devel-announce May 2020

devel-announce@lists.fedoraproject.org

7 participants
17 discussions

Fedora 33 System-Wide Change proposal: Aarch64 Pointer Authentication & Branch Target Enablement
by Ben Cotton 18 May '20

18 May '20

https://fedoraproject.org/wiki/Changes/Aarch64_PointerAuthentication == Summary == Arm Pointer Authentication (PAC) is a method of hardening code from Return Oriented Programming (ROP) attacks. It uses a tag in a pointer to sign and verify pointers. Branch Target Identification (BTI) is another code hardening method, where the branch/jump target is identified with a special landing pad instruction. Outside of some system support in glibc+kernel, packages gain the additional hardening by compiling with the -mbranch-protection= flag available in recent versions of GCC. In particular -mbranch-protection=standard enables both BTI and PAC, with backwards compatible to armv8.0 code sequences that activate on v8.3 (PAC) & v8.5 (BTI) enabled Arm machines. == Owner == * Name: [[User:jlinton| Jeremy Linton]] & ARM SIG * Email: jeremy.linton(a)arm.com == Benefit to Fedora == PAC & BTI are code hardening features, they should serve to make fedora more resistant to a couple further classes of runtime attacks. By enabling this early, fedora is once again proven to be at the leading edge of security and linux development. If everything works as planned, this change will be invisible to the end user, except in cases where the applications will trap behaviour that appears to be caused by exploit attempts. == Scope == * Proposal owners: Work with individual package maintainers in the case of build failures or runtime exceptions. In the latter case there are two possibilities. First on v8.0 hardware, which is currently the most common, the additional instruction sequences are treated as NOP's and should be completely ignored by the hardware. It may be possible on v8.3/8.5 hardware that PAC or BTI may need additional tweaks for hand written assembly which interacts with PAC/BTI enabled code. * Other developers: Assure their packages continue to compile and pass unit/integration/etc tests on v8.0 hardware. Continue to monitor runtime problems on v8.3+ for bugs, vs exploit attempts. * Release engineering: (pending) * Policies and guidelines: At the moment, nothing needs to be changed as this should propagate as the default set of RPM build flags. * Trademark approval: N/A (not needed for this Change) == Upgrade/compatibility impact == If everything works as planned, this should be transparent to the end user. == How To Test == Testing falls into two categories. Assuring that the packages continue to work on existing arm v8.0 hardware without PAC, and testing on PAC+BTI enabled hardware. For the most part the expectation from the fedora community is that package maintainers assure their packages continue to work on existing systems. PAC+ hardware will be in limited supply during the F33 development cycle, so the expectation is that owners of that hardware will perform more complete systemwide testing and report any defects found against the packages in question along with fixes or hardware access. == User Experience == (not supplied) == Dependencies == There are various gcc and kernel related changes which have already landed, but there continue to be a few cleanup patches trickling into the toolchain/compiler as problems are discovered. == Contingency Plan == * Contingency mechanism: (What to do? Who will do it?) Build affected packages with explicit compiler flags disabling the feature. Worse case the top level rpm macros reversion, and a rebuild of effected packages. Contingency deadline: Beta target. * Blocks release? No, except for major functionality loss due to core package bug. * Blocks product? No == Documentation == Arm pointer authentication is a technology designed to make software more robust by providing hardware assistance for code hardening. It protects pointers by cryptographically signing them and verifying their signatures when used, thereby mitigating certain attack vectors. Core support is provided to applications and libraries transparently via kernel and toolchain changes to generate hardended code. Branch Target identification, similarly provides landing pads, to harden code paths by restricting the processor from jumping into unexpected parts of a function. Further reference: * https://developer.arm.com/architectures/learn-the-architecture/providing-pr… * https://www.qualcomm.com/media/documents/files/whitepaper-pointer-authentic… * https://www.usenix.org/system/files/sec19fall_liljestrand_prepub.pdf * https://events.static.linuxfound.org/sites/events/files/slides/slides_23.pdf * https://lwn.net/Articles/789370/ -- Ben Cotton He / Him / His Senior Program Manager, Fedora & CentOS Stream Red Hat TZ=America/Indiana/Indianapolis

