TU application: Ivy Foster

classic Classic list List threaded Threaded
21 messages Options
12
Reply | Threaded
Open this post in threaded view
|

TU application: Ivy Foster

Ivy Foster-2
Hi, folks,

I'm writing to apply to be a TU, and Alad Wenter has kindly agreed to
be my sponsor.

I've been an Arch user for the last 10 years or so. Some of you may
know me from IRC or the forums, where I use the nick escondida.
Lately, I've been much less active on IRC, but have contributed a
handful of patches to pacman. I also maintain [a few buildscripts][1]
in the AUR.

Arch has always been a rewarding community to contribute to, and I
figure that maintaining some packages and generally helping out could
be a good way to contribute a bit more.

If accepted to be a TU, my plan of action is as follows:
1. Go mad with power^U
1. Bring a handful of packages into [community] (see below)
2. Help out with rebuilds and package updates where that does not
        involve stepping on toes
3. Continue to submit occasional patches to Arch projects
4. Help with to-do lists. Off the top of my head, taking a quick look
        at current to-do lists with actual outstanding items:

        https://www.archlinux.org/todo/packages-with-out-of-repositories-dependencies/
                I'd be interested both in simply weeding out those
                with inappropriate deps and in bringing in deps I'd
                consider actually useful, such as tcllib for tcl-remind.

        https://www.archlinux.org/todo/source-retirement/
        https://www.archlinux.org/todo/codegooglecom-retirement/
                I wouldn't mind tracking down lost sources.

Thanks for your consideration, and I'm of course happy to answer
questions and address critiques.

Cheers,
Ivy "escondida" Foster

# Packages

If I'm accepted, there are a handful of packages I already have in
mind to bring to the repos:

- [bemenu][2]
        Though dmenu is already available, bemenu is a solid
        alternative for X, Wayland or terminals.

- [farbfeld][3]
        An oddball but interesting new image format

- [frotz][4]
        I don't know about you guys, but I think that text adventures
        are positively xyzzy.

- [ledger][5]
        This program is super useful, and I doubt I'm the only one who
        dreads every boost update because this takes so long to build!

- [muttprint][6]
        I don't always print emails, but when I do, I use muttprint.

- [opendoas][7]
        OpenBSD's much simpler alternative to sudo is now available
        for Linux.

- [physlock][8]
        A tty screen locker

- [sndio][9]
        OpenBSD's excellent and simple sound system is now available
        as a userspace daemon for Linux, and a surprising number of
        things can build against it easily.

        Note that if I did bring this in, I wouldn't be including my
        very basic XDG basedir patch (see AUR scripts). I'm going to
        try and submit a better one upstream, and if that fails,
        then...oh, well, I guess.

- [t-prot][10]
        It's just a simple script, but as a mutt user, it comes very
        much in handy for making many emails more legible.

- [translate-shell][11]
        Very useful for simplifying or scripting translation tasks
        (not that you should be counting on google translate to handle
        anything longer than a few words, but still)

- [xurls][12]
        Saves you the trouble of parsing strings to find links

# Links

[1]: https://aur.archlinux.org/packages/?SeB=m&K=escondida
[2]: https://github.com/Cloudef/bemenu
[3]: https://tools.suckless.org/farbfeld/
[4]: http://frotz.sourceforge.net/
[5]: https://www.ledger-cli.org
[6]: http://muttprint.sourceforge.net/
[7]: https://github.com/Duncaen/OpenDoas
[8]: https://github.com/muennich/physlock
[9]: http://www.sndio.org/
[10]: http://www.escape.de/~tolot/mutt/
[11]: https://www.soimort.org/translate-shell/
[12]: https://github.com/mvdan/xurls
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
On Fri, Jan 26, 2018 at 03:23:08PM -0600, Ivy Foster wrote:
> Hi, folks,
>
> I'm writing to apply to be a TU, and Alad Wenter has kindly agreed to
> be my sponsor.
>
I hereby confirm my sponsorship.

Note: If possible please add a short reply with a GPG signature.
Thanks!

Alad

signature.asc (235 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
In reply to this post by Ivy Foster-2
On 01/26/2018 04:23 PM, Ivy Foster wrote:
> Hi, folks,
>
> I'm writing to apply to be a TU, and Alad Wenter has kindly agreed to
> be my sponsor.

It is great to see you take the plunge, I wish you the best of luck!

> Arch has always been a rewarding community to contribute to, and I
> figure that maintaining some packages and generally helping out could
> be a good way to contribute a bit more.
>
> If accepted to be a TU, my plan of action is as follows:
> 1. Go mad with power^U
> 1. Bring a handful of packages into [community] (see below)
> 2. Help out with rebuilds and package updates where that does not
> involve stepping on toes
> 3. Continue to submit occasional patches to Arch projects
> 4. Help with to-do lists. Off the top of my head, taking a quick look
> at current to-do lists with actual outstanding items:
>
> https://www.archlinux.org/todo/packages-with-out-of-repositories-dependencies/
> I'd be interested both in simply weeding out those
> with inappropriate deps and in bringing in deps I'd
> consider actually useful, such as tcllib for tcl-remind.
>
> https://www.archlinux.org/todo/source-retirement/
> https://www.archlinux.org/todo/codegooglecom-retirement/
> I wouldn't mind tracking down lost sources.
Sounds like a (wo)man after my own heart! This reminds me I still have
so much to do... like all that https/gpg stuff.
I will welcome the help, certainly. ;)

> Thanks for your consideration, and I'm of course happy to answer
> questions and address critiques.

