

https://rfc.archlinux.page/0020-sources-for-python-packaging/

#ArchLinux #PyPI

The slides for my #froscon talk can be found here: https://pkgbuild.com/~dvzrv/presentations/froscon2023/

#ArchLinux #rustlang

It seems we'll have a lot of "fun" with the #PyPi decision to remove signatures for sdist tarballs (https://blog.pypi.org/posts/2023-05-23-removing-pgp/) going forward.

To scream into the void: Yes, PyPi, someone was using those signatures. Distro package maintainers secured user supply chains with it!

I'm not looking forward to asking dozens of upstreams to host their signatures elsewhere (just stumbled across one case). Meanwhile #reproduciblebuilds is now broken for those packages.

#ArchLinux #packagerlife #Python