1 0

FESCo election nominations are now open
by Ben Cotton 13 May '20

13 May '20

Beginning today through 19 May, you may nominate candidates for the 4 open seats on the Fedora Engineering Steering Committee (FESCo). To nominate yourself (or others, if you check with them first), visit: https://fedoraproject.org/wiki/Development/SteeringCommittee/Nominations FESCo is currently selecting the questions for the interview questionnaire, which will be finalized before the beginning of the interview period. For more information, see the Community Blog post: https://communityblog.fedoraproject.org/fedora-32-elections-nominations-now… -- Ben Cotton He / Him / His Senior Program Manager, Fedora & CentOS Stream Red Hat TZ=America/Indiana/Indianapolis

1 1

Retired packages with maintainers
by Pierre-Yves Chibon 12 May '20

12 May '20

Good Morning Everyone, A little while ago we have received the request on the infra issue tracker to remove all maintainers of retired packages [1]. So today I decided to look at what this would look like and wrote a script that queries PDC for the list of all branches on all projects [2], gather from it a list of all the packages that are retired on all their branches (so all branches are ``active=false``). For each of these retired project, it queries dist-git to find out if they still have maintainers in addition to the ``orphan`` user. The outcome of this script can be found there: https://pingou.fedorapeople.org/retired_packages_with_maintainers.log Some stats about this: - 881 RPM packages are retired and still have maintainers (out of 4322 retired RPMs). - 662 of them are not orphaned - 42 modules are retired and still have maintainers (out of 42 retired modules). - all of them are not orphaned - 2 containers are retired and still have maintainers (out of 3 retired containers). - all of them are not orphaned Which brings a couple of questions: - Do we have a documented way to mark modules as orphaned or retired? - Should we orphan all the RPM packages that are retired but not orphaned? Finally, does everyone agree about the original request: "remove all maintainers of retired packages"? Or should we bring this to FESCo? Thanks for your inputs, Pierre [1] https://pagure.io/fedora-infrastructure/issue/8600 [2] https://pdc.fedoraproject.org/extras/active_branches.json (8+Mb file)