We discussed this on IRC already, I'll have to check and see how you've
adapted to my suggestions.

But overall, quite good!

Detailed review at the end...


> - [ledger][5]
> This program is super useful, and I doubt I'm the only one who
> dreads every boost update because this takes so long to build!

Lukas has beaten you to it: https://packages.archlinux.org/ledger

--
Eli Schwartz
Bug Wrangler and Trusted User


...

2018-01-25 07:05:26 PM guys escondida: I heard the news, good for you!
2018-01-25 07:06:48 PM escondida guys: haha, well, nothing's official
yet. Still gotta actually, like apply (-:
2018-01-25 07:06:50 PM escondida But thanks!
2018-01-25 07:06:52 PM escondida How're you?
2018-01-25 07:07:11 PM guys Doing well
2018-01-25 07:07:27 PM guys I cloned your AUR packages and am going to
look through them.
2018-01-25 07:07:51 PM guys I noticed something immediately, cgo-git has
a custom:cgo-git license, but it is really an ISC license.
2018-01-25 07:08:15 PM guys And it installs the whole source code in
/usr/share/licenses/ instead of using sed to extract it or something. :p
2018-01-25 07:09:25 PM guys I'd just extract the first few lines using
sed, until I hit the first  */ and call it a day
2018-01-25 07:11:05 PM escondida Seems like a good solution
2018-01-25 07:11:25 PM guys Also, the upstream Makefile is terrible and
should use CFLAGS properly :p
2018-01-25 07:11:36 PM escondida Yup
2018-01-25 07:12:27 PM guys I want pull requests to fix this :p
2018-01-25 07:12:43 PM escondida Yeah, I should really do that
2018-01-25 07:13:09 PM escondida The main reason I haven't is that I
haven't actually *used* cgo-git much at all since the day I installed
it; I just wanted a gopher client around on principle
2018-01-25 07:13:20 PM guys hah
2018-01-25 07:14:13 PM fsckd wait? did escondida actually apply or is
this just info. moving along the grapevine?
2018-01-25 07:14:28 PM guys fist, should be upgraded to use HTTPS since
their website upgrades you anyway
2018-01-25 07:14:50 PM guys fsckd: not yet, but we of the secret towers
get advance warning!
2018-01-25 07:15:23 PM fsckd cool!
2018-01-25 07:16:41 PM escondida Haha, I'm glad they upgraded to https!
It still amazes me that the program is still floating around at all
2018-01-25 07:16:51 PM guys Oh this is terrible, fist sets
mandir=$prefix/man instead of $prefix/share/man
2018-01-25 07:16:57 PM @jasonwryan escondida: I use cgo-git, it works great!
2018-01-25 07:17:01 PM escondida yusssss
2018-01-25 07:18:20 PM fsckd jasonwryan: your gopher site is rather...
bare... :P
2018-01-25 07:18:40 PM @jasonwryan fsckd: work in progress :p
2018-01-25 07:18:48 PM guys `INSTALL_PROGRAM='install -D' *might* make
fist not need to have all directories created beforehand.
2018-01-25 07:18:56 PM @jasonwryan well, stalled wip maybe a better
description
2018-01-25 07:20:03 PM fsckd jasonwryan: what do you use for a server?
2018-01-25 07:20:49 PM fsckd when i finally get my site up. i may
consider making a gopher mirror.
2018-01-25 07:20:50 PM guys escondida: no, sadly that will not work as
this Makefile contains freaking dependencies on $(BINDIR)
2018-01-25 07:20:56 PM escondida guys: That is clever, but I usually try
to avoid weird cleverness (-:
2018-01-25 07:20:58 PM guys I have to lol at this Makefile
2018-01-25 07:21:03 PM @jasonwryan fsckd: gofish
2018-01-25 07:21:16 PM guys "make: *** No rule to make target
'/var/cache/makepkg/builddir/fist/pkg/fist/usr/bin', needed by
'install-bin'.  Stop."
2018-01-25 07:21:17 PM escondida Well, keep in mind it's a program
dating back to punched card days. I'm willing to cut it some slack (-:
2018-01-25 07:21:49 PM guys I'm having more fun with the software you
package than your actual PKGBUILDs...
2018-01-25 07:21:53 PM escondida haha
2018-01-25 07:21:58 PM escondida I'm glad (-:
2018-01-25 07:22:18 PM fsckd gofish is also a webserver, interesting...
2018-01-25 07:23:06 PM fsckd jasonwryan: thanks :)
2018-01-25 07:23:37 PM @jasonwryan np :)
2018-01-25 07:24:56 PM guys Hmm, we seem to have *many* standards for
declaring custom:PublicDomain with or without spaces or, for that
matter, underscores
2018-01-25 07:27:18 PM escondida I vow that if I'm accepted, I'll
propose a public domain PKGBUILD licensing standard
2018-01-25 07:27:26 PM escondida in the next decade
2018-01-25 07:27:55 PM guys frotz-git conflicts and *replaces* frotz,
