Free software activity in October 2024
Almost all of my Debian contributions this month were sponsored by Freexian.
You can also support my work directly via Liberapay.
Ansible
I noticed that Ansible had fallen out of Debian testing due to autopkgtest failures. This seemed like a problem worth fixing: in common with many other people, we use Ansible for configuration management at Freexian, and it probably wouldn’t make our sysadmins too happy if they upgraded to trixie after its release and found that Ansible was gone.
The problems here were really just slogging through test failures in both
the ansible-core
and ansible
packages, but their test suites are large
and take a while to run so this took some time. I was able to contribute a
few small fixes to various upstreams in the process:
- test: Make git archive prefix fit in 32-bit
ssize_t
(though upstream went for a different approach) - test: replace more deprecated
assertEquals
- Fix import error on Python 3.13
- Make
test_start_daemon_with_no_mock
less flaky
This should now get back into testing tomorrow.
OpenSSH
Martin-Éric Racine
reported that ssh-audit
didn’t list the ext-info-s
feature as being available in Debian’s OpenSSH
9.2 packaging in bookworm, contrary to what OpenSSH upstream said on their
specifications page at the time. I
spent some time looking into this and realized that upstream was mistakenly
saying that implementations of ext-info-c
and ext-info-s
were added at
the same time, while in fact ext-info-s
was added rather later.
ssh-audit
now has clearer output, and the OpenSSH maintainers have
corrected their specifications page.
I looked into a report of an ssh
failure in certain cases when using GSS-API key exchange (which is a Debian
patch). Once again, having integration
tests was a huge win here: the affected
scenario is quite a fiddly one, but I was able to set it up in the
test,
and thereby make sure it doesn’t regress in future. It still took me a
couple of hours to get all the details right, but in the past this sort of
thing took me much longer with a much lower degree of confidence that the
fix was correct.
On upstream’s advice, I cherry-picked some key exchange fixes needed for big-endian architectures.
Python team
I packaged python-evalidate, needed for a new upstream version of buildbot.
The Python 3.13 transition rolls on. I fixed problems related to it in htmlmin, humanfriendly, postgresfixture (contributed upstream), pylint, python-asyncssh (contributed upstream), python-oauthlib, python3-simpletal, quodlibet, zope.exceptions, and zope.interface.
A trickier Python 3.13 issue involved the cgi
module. Years ago I ported
zope.publisher to the multipart module because
cgi.FieldStorage
was broken in some situations, and as a result I got a
recommendation into Python’s
“dead batteries” PEP 594.
Unfortunately there turns out to be a name conflict between multipart and
python-multipart on
PyPI;
python-multipart upstream has been working to disentangle
this, though we still
need to work out what to do in Debian.
All the same, I needed to fix
python-wadllib and multipart seemed like
the best fit; I contributed a port
upstream
and temporarily copied multipart into Debian’s python-wadllib source package
to allow its tests to pass. I’ll come back and fix this properly once we
sort out the multipart vs. python-multipart packaging.
tzdata moved some timezone definitions to tzdata-legacy, which has broken a number of packages. I added tzdata-legacy build-dependencies to alembic and python-icalendar to deal with this in those packages, though there are still some other instances of this left.
I tracked down an nltk regression that caused build failures in many other packages.
I fixed Rust crate versioning issues in pydantic-core, python-bcrypt, and python-maturin (mostly fixed by Peter Michael Green and Jelmer Vernooij, but it needed a little extra work).
I fixed other build failures in entrypoints, mayavi2, python-pyvmomi (mostly fixed by Alexandre Detiste, but it needed a little extra work), and python-testing.postgresql (ditto).
I fixed python3-simpletal to tolerate future versions of dh-python that will drop their dependency on python3-setuptools.
I fixed broken symlinks in python-treq.
I removed (build-)depends on python3-pkg-resources from alembic, autopep8, buildbot, celery, flufl.enum, flufl.lock, python-public, python-wadllib (contributed upstream), pyvisa, routes, vulture, and zodbpickle (contributed upstream).
I upgraded astroid, asyncpg (fixing a Python 3.13 failure and a build failure), buildbot (noticing an upstream test bug in the process), dnsdiag, frozenlist, netmiko (fixing a Python 3.13 failure), psycopg3, pydantic-settings, pylint, python-asyncssh, python-bleach, python-btrees, python-cytoolz, python-django-pgtrigger, python-django-test-migrations, python-gssapi, python-icalendar, python-json-log-formatter, python-pgbouncer, python-pkginfo, python-plumbum, python-stdlib-list, python-tokenize-rt, python-treq (fixing a Python 3.13 failure), python-typeguard, python-webargs (fixing a build failure), pyupgrade, pyvisa, pyvisa-py (fixing a Python 3.13 failure), toolz, twisted, vulture, waitress (fixing CVE-2024-49768 and CVE-2024-49769), wtf-peewee, wtforms, zodbpickle, zope.exceptions, zope.interface, zope.proxy, zope.security, and zope.testrunner to new upstream versions.
I tried to fix a regression in python-scruffy, but I need testing feedback.
I requested removal of python-testing.mysqld.
Comments
With an account on the Fediverse or Mastodon, you can respond to this post. Since Mastodon is decentralized, you can use your existing account hosted by another Mastodon server or compatible platform if you don't have an account on this one. Known non-private replies are displayed below.
Learn how this is implemented here.