1 0

Orphaned packages looking for new maintainers
by Miro Hrončok 11 May '20

11 May '20

The following packages are orphaned and will be retired when they are orphaned for six weeks, unless someone adopts them. If you know for sure that the package should be retired, please do so now with a proper reason: https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life Note: If you received this mail directly you (co)maintain one of the affected packages or a package that depends on one. Please adopt the affected package or retire your depending package to avoid broken dependencies, otherwise your package will be retired when the affected package gets retired. Request package ownership via the *Take* button in he left column on https://src.fedoraproject.org/rpms/<pkgname> Full report available at: https://churchyard.fedorapeople.org/orphans-2020-05-11.txt grep it for your FAS username and follow the dependency chain. Package (co)maintainers Status Change ================================================================================ CPUFreqUtility orphan 5 weeks ago GREYCstoration orphan 5 weeks ago abcm2ps orphan 5 weeks ago adapta-gtk-theme orphan 5 weeks ago apache-commons-dbutils mizdebsk, orphan 5 weeks ago apache-commons-email mizdebsk, orphan 5 weeks ago apache-commons-jci jjelen, orphan 5 weeks ago apache-commons-jcs cquad, jjelen, orphan 6 weeks ago apanov-edrip-fonts frixxon, orphan 5 weeks ago apbs orphan, rathann 5 weeks ago artha orphan 5 weeks ago avalon-framework jerboaa, jjelen, mizdebsk, 6 weeks ago orphan avr-gdb giallu, orphan, trondd 5 weeks ago bea-stax jcapik, mizdebsk, orphan 1 weeks ago bmake orphan 2 weeks ago bval jjelen, orphan 5 weeks ago bygfoot orphan 5 weeks ago cassandra-java-driver hhorak, jjanco, orphan 5 weeks ago castor lef, orphan 5 weeks ago catimg orphan 5 weeks ago cdpr orphan 5 weeks ago cinnamon-applet-globalappmenu orphan 2 weeks ago cinnamon-themes jcpunk, orphan 2 weeks ago cmyktool orphan 5 weeks ago codemodel dmoluguw, edewata, orphan 0 weeks ago cog orphan 5 weeks ago coriander dajt, orphan 5 weeks ago dateshift orphan 5 weeks ago dibbler orphan 5 weeks ago docco nodejs-sig, orphan, patches 5 weeks ago driftnet orphan, pwouters 3 weeks ago dsi orphan 5 weeks ago echoping orphan 5 weeks ago eclipse-avr orphan 5 weeks ago eclipse-egit-github eclipse-sig, orphan 5 weeks ago eclipse-mylyn arobinso, eclipse-sig, 5 weeks ago jjohnstn, kdaniel, orphan, rgrunber eclipse-photran akurtakov, eclipse-sig, orphan 5 weeks ago eclipse-ptp eclipse-sig, jjohnstn, 5 weeks ago kdaniel, orphan eclipse-subclipse eclipse-sig, kdaniel, orphan 5 weeks ago eclipse-testng eclipse-sig, orphan 5 weeks ago eclipse-webtools eclipse-sig, galileo, orphan 5 weeks ago emacs-mmm orphan 5 weeks ago fcoe-utils orphan 5 weeks ago felix-framework mizdebsk, msimacek, orphan 0 weeks ago felix-osgi-obr-resolver orphan 0 weeks ago flatbuffers orphan 5 weeks ago foma orphan 5 weeks ago fts andreamanzi, orphan 5 weeks ago geronimo-jcache jjelen, lef, orphan 5 weeks ago geronimo-jcdi-1.0-api jjelen, lef, orphan 6 weeks ago ggz-gtk-client orphan, pwalter 5 weeks ago glassfish-fastinfoset dmoluguw, edewata, orphan 0 weeks ago gluegen2 orphan 5 weeks ago gmpc orphan 2 weeks ago gnomad2 orphan 5 weeks ago gnomint orphan 5 weeks ago gpsdrive orphan 5 weeks ago gtick orphan, renich 5 weeks ago gtkdialog orphan 5 weeks ago guava20 mizdebsk, orphan 5 weeks ago gwget orphan 5 weeks ago hcc orphan 5 weeks ago hfsplusutils orphan 5 weeks ago hovercraft orphan, ralph 5 weeks ago imageinfo orphan 5 weeks ago istack-commons dmoluguw, edewata, orphan 0 weeks ago istatd orphan 3 weeks ago java-vash orphan 5 weeks ago jboss-jsf-2.2-api jjelen, lef, orphan 6 weeks ago