which is wrong, it should provide it instead
2018-01-25 07:28:23 PM guys replaces means that if you pacman -Syu and
find it in a repo, it gets synced as a replacement for what you
currently have...
2018-01-25 07:28:51 PM escondida Ah, whoops.
2018-01-25 07:29:11 PM guys I can hardly read the sed line you use in
pkgver()
2018-01-25 07:29:22 PM guys sed 's,-\(.*\)-,.r\1.,'
2018-01-25 07:29:30 PM guys wrong place to use , as separators!
2018-01-25 07:30:00 PM guys Also sed -r --no-backslash
--this-should-be-default
2018-01-25 07:30:09 PM guys I am probably guilty of this myself
2018-01-25 07:30:37 PM * guys proposes an amendment to the VCS Package
Guidelines
2018-01-25 07:30:51 PM guys jasonwryan: fix everything!
2018-01-25 07:31:16 PM escondida I went with commas since it was more
readable than slashes, but I'm open to other characters
2018-01-25 07:31:22 PM guys I usually use @
2018-01-25 07:31:32 PM guys It's fairly unlikely to be used elsewhere in
code
2018-01-25 07:31:34 PM escondida And -E/-r --no-backslash *should* be
the default, yeah
2018-01-25 07:33:03 PM guys But anyway, to modify 2.44-196-gf3ceac9
could just use the standard sed line from the wiki page
2018-01-25 07:34:05 PM escondida that one *I* can hardly read (-:
2018-01-25 07:34:19 PM guys (Because of course everyone knows what it
does, even if they don't know why)
2018-01-25 07:34:34 PM guys Clearly this must be better!
2018-01-25 07:34:41 PM escondida hehe
2018-01-25 07:35:21 PM escondida ...dang it. I made the password for the
ssh key I use for the AUR too perfect and uncrackable
2018-01-25 07:35:48 PM guys Use of sed to modify more than three things
in prepare should be strictly prohibited; use a patch file
2018-01-25 07:35:48 PM escondida ...and because all my AUR scripts are
either -git or ultra stable, I haven't had to use it in ages
2018-01-25 07:36:00 PM escondida Yeah, that's fair enough
2018-01-25 07:36:01 PM guys oh lol
2018-01-25 07:36:56 PM guys Please tell upstream to use ?= anyway :)
2018-01-25 07:38:23 PM guys Hmm, actually that might be a simple sed line ;)
2018-01-25 07:39:30 PM escondida I will
2018-01-25 07:39:46 PM guys libbulletml:
2018-01-25 07:39:48 PM guys > # upstream does not provide checksums,
though Debian does for their patches
2018-01-25 07:40:04 PM guys This is not a reason to disable checks for
download errors.
2018-01-25 07:41:09 PM guys Why does libbulletml.so need to modify
CFLAGS CXXFLAGS :(
2018-01-25 07:41:21 PM guys And why does it overwrite LDFLAGS, instead?
2018-01-25 07:41:41 PM guys Does it derp on the LDFLAGS from makepkg.conf?
2018-01-25 07:42:17 PM guys Why does it create libbulletml.a anyway, if
makepkg automatically strips staticlibs?
2018-01-25 07:42:32 PM escondida I think it must've, but it's been a
couple years since I looked at it
2018-01-25 07:42:42 PM escondida I'll revisit that, too
2018-01-25 07:43:58 PM guys libcss-git should probably use git+https://
for TLS security purposes
2018-01-25 07:45:31 PM guys Same with the other netsurf related packages
2018-01-25 07:45:42 PM escondida Good point
2018-01-25 07:49:02 PM guys lua-cosmo-git: is built, in package().
2018-01-25 07:49:27 PM guys If it cannot be built separately from the
install command, build it in build() and cp -a it in package()
2018-01-25 07:50:12 PM escondida Oh, right, I meant to drop that one.
Instead, I'll update it and then drop it.
2018-01-25 07:51:23 PM guys rrootage: the pkgdesc is self-referential,
remove the first two words
2018-01-25 07:52:12 PM guys And it downloads from
http://downloads.sourceforge.net, but that can be upgraded to https://
even if the website cannot
2018-01-25 07:53:05 PM guys Is http://ftp.de.debian.org/ really the best
download url? I would assume they have something that redirects to the
right country mirror
2018-01-25 07:53:06 PM phrik Title: Index of / (at ftp.de.debian.org)
2018-01-25 07:53:53 PM escondida Hmm, good questions both
2018-01-25 07:56:23 PM guys Is
sndio-git/0001-put-cookie-somewhere-better.patch upstreamable?
2018-01-25 07:56:32 PM guys Or have you tried and they rejected it
2018-01-25 07:56:59 PM guys http://www.soimort.org/translate-shell/ is
available over HTTPS
2018-01-25 07:57:00 PM phrik Title: Translate Shell (at www.soimort.org)
2018-01-25 07:57:09 PM guys As is the github repo via git+https:// ;)
2018-01-25 07:57:29 PM guys pkgver=v0.9.0.4.7.g1a4d83e # should have the