jchart2d orphan 5 weeks ago jetty-parent mizdebsk, orphan 5 weeks ago jlatexmath orphan 5 weeks ago jline3 orphan 5 weeks ago josm jjelen, orphan 5 weeks ago jruby lef, msrb, orphan, vondruch 5 weeks ago js-php-date-formatter orphan 3 weeks ago lde orphan 5 weeks ago libccp4 orphan 5 weeks ago libnih orphan 5 weeks ago libopensync-plugin-gnokii awjb, orphan 5 weeks ago libvtemm hguemar, orphan 5 weeks ago lldpad orphan 5 weeks ago maven-release jcapik, orphan 1 weeks ago maven-stage-plugin huwang, orphan 5 weeks ago mboxgrep orphan 5 weeks ago mbrowse orphan 5 weeks ago metrics-reporter-config hhorak, orphan 5 weeks ago mipv6-daemon orphan 5 weeks ago musique orphan, skytux 5 weeks ago mx4j dwalluck, orphan 5 weeks ago mycila-pom orphan 5 weeks ago nodejs-base64-arraybuffer orphan 5 weeks ago nodejs-bcryptjs orphan 5 weeks ago nodejs-bunyan nodejs-sig, orphan 5 weeks ago nodejs-chai-cheerio orphan 5 weeks ago nodejs-chai-fs orphan 5 weeks ago nodejs-cheerio orphan 5 weeks ago nodejs-cjson nodejs-sig, orphan 5 weeks ago nodejs-collections nodejs-sig, orphan, patches 5 weeks ago nodejs-commonmark nodejs-sig, orphan 5 weeks ago nodejs-connect nodejs-sig, orphan, patches 5 weeks ago nodejs-convert-source-map nodejs-sig, orphan 5 weeks ago nodejs-cookie-session orphan 5 weeks ago nodejs-cors orphan 5 weeks ago nodejs-css-select nodejs-sig, orphan 5 weeks ago nodejs-csscomb-core nodejs-sig, orphan 5 weeks ago nodejs-csslint nodejs-sig, orphan 5 weeks ago nodejs-default-resolution orphan 5 weeks ago nodejs-defence nodejs-sig, orphan 5 weeks ago nodejs-del nodejs-sig, orphan 5 weeks ago nodejs-delete orphan 5 weeks ago nodejs-engine-dot-io-client orphan 5 weeks ago nodejs-engine-dot-io-parser orphan 5 weeks ago nodejs-espower orphan 5 weeks ago nodejs-esprima nodejs-sig, orphan, patches 5 weeks ago nodejs-esprima-fb nodejs-sig, orphan 5 weeks ago nodejs-esprima-harmony-jscs nodejs-sig, orphan 5 weeks ago nodejs-expect nodejs-sig, orphan 5 weeks ago nodejs-fake orphan 5 weeks ago nodejs-find-cache-dir nodejs-sig, orphan 5 weeks ago nodejs-find-up nodejs-sig, orphan, sergiomb 5 weeks ago nodejs-flat-cache orphan 5 weeks ago nodejs-fs-promise orphan 5 weeks ago nodejs-git-remote-origin-url orphan 5 weeks ago nodejs-gitconfiglocal orphan 5 weeks ago nodejs-gnode orphan 5 weeks ago nodejs-grunt-contrib-clean nodejs-sig, orphan, patches 5 weeks ago nodejs-grunt-contrib-csslint nodejs-sig, orphan 5 weeks ago nodejs-grunt-init nodejs-sig, orphan, patches, 5 weeks ago piotrp nodejs-grunt-lib-contrib nodejs-sig, orphan, patches 5 weeks ago nodejs-highlight-js nodejs-sig, orphan, patches 5 weeks ago nodejs-htmlparser2 nodejs-sig, orphan 5 weeks ago nodejs-i nodejs-sig, orphan, patches 5 weeks ago nodejs-is-arrow-function nodejs-sig, orphan 5 weeks ago nodejs-is-error orphan 5 weeks ago nodejs-jasmine-growl-reporter nodejs-sig, orphan, patches 5 weeks ago nodejs-json-parse-helpfulerror nodejs-sig, orphan 5 weeks ago nodejs-lcov-parse nodejs-sig, orphan 5 weeks ago nodejs-load-grunt-tasks nodejs-sig, orphan, patches 5 weeks ago nodejs-locate-path nodejs-sig, orphan, sergiomb 5 weeks ago nodejs-loophole orphan 5 weeks ago nodejs-ltx nodejs-sig, orphan, patches 5 weeks ago nodejs-make-dir orphan 5 weeks ago nodejs-mock-bin orphan 5 weeks ago nodejs-mock-git orphan 5 weeks ago nodejs-netmask nodejs-sig, orphan 5 weeks ago nodejs-ng-classify orphan 5 weeks ago nodejs-object-dot-entries nodejs-sig, orphan 5 weeks ago nodejs-object-dot-pick orphan 5 weeks ago nodejs-only-shallow nodejs-sig, orphan 5 weeks ago nodejs-opal-runtime orphan 5 weeks ago nodejs-passport-oauth2-client- orphan 5 weeks ago password nodejs-pkg-dir nodejs-sig, orphan 5 weeks ago nodejs-pkg-up nodejs-sig, orphan, sergiomb 