leading v stripped
2018-01-25 07:58:38 PM escondida guys: sndio is one that I'd actually be
interested in packaging; if I did, I wouldn't include the patch. To be
honest, I haven't tried to submit it, if only because of *bsd's general
rejection of XDG dirs (also, I'd need to actually rewrite it to
be...more robust
2018-01-25 07:58:53 PM guys ah
2018-01-25 07:59:09 PM guys
https://github.com/soimort/translate-shell/blob/develop/Makefile
2018-01-25 07:59:10 PM phrik Title: translate-shell/Makefile at develop
· soimort/translate-shell · GitHub (at github.com)
2018-01-25 07:59:22 PM guys latest commit to that file says "Implement
DESTDIR support"
2018-01-25 07:59:39 PM guys Complete with mkdir -p ;)
2018-01-25 08:00:18 PM escondida yusss
2018-01-25 08:00:44 PM guys And /usr/share/licenses/${_gitname}/LICENSE
is technically quite wrong, that is not the package the license is for
at all
2018-01-25 08:00:57 PM guys besides which it does not conflict/provide
the non-git version
2018-01-25 08:01:23 PM guys I think that is everything I could see from
a quick run-through
2018-01-25 08:02:34 PM escondida That's a lot already (-:
2018-01-25 08:02:41 PM escondida I'll try to fix 'em up!
2018-01-25 08:02:45 PM escondida Thanks for the critiques!
2018-01-25 08:03:14 PM guys no problem! I do this as a public service
whenever I spot PKGBUILDs in aur-general or the forums, anyway
2018-01-25 08:04:36 PM escondida hehe
2018-01-25 08:04:38 PM escondida Sweet
2018-01-25 08:06:04 PM guys I sort of feel this is my duty as a TU, in
fact...
2018-01-25 08:06:23 PM guys And an extra duty when evaluating new TUs
2018-01-25 08:06:35 PM -- You are now known as ztrawhcse
2018-01-25 08:06:41 PM ztrawhcse You may recognize me, in fact
2018-01-25 08:07:08 PM ztrawhcse xxarhtna and ztrawhcse are the official
linters
2018-01-25 08:07:33 PM escondida haha
2018-01-25 08:11:18 PM ztrawhcse I sometimes hide out in random channels
under assumed names, and lint peoples' PKGBUILDs when they don't expect it.
2018-01-25 08:12:30 PM escondida Nobody expects the---well, you know the
rest.
2018-01-25 08:44:58 PM escondida God, I'm gonna have to get into cgo's
source. I forgot that it just dumps colors everywhere
2018-01-25 08:45:21 PM escondida so if you're, say...using it in a dumb
terminal...it's just a mess
2018-01-25 08:45:42 PM escondida but hey, PRs submitted and PKGBUILD
updated in the interim
2018-01-25 09:13:00 PM escondida ztrawhcse: Actually, here's an odd
question about an edge case
2018-01-25 09:13:38 PM ztrawhcse do tell
2018-01-25 09:13:51 PM ztrawhcse (also, no one thought to grab my last
comment?)
2018-01-25 09:13:57 PM escondida hehe
2018-01-25 09:14:02 PM ztrawhcse I'm sort of surprised
2018-01-25 09:14:17 PM ztrawhcse Anyway. Edge cases.
2018-01-25 09:15:07 PM escondida actually, hang on a sec
2018-01-25 09:17:07 PM escondida Okay, nevermind
2018-01-25 09:17:28 PM escondida ztrawhcse: It had to do with the
members of a split package conlicting with each other when they shouldn't
2018-01-25 09:17:36 PM escondida The solution was simply to have them
provide different things
2018-01-25 09:17:56 PM ztrawhcse frotz-git I guess?
2018-01-25 09:18:04 PM escondida Yup!
2018-01-25 09:18:38 PM escondida frotz is one of the packages I'm
interested in bringing to the repos. I don't know how many people are
actually interested in old text adventures, but *I* think they're
positively xyzzy.
2018-01-25 09:18:48 PM ztrawhcse So, using replaces, hid the problem!
2018-01-25 09:18:51 PM escondida and new ones are often interesting and
strange
2018-01-25 09:18:54 PM escondida Yup!
2018-01-25 09:19:55 PM ztrawhcse I remember frotz, showing up compiled
for all the different e-ink ereaders.
2018-01-25 09:20:16 PM escondida Oh, neat
2018-01-25 09:20:48 PM ztrawhcse e.g.
https://www.mobileread.com/forums/showthread.php?t=186007
2018-01-25 09:20:49 PM phrik Title: K5 Frotz curses interface for Kindle
Touch (via XTerm) - MobileRead Forums (at www.mobileread.com)
2018-01-25 09:23:29 PM escondida I cleaned up its ncurses code a little
bit a last year, because I wanted XDG basedir support and ended up
messing with a bit more
2018-01-25 10:09:05 PM escondida ztrawhcse: As a side benefit of your
critiques, I discovered that debian has updated their rrootage patchset
2018-01-25 10:09:25 PM ztrawhcse Nice!
2018-01-25 10:09:35 PM escondida Yus


signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Ivy Foster-2
In reply to this post by tur-users mailing list
On 26 Jan 2018, at 10:31  +0100, Alad Wenter via aur-general wrote:
> Note: If possible please add a short reply with a GPG signature.

My mistake! Here's my official, signed reply.

Eli Schwartz wrote:
> Lukas has beaten you to it: https://packages.archlinux.org/ledger

That is excellent news!

Thanks,
Ivy

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
In reply to this post by Ivy Foster-2
Hey,

Quoting Ivy Foster (2018-01-26 22:23:08)
> Hi, folks,
>
> I'm writing to apply to be a TU, and Alad Wenter has kindly agreed to
> be my sponsor.
>

Don't really have anything to say other than "Awesome!"

--
Sincerely,
  Johannes Löthberg
  PGP Key ID: 0x50FB9B273A9D0BB5
  PGP Key FP: 5134 EF9E AF65 F95B 6BB1  608E 50FB 9B27 3A9D 0BB5
  https://theos.kyriasis.com/~kyrias/

signature.asc (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Andrew Crerar-3
In reply to this post by Ivy Foster-2
On 1/26/18 4:23 PM, Ivy Foster wrote:
> Hi, folks,
>
Hi!

> I'm writing to apply to be a TU, and Alad Wenter has kindly agreed to
> be my sponsor.
> > I've been an Arch user for the last 10 years or so. Some of you may
> know me from IRC or the forums, where I use the nick escondida.
> Lately, I've been much less active on IRC, but have contributed a
> handful of patches to pacman. I also maintain [a few buildscripts][1]
> in the AUR.
>
> Arch has always been a rewarding community to contribute to, and I
> figure that maintaining some packages and generally helping out could
> be a good way to contribute a bit more.
>
> If accepted to be a TU, my plan of action is as follows:
> 1. Go mad with power^U
> 1. Bring a handful of packages into [community] (see below)
> 2. Help out with rebuilds and package updates where that does not
> involve stepping on toes
> 3. Continue to submit occasional patches to Arch projects
> 4. Help with to-do lists. Off the top of my head, taking a quick look
> at current to-do lists with actual outstanding items:
>
> https://www.archlinux.org/todo/packages-with-out-of-repositories-dependencies/
> I'd be interested both in simply weeding out those
> with inappropriate deps and in bringing in deps I'd
> consider actually useful, such as tcllib for tcl-remind.
>
> https://www.archlinux.org/todo/source-retirement/
> https://www.archlinux.org/todo/codegooglecom-retirement/
> I wouldn't mind tracking down lost sources.
>
Yesss!

> Thanks for your consideration, and I'm of course happy to answer
> questions and address critiques.
>
> Cheers,
> Ivy "escondida" Foster
>
> # Packages
>
> If I'm accepted, there are a handful of packages I already have in
> mind to bring to the repos:
>
> - [bemenu][2]
> Though dmenu is already available, bemenu is a solid
> alternative for X, Wayland or terminals.
>
> - [farbfeld][3]
> An oddball but interesting new image format
>
> - [frotz][4]
> I don't know about you guys, but I think that text adventures
> are positively xyzzy.
>
> - [ledger][5]
> This program is super useful, and I doubt I'm the only one who
> dreads every boost update because this takes so long to build!
>
> - [muttprint][6]
> I don't always print emails, but when I do, I use muttprint.
>
> - [opendoas][7]
> OpenBSD's much simpler alternative to sudo is now available
> for Linux.
>
> - [physlock][8]
> A tty screen locker
>
> - [sndio][9]
> OpenBSD's excellent and simple sound system is now available
> as a userspace daemon for Linux, and a surprising number of
> things can build against it easily.
>
> Note that if I did bring this in, I wouldn't be including my
> very basic XDG basedir patch (see AUR scripts). I'm going to
> try and submit a better one upstream, and if that fails,
> then...oh, well, I guess.
>
> - [t-prot][10]
> It's just a simple script, but as a mutt user, it comes very
> much in handy for making many emails more legible.
>
> - [translate-shell][11]
> Very useful for simplifying or scripting translation tasks
> (not that you should be counting on google translate to handle
> anything longer than a few words, but still)
>
> - [xurls][12]
> Saves you the trouble of parsing strings to find links
>
> # Links
>
> [1]: https://aur.archlinux.org/packages/?SeB=m&K=escondida
> [2]: https://github.com/Cloudef/bemenu
> [3]: https://tools.suckless.org/farbfeld/
> [4]: http://frotz.sourceforge.net/
> [5]: https://www.ledger-cli.org
> [6]: http://muttprint.sourceforge.net/
> [7]: https://github.com/Duncaen/OpenDoas
> [8]: https://github.com/muennich/physlock
> [9]: http://www.sndio.org/
> [10]: http://www.escape.de/~tolot/mutt/
> [11]: https://www.soimort.org/translate-shell/
> [12]: https://github.com/mvdan/xurls
>
Awesome! Well, best of luck, I think you'll make a great addition :)

Regards,

Andrew


signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
In reply to this post by Ivy Foster-2

Thank you Ivy for this excellent list of applications, one of the best
I've seen in a while! :)

--
Pierre Neidhardt

I'd rather just believe that it's done by little elves running around.

signature.asc (497 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Ivy Foster-2
In reply to this post by tur-users mailing list
On 26 Jan 2018, at  4:35  -0500, Eli Schwartz via aur-general wrote:
> On 01/26/2018 04:23 PM, Ivy Foster wrote:
> > I'm writing to apply to be a TU, and Alad Wenter has kindly agreed to
> > be my sponsor.

> It is great to see you take the plunge, I wish you the best of luck!

Thanks!

> > Arch has always been a rewarding community to contribute to, and I
> > figure that maintaining some packages and generally helping out could
> > be a good way to contribute a bit more.
> >
> > If accepted to be a TU, my plan of action is as follows:
> > 1. Go mad with power^U
> > 1. Bring a handful of packages into [community] (see below)
> > 2. Help out with rebuilds and package updates where that does not
> > involve stepping on toes
> > 3. Continue to submit occasional patches to Arch projects
> > 4. Help with to-do lists. [...]

> Sounds like a (wo)man after my own heart!

Woman, and glad to hear it!

> This reminds me I still have so much to do... like all that https/gpg stuff.

There's always more to do, I guess.

> > Thanks for your consideration, and I'm of course happy to answer
> > questions and address critiques.

> But overall, quite good!

Thanks!

> > - ledger
> > This program is super useful, and I doubt I'm the only one who
> > dreads every boost update because this takes so long to build!

> Lukas has beaten you to it: https://packages.archlinux.org/ledger

I replied to this elsewhere already, but that's great news (-: . In
related news, I've [poked upstream][1] to see about a new release, since
there's been a year's worth of bugfixes! They're into it.

# Critiques & Responses

> We discussed this on IRC already, I'll have to check and see how you've
> adapted to my suggestions.

I've addressed most of them; see responses inline. Of course,
onlookers should judge each fix to make sure it's not a "fix" instead.

## cgo-git

> 2018-01-25 07:07:51 PM guys I noticed something immediately, cgo-git has
> a custom:cgo-git license, but it is really an ISC license.
> 2018-01-25 07:08:15 PM guys And it installs the whole source code in
> /usr/share/licenses/ instead of using sed to extract it or something. :p
> 2018-01-25 07:09:25 PM guys I'd just extract the first few lines using
> sed, until I hit the first  */ and call it a day

I've changed the license to ISC and used sed to extract the license
from the source. I've also [submitted a patch upstream][2] creating a
separate LICENSE file.

> 2018-01-25 07:11:25 PM guys Also, the upstream Makefile is terrible and
> should use CFLAGS properly :p
> 2018-01-25 07:12:27 PM guys I want pull requests to fix this :p

[Pull request submitted][3].

> 2018-01-25 07:14:28 PM guys fist, should be upgraded to use HTTPS since
> their website upgrades you anyway

[Done][4].

## frotz-dumb-git / frotz-ncurses-git

> 2018-01-25 07:27:55 PM guys frotz-git conflicts and *replaces* frotz,
> which is wrong, it should provide it instead
> 2018-01-25 07:28:23 PM guys replaces means that if you pacman -Syu and
> find it in a repo, it gets synced as a replacement for what you
> currently have...

> 2018-01-25 07:29:11 PM guys I can hardly read the sed line you use in
> pkgver()
> 2018-01-25 07:29:22 PM guys sed 's,-\(.*\)-,.r\1.,'
> 2018-01-25 07:29:30 PM guys wrong place to use , as separators!
> 2018-01-25 07:33:03 PM guys But anyway, to modify 2.44-196-gf3ceac9
> could just use the standard sed line from the wiki page
> 2018-01-25 07:34:05 PM escondida that one *I* can hardly read (-:

> 2018-01-25 07:35:48 PM guys Use of sed to modify more than three things
> in prepare should be strictly prohibited; use a patch file

[All fixed][5]. I still refuse to use the sed line from the wiki page,
because I'm a big weirdo.

## libbulletml & rrootage

> 2018-01-25 07:39:48 PM guys > # upstream does not provide checksums,
> though Debian does for their patches
> 2018-01-25 07:40:04 PM guys This is not a reason to disable checks for
> download errors.

I've [added checksums][6], along with a note not to place too much
trust in them since they're mine and not the developer's.

> 2018-01-25 07:41:09 PM guys Why does libbulletml.so need to modify
> CFLAGS CXXFLAGS :(
> 2018-01-25 07:41:21 PM guys And why does it overwrite LDFLAGS, instead?
> 2018-01-25 07:41:41 PM guys Does it derp on the LDFLAGS from makepkg.conf?
> 2018-01-25 07:42:17 PM guys Why does it create libbulletml.a anyway, if
> makepkg automatically strips staticlibs?

This library's build process is simply bizarre. I've left the build as
is, since that seems to be what it takes to get it to, well, build.

> 2018-01-25 07:51:23 PM guys rrootage: the pkgdesc is self-referential,
> remove the first two words
> 2018-01-25 07:52:12 PM guys And it downloads from
> http://downloads.sourceforge.net, but that can be upgraded to https://
> even if the website cannot
> 2018-01-25 07:53:05 PM guys Is http://ftp.de.debian.org/ really the best
> download url? I would assume they have something that redirects to the
> right country mirror

I found a better Debian download url and upgraded the Sourceforge url
to https; [fixes here][7].

I've also sent an email to the mysterious Evil Mr. Henry, the porter
(portreeve?) who brought it to Linux, to see whether he'd be
interested in accepting the Debian patches officially, since they're
required to build these days.

## lua-cosmo-git

> 2018-01-25 07:49:02 PM guys lua-cosmo-git: is built, in package().
> 2018-01-25 07:49:27 PM guys If it cannot be built separately from the
> install command, build it in build() and cp -a it in package()
> 2018-01-25 07:50:12 PM escondida Oh, right, I meant to drop that one.
> Instead, I'll update it and then drop it.

To be honest, I ended up simply dropping this package. As far as I can
tell, luarocks really seems to expect you to build and intall in one
step. I can pick it back up again if anybody has particularly strong
feelings on this point.

## netsurf et al.

> 2018-01-25 07:43:58 PM guys libcss-git should probably use git+https://
> for TLS security purposes
> 2018-01-25 07:45:31 PM guys Same with the other netsurf related packages

Sadly, I got SSL errors when I tried to pull netsurf libs from https.
They seem to be available only over http for now. I didn't try *all*
of them, granted, but I figure what's true for the css is true for the
cssander.

I need to update these in general, to tell the truth. Part of me wants
to do them all as a massive split PKGBUILD, because the dependency
order is fairly intricate (I have them in directories numbered in
stages on my machine, but that doesn't translate well to the AUR).

## sndio-git

> 2018-01-25 07:56:23 PM guys Is
> sndio-git/0001-put-cookie-somewhere-better.patch upstreamable?
> 2018-01-25 07:56:32 PM guys Or have you tried and they rejected it

I haven't written the better version to submit yet; that'll probably
be sometime in the next few days.

## translate-shell

> 2018-01-25 07:56:59 PM guys http://www.soimort.org/translate-shell/ is
> available over HTTPS
> 2018-01-25 07:57:00 PM phrik Title: Translate Shell (at www.soimort.org)
> 2018-01-25 07:57:09 PM guys As is the github repo via git+https:// ;)

> 2018-01-25 07:57:29 PM guys pkgver=v0.9.0.4.7.g1a4d83e # should have the
> leading v stripped

> https://github.com/soimort/translate-shell/blob/develop/Makefile
> 2018-01-25 07:59:10 PM phrik Title: translate-shell/Makefile at develop
> · soimort/translate-shell · GitHub (at github.com)
> 2018-01-25 07:59:22 PM guys latest commit to that file says "Implement
> DESTDIR support"
> 2018-01-25 07:59:39 PM guys Complete with mkdir -p ;)

> 2018-01-25 08:00:44 PM guys And /usr/share/licenses/${_gitname}/LICENSE
> is technically quite wrong, that is not the package the license is for
> at all

> 2018-01-25 08:00:57 PM guys besides which it does not conflict/provide
> the non-git version

[All fixed][8].

# Concluding thoughts

Who's next? Bring it on!

iff

# Links

[1]: https://github.com/ledger/ledger/issues/523
[2]: https://github.com/kieselsteini/cgo/pull/10
[3]: https://github.com/kieselsteini/cgo/pull/9
[4]: https://aur.archlinux.org/cgit/aur.git/log/?h=fist
[5]: https://aur.archlinux.org/cgit/aur.git/log/?h=frotz-git
[6]: https://aur.archlinux.org/cgit/aur.git/log/?h=libbulletml
[7]: https://aur.archlinux.org/cgit/aur.git/log/?h=rrootage
[8]: https://aur.archlinux.org/cgit/aur.git/log/?h=translate-shell-git
Reply | Threaded
Open this post in threaded view
|

TU application: Ivy Foster

Ivy Foster-2
In reply to this post by tur-users mailing list
On 27 Jan 2018, at  9:39  +0100, Pierre Neidhardt,
Andrew Crerar, and Johannes Löthberg wrote:
> [some very nice things]

Thanks!
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
In reply to this post by Ivy Foster-2
On Fri, Jan 26, 2018 at 03:23:08PM -0600, Ivy Foster wrote:
> # Packages
> [..]

Hello Ivy,
Do you plan to adopt some orphans as well?

chris

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Ivy Foster-2
On 27 Jan 2018, at 10:40  +0100, Christian Rebischke via aur-general wrote:
> On Fri, Jan 26, 2018 at 03:23:08PM -0600, Ivy Foster wrote:
> Hello Ivy,
> Do you plan to adopt some orphans as well?

Definitely!

Quickly scanning through the list, a few stand out to me...though they
generally don't look as though they need updates right away.

- bmake
- cd-discid (if I were to crab this one, I'd probably also take
        cddb_get, even though I've had little luck with cddb results)
- ispell
- libcdaudio
- unicode-character-database

Beyond that, I'd say "sure, if it looks interesting or necessary" and
"I can at least update and then re-orphan this thing I don't use".

iff
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
Hey, good luck and such

Just noticed there are packages that don't properly LDFLAGS resulting in
binaries without full RELRO.
Its good to always checksec the binaries once creating or adopting a new
package and see if everything was setup properly to respect hardening
and other flags like generic archs.
namcap will have such feature soonish

Everything else i had on my list was already mentioned by Eli.

libbulletml:
- whats up with LDFLAGS from makepkg.conf? like -znow?
  if there are options that don't work its better to remove them
  from makepkg.conf LDFLAGS but always use the variable

cgo-git:
- does not respect LDFLAGS leading to a binary without full relro

cheers,
Levente
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Ivy Foster-2
On 28 Jan 2018, at  9:33  +0100, Levente Polyak via aur-general wrote:
> Hey, good luck and such

Thanks!

> Just noticed [some interesting points]

I'll have some time free tomorrow to get you a proper answer and/or
fix; for now, I'm just letting you know I got your email!

Thanks,
Ivy
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
On January 30, 2018 11:37:42 PM GMT+01:00, Ivy Foster <[hidden email]> wrote:
>I'll have some time free tomorrow to get you a proper answer and/or
>fix; for now, I'm just letting you know I got your email!


Hey, any news from respecting LDFLAGS and if needed just purge parts of it?
I'm specially interested in seeing full relro.

Cheers,
Levente
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Ivy Foster-2
On 01 Feb 2018, at  8:29  +0100, Levente Polyak via aur-general wrote:
> On January 30, 2018 11:37:42 PM GMT+01:00, Ivy Foster <[hidden email]> wrote:
> >I'll have some time free tomorrow to get you a proper answer and/or
> >fix; for now, I'm just letting you know I got your email!

> Hey, any news from respecting LDFLAGS and if needed just purge parts of it?
> I'm specially interested in seeing full relro.

Hey, Levente. Sorry for the delay!

For cgo, since upstream pulled in the patches I submitted, LDFLAGS are
properly picked up and we have full relro.

libbulletml was a bit tougher. I wound up throwing out Debian's
patches to upstream's Makefile and just rewriting the Makefile from
scratch. Hopefully either Debian or the dev will be interested in
accepting the new Makefile; until word comes back, it's [in the AUR
git repo][1]. This also grants full relro.

I've yet to run checksec on my other packages, but intend to do so.
I'm not sure yet what to do about some of its feedback, notably
thinking that some binaries aren't ELF files (so no PIE feedback
given) or the number of unfortified...things.

Thanks again for your feedback!

Ivy

[1]: https://aur.archlinux.org/cgit/aur.git/tree/?h=libbulletml

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
In reply to this post by Ivy Foster-2
On Fri, Jan 26, 2018 at 03:53:07PM -0600, Ivy Foster wrote:
> On 26 Jan 2018, at 10:31  +0100, Alad Wenter via aur-general wrote:
> > Note: If possible please add a short reply with a GPG signature.
>
> My mistake! Here's my official, signed reply.
>
The discussion period is over. Let the votes begin!

https://aur.archlinux.org/tu/?id=103

signature.asc (235 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
In reply to this post by Ivy Foster-2
On February 2, 2018 12:40:57 AM GMT+01:00, Ivy Foster <[hidden email]> wrote:

>
>For cgo, since upstream pulled in the patches I submitted, LDFLAGS are
>properly picked up and we have full relro.
>
>libbulletml was a bit tougher. I wound up throwing out Debian's
>patches to upstream's Makefile and just rewriting the Makefile from
>scratch. Hopefully either Debian or the dev will be interested in
>accepting the new Makefile; until word comes back, it's [in the AUR
>git repo][1]. This also grants full relro.
>


Awesome, thanks for upstreaming the problems :)
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

tur-users mailing list
In reply to this post by tur-users mailing list
On Sat, Feb 03, 2018 at 12:12:44AM +0100, Alad Wenter via aur-general wrote:

> On Fri, Jan 26, 2018 at 03:53:07PM -0600, Ivy Foster wrote:
> > On 26 Jan 2018, at 10:31  +0100, Alad Wenter via aur-general wrote:
> > > Note: If possible please add a short reply with a GPG signature.
> >
> > My mistake! Here's my official, signed reply.
> >
> The discussion period is over. Let the votes begin!
>
> https://aur.archlinux.org/tu/?id=103
>
The voting period has ended, with the following results:

Yes:        33
No:         3
Abstain:    3
Total:      39

As such, the proposal has been accepted. Congratulations!

Alad

signature.asc (235 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Baptiste Jonglez
On 10-02-18, Alad Wenter via aur-general wrote:

> On Sat, Feb 03, 2018 at 12:12:44AM +0100, Alad Wenter via aur-general wrote:
> > On Fri, Jan 26, 2018 at 03:53:07PM -0600, Ivy Foster wrote:
> > > On 26 Jan 2018, at 10:31  +0100, Alad Wenter via aur-general wrote:
> > > > Note: If possible please add a short reply with a GPG signature.
> > >
> > > My mistake! Here's my official, signed reply.
> > >
> > The discussion period is over. Let the votes begin!
> >
> > https://aur.archlinux.org/tu/?id=103
> >
> The voting period has ended, with the following results:
>
> Yes:        33
> No:         3
> Abstain:    3
> Total:      39
>
> As such, the proposal has been accepted. Congratulations!
Congrats, and welcome to the team!

Baptiste

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: TU application: Ivy Foster

Ivy Foster-2
In reply to this post by tur-users mailing list
On 10 Feb 2018, at  1:02  +0100, Alad Wenter via aur-general wrote:
> the proposal has been accepted. Congratulations!

Awesome! Thanks, y'all.

Ivy

signature.asc (849 bytes) Download Attachment
12