5 weeks ago nodejs-q nodejs-sig, orphan, patches 5 weeks ago nodejs-q-io nodejs-sig, orphan, patches 5 weeks ago nodejs-qunit-extras nodejs-sig, orphan 5 weeks ago nodejs-read-json-sync orphan 5 weeks ago nodejs-redent nodejs-sig, orphan 5 weeks ago nodejs-replace-ext nodejs-sig, orphan 5 weeks ago nodejs-ret orphan 5 weeks ago nodejs-revalidator nodejs-sig, orphan, patches 5 weeks ago nodejs-select-hose orphan 5 weeks ago nodejs-snockets nodejs-sig, orphan, patches 5 weeks ago nodejs-source-map-support orphan 5 weeks ago nodejs-strong-log-transformer orphan 5 weeks ago nodejs-tern-cordovajs galileo, nodejs-sig, orphan, 5 weeks ago vjancik nodejs-to-absolute-glob nodejs-sig, orphan 5 weeks ago nodejs-underscore-dot-logger nodejs-sig, orphan, patches 5 weeks ago nodejs-url2 nodejs-sig, orphan, patches 5 weeks ago nodejs-vasync nodejs-sig, orphan 5 weeks ago nodejs-watchit nodejs-sig, orphan, patches 5 weeks ago nodejs-winston nodejs-sig, orphan, patches, 5 weeks ago piotrp nodejs-write orphan 5 weeks ago nodejs-xmlhttprequest-ssl orphan 5 weeks ago nyquist orphan 5 weeks ago ocitools orphan 5 weeks ago opendchub orphan 5 weeks ago openjpa jjelen, lef, orphan 6 weeks ago oshinko-cli orphan 5 weeks ago pangox-compat orphan, rathann 1 weeks ago parfait agerstmayr, mgoodwin, nathans, 5 weeks ago orphan php-onelogin-php-saml orphan 5 weeks ago pidgin-musictracker orphan 5 weeks ago plexus-bsh-factory mizdebsk, orphan 5 weeks ago publican-jboss orphan 5 weeks ago pwmd orphan 5 weeks ago python-args orphan 2 weeks ago python-bashate apevec, openstack-sig, orphan 5 weeks ago python-clint orphan 2 weeks ago python-flower orphan 2 weeks ago python-hug orphan 5 weeks ago python-invocations orphan 2 weeks ago python-poppler-qt4 orphan 5 weeks ago python-social-auth-app-flask orphan 2 weeks ago python-social-auth-app-flask- orphan 2 weeks ago sqlalchemy python-social-auth-core orphan 2 weeks ago python-social-auth-storage- orphan 2 weeks ago sqlalchemy python-sphinxcontrib-fulltoc orphan, williamjmorenor 2 weeks ago python-sqlalchemy_schemadisplay orphan 2 weeks ago reactfx orphan 5 weeks ago relaxngDatatype dbhole, mizdebsk, orphan 2 weeks ago relaxngcc orphan 2 weeks ago repmgr orphan 5 weeks ago rescu orphan 5 weeks ago rfdump orphan 5 weeks ago rigsofrods orphan 5 weeks ago rubygem-aws-sdk-core orphan 5 weeks ago rubygem-diff_dirs orphan 2 weeks ago rubygem-gettext_i18n_rails orphan, tagoh 2 weeks ago rubygem-mixlib-log orphan 5 weeks ago rubygem-rack-attack orphan 5 weeks ago rubygem-ruby2ruby orphan 2 weeks ago rubygem-ruby_parser orphan 2 weeks ago rubygem-slop orphan 2 weeks ago rubygem-yell orphan 5 weeks ago saoimage mmahut, orphan 5 weeks ago scilab orphan 1 weeks ago scrot orphan 5 weeks ago si-units brolley, mgoodwin, nathans, 5 weeks ago orphan snapraid orphan 5 weeks ago sound-juicer alexl, caillon, caolanm, 2 weeks ago gnome-sig, hadess, johnp, mbarnes, orphan, rhughes, rstrode, ssp, teuf sscep orphan 5 weeks ago sse2fedmsg orphan 2 weeks ago sslext jjelen, orphan 5 weeks ago stax-ex orphan 2 weeks ago stream-lib lef, orphan 5 weeks ago struts jjelen, orphan 5 weeks ago svnkit dbhole, jfilak, orphan 5 weeks ago telepathy-rakia orphan 5 weeks ago termy-qt orphan 5 weeks ago tomahawk comzeradd, kde-sig, magnu5, 5 weeks ago orphan typesafe-config gil, orphan 5 weeks ago ubertooth orphan 5 weeks ago uglify-js jamielinux, nodejs-sig, 1 weeks ago orphan, patches, piotrp, vjancik uom-lib brolley, mgoodwin, nathans, 5 weeks ago orphan uom-se brolley, mgoodwin, nathans, 5 weeks ago orphan uom-systems brolley, mgoodwin, nathans, 5 weeks ago orphan vagrant-hostmanager orphan 2 weeks ago velocity-tools jjelen, lef, orphan 5 weeks ago waypipe orphan 5 weeks ago wmmon orphan 5 weeks ago wpewebkit orphan 5 weeks ago xmlstreambuffer orphan 2 weeks ago xneur orphan 5 weeks ago xsom dmoluguw, edewata, orphan 0 weeks ago The following packages require above mentioned packages: Report too long, see the full version at https://churchyard.fedorapeople.org/orphans-2020-05-11.txt (grep it for your username and follow the dependency chain) Affected (co)maintainers (either directly or via packages' dependencies): abbra: uglify-js abompard: python-sqlalchemy_schemadisplay agerstmayr: si-units, parfait, uom-se, uom-systems, uom-lib, guava20 akurtakov: eclipse-photran alexl: sound-juicer amdunn: emacs-mmm anaconda-maint: lldpad, fcoe-utils andreamanzi: fts anvil: pangox-compat apevec: python-bashate arobinso: eclipse-subclipse, eclipse-mylyn, svnkit, guava20 avigne: pangox-compat awjb: libopensync-plugin-gnokii awood: felix-framework, felix-osgi-obr-resolver besser82: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path bowlofeggs: js-php-date-formatter, guava20, uglify-js brendt: imageinfo brolley: uom-lib, si-units, uom-systems, uom-se caillon: sound-juicer caolanm: sound-juicer cheeselee: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path churchyard: pangox-compat cicku: pangox-compat clime: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path comzeradd: tomahawk copr-sig: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path corsepiu: pangox-compat cquad: apache-commons-jci, struts, apache-commons-jcs, bval, geronimo-jcache, jboss-jsf-2.2-api, openjpa, velocity-tools, sslext, geronimo-jcdi-1.0-api cwickert: pangox-compat dajt: coriander dbhole: relaxngDatatype, svnkit dcallagh: uglify-js dgoodwin: felix-framework, felix-osgi-obr-resolver dmoluguw: bea-stax, glassfish-fastinfoset, relaxngDatatype, xsom, relaxngcc, stax-ex, codemodel, xmlstreambuffer, istack-commons dturecek: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path dvratil: telepathy-rakia dwalluck: mx4j eclipse-sig: eclipse-photran, svnkit, eclipse-ptp, eclipse-testng, eclipse-webtools, eclipse-subclipse, eclipse-egit-github, eclipse-mylyn, guava20 edewata: bea-stax, glassfish-fastinfoset, relaxngDatatype, xsom, relaxngcc, stax-ex, codemodel, xmlstreambuffer, istack-commons ellert: guava20, uglify-js elsupergomez: pangox-compat fcami: uglify-js frixxon: apanov-edrip-fonts frostyx: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path galileo: nodejs-tern-cordovajs, nodejs-source-map-support, guava20, eclipse-webtools germano: pangox-compat giallu: avr-gdb gil: typesafe-config gnome-sig: sound-juicer hadess: sound-juicer hguemar: libvtemm hhorak: felix-framework, cassandra-java-driver, metrics-reporter-config, felix-osgi-obr-resolver, guava20 huwang: maven-stage-plugin infra-sig: python-sqlalchemy_schemadisplay ipa-maint: uglify-js itamarjp: pangox-compat jamielinux: nodejs-q-io, nodejs-highlight-js, nodejs-jasmine-growl-reporter, uglify-js, nodejs-esprima, nodejs-q, docco, nodejs-source-map-support, nodejs-watchit, nodejs-revalidator, nodejs-url2, nodejs-snockets, nodejs-json-parse-helpfulerror, nodejs-winston, nodejs-collections, guava20 jaruga: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path jcapik: bea-stax, maven-release jcerny: lldpad, fcoe-utils jcpunk: cinnamon-themes jdunn: rubygem-mixlib-log jerboaa: avalon-framework jfilak: svnkit jgrulich: telepathy-rakia jgu: uglify-js jhrozek: uglify-js jjanco: felix-framework, cassandra-java-driver, felix-osgi-obr-resolver, guava20 jjelen: apache-commons-jci, struts, apache-commons-jcs, bval, josm, geronimo-jcache, avalon-framework, jboss-jsf-2.2-api, openjpa, velocity-tools, sslext, geronimo-jcdi-1.0-api jjohnstn: eclipse-photran, svnkit, eclipse-ptp, eclipse-subclipse, eclipse-mylyn, guava20 jkonecny: lldpad, fcoe-utils johnp: sound-juicer jpokorny: relaxngDatatype jreznik: telepathy-rakia jsmith: nodejs-find-up, nodejs-make-dir, nodejs-expect, nodejs-lcov-parse, guava20, nodejs-esprima, nodejs-source-map-support, nodejs-flat-cache, nodejs-replace-ext, nodejs-delete, nodejs-is-error, nodejs-read-json-sync, nodejs-commonmark, nodejs-locate-path, nodejs-ret, nodejs-jasmine-growl-reporter, nodejs-defence, uglify-js, nodejs-del, nodejs-esprima-fb, nodejs-q, nodejs-pkg-dir, nodejs-write, nodejs-object-dot-pick kasong: lldpad, fcoe-utils kdaniel: eclipse-photran, svnkit, eclipse-ptp, eclipse-subclipse, eclipse-mylyn, guava20 kde-sig: tomahawk kumarpraveen: uglify-js lef: castor, apache-commons-jci, struts, felix-framework, stream-lib, bval, geronimo-jcache, jruby, jboss-jsf-2.2-api, openjpa, velocity-tools, felix-osgi-obr-resolver, sslext, geronimo-jcdi-1.0-api limb: pangox-compat m4rtink: lldpad, fcoe-utils magnu5: tomahawk mathstuf: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path matyc: lldpad, fcoe-utils mbarnes: sound-juicer mbooth: guava20, eclipse-webtools mck182: telepathy-rakia mgoodwin: si-units, parfait, uom-se, uom-systems, uom-lib, guava20 mizdebsk: bea-stax, relaxngDatatype, felix-framework, felix-osgi-obr-resolver, eclipse-webtools, avalon-framework, jetty-parent, apache-commons-email, apache-commons-dbutils, guava20, plexus-bsh-factory mkosek: uglify-js mmahut: saoimage mpreisle: lldpad, fcoe-utils mrunge: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path msimacek: felix-framework, felix-osgi-obr-resolver msrb: felix-framework, felix-osgi-obr-resolver, jruby msuchy: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path mtasaka: pangox-compat, rubygem-gettext_i18n_rails, rubygem-ruby_parser nathans: si-units, parfait, uom-se, uom-systems, uom-lib, guava20 nb: pangox-compat neuro-sig: maven-release nodejs-sig: nodejs-highlight-js, nodejs-find-cache-dir, nodejs-connect, nodejs-find-up, nodejs-qunit-extras, nodejs-grunt-contrib-csslint, nodejs-grunt-lib-contrib, nodejs-redent, nodejs-underscore-dot-logger, nodejs-css-select, nodejs-is-arrow-function, nodejs-csscomb-core, nodejs-expect, nodejs-load-grunt-tasks, nodejs-netmask, nodejs-winston, nodejs-lcov-parse, guava20, nodejs-pkg-up, nodejs-only-shallow, nodejs-esprima, docco, nodejs-source-map-support, nodejs-htmlparser2, nodejs-flat-cache, nodejs-ltx, nodejs-snockets, nodejs-json-parse-helpfulerror, nodejs-vasync, nodejs-cjson, nodejs-collections, nodejs-bunyan, nodejs-q-io, nodejs-replace-ext, nodejs-esprima-harmony-jscs, nodejs-convert-source-map, nodejs-i, nodejs-delete, nodejs-read-json-sync, nodejs-tern-cordovajs, nodejs-commonmark, nodejs-url2, nodejs-object-dot-entries, nodejs-locate-path, nodejs-ret, nodejs-to-absolute-glob, nodejs-grunt-contrib-clean, nodejs-grunt-init, nodejs-defence, nodejs-jasmine-growl-reporter, uglify-js, nodejs-del, nodejs-esprima-fb, nodejs-q, nodejs-pkg-dir, nodejs-write, nodejs-revalidator, nodejs-watchit, nodejs-csslint nonamedotc: pangox-compat nushio: pangox-compat openstack-sig: nodejs-pkg-up, nodejs-find-up, nodejs-locate-path, python-bashate, nodejs-load-grunt-tasks patches: nodejs-highlight-js, nodejs-connect, nodejs-find-up, nodejs-grunt-lib-contrib, nodejs-underscore-dot-logger, nodejs-load-grunt-tasks, nodejs-winston, guava20, nodejs-pkg-up, nodejs-esprima, docco, nodejs-source-map-support, nodejs-ltx, nodejs-snockets, nodejs-json-parse-helpfulerror, nodejs-collections, nodejs-q-io, nodejs-i, nodejs-url2, nodejs-locate-path, nodejs-grunt-contrib-clean, nodejs-grunt-init, nodejs-jasmine-growl-reporter, uglify-js, nodejs-q, nodejs-revalidator, nodejs-watchit peter: pangox-compat piotrp: nodejs-grunt-init, nodejs-jasmine-growl-reporter, uglify-js, nodejs-esprima, nodejs-q, nodejs-source-map-support, nodejs-revalidator, nodejs-json-parse-helpfulerror, nodejs-winston pjp: uglify-js praiskup: nodejs-pkg-up, nodejs-esprima, nodejs-find-up, nodejs-locate-path, nodejs-load-grunt-tasks puiterwijk: pangox-compat pvoborni: uglify-js pwalter: pangox-compat, ggz-gtk-client pwouters: driftnet qulogic: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path ralph: hovercraft rathann: pangox-compat, apbs raveit65: pangox-compat rcritten: uglify-js rdieter: pangox-compat, telepathy-rakia rdopiera: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path renich: gtick rgrunber: eclipse-subclipse, eclipse-mylyn, svnkit, guava20 rhughes: sound-juicer rstrode: sound-juicer ruben: uglify-js ruby-packagers-sig: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path rvykydal: lldpad, fcoe-utils sagitter: uglify-js, apbs sbueno: lldpad, fcoe-utils scitech_sig: pangox-compat sergiomb: nodejs-pkg-up, uglify-js, nodejs-find-up, apbs, nodejs-locate-path, guava20 sic: nodejs-load-grunt-tasks, nodejs-pkg-up, nodejs-find-up, nodejs-locate-path simo: uglify-js skytux: musique smani: pangox-compat spot: nodejs-pkg-up, nodejs-find-up, nodejs-locate-path, pangox-compat, nodejs-load-grunt-tasks ssp: sound-juicer stefanok: pangox-compat stefw: lldpad, fcoe-utils sundaram: uglify-js taaem: pangox-compat tagoh: rubygem-gettext_i18n_rails, rubygem-ruby_parser tc01: relaxngDatatype, nodejs-winston, guava20, uglify-js teuf: sound-juicer timfenn: libccp4 tjikkun: uglify-js tomh: nodejs-highlight-js, nodejs-jasmine-growl-reporter, nodejs-connect, uglify-js, nodejs-esprima, nodejs-q, docco, nodejs-revalidator, nodejs-watchit, nodejs-winston, guava20 trondd: avr-gdb tstellar: hcc twoerner: uglify-js uwog: pangox-compat valtri: rubygem-aws-sdk-core vjancik: nodejs-tern-cordovajs, nodejs-source-map-support, uglify-js vondruch: nodejs-pkg-up, felix-framework, nodejs-find-up, nodejs-locate-path, jruby, nodejs-load-grunt-tasks, felix-osgi-obr-resolver vpodzime: lldpad, fcoe-utils vponcova: lldpad, fcoe-utils williamjmorenor: python-sphinxcontrib-fulltoc xavierb: nodejs-grunt-contrib-clean zbyszek: maven-release, guava20 zvetlik: nodejs-source-map-support -- The script creating this output is run and developed by Fedora Release Engineering. Please report issues at its pagure instance: https://pagure.io/releng/ The sources of this script can be found at: https://pagure.io/releng/blob/master/f/scripts/find_unblocked_orphans.py

1 0

Proposal: Add "Feedback" section to change proposal template
by Ben Cotton 05 May '20

05 May '20

churchyard suggested we add a "Feedback" section to the Change proposal template[1]. I see two benefits to this: 1. It provides FESCo a useful summary of the community feedback (and in particular the reasoning behind rejecting alternatives) to simplify the voting process 2. It improves the historical record so that future Fedorans can understand why a change was implemented in a particular way and not another I have drafted proposed edits[2] to the Changes documentation that would add an optional Feedback section to the template. I am opening this up for community discussion before submitting it to FESCo for approval. The reason we chose to go with making this optional is that making it mandatory would necessarily add additional wait time before proposals are sent to FESCo. And also it's better to ease people into the idea. :-) [1] https://fedoraproject.org/wiki/Changes/EmptyTemplate [2] https://pagure.io/fedora-pgm/pgm_docs/pull-request/2 -- Ben Cotton He / Him / His Senior Program Manager, Fedora & CentOS Stream Red Hat TZ=America/Indiana/Indianapolis

1 0

Announcing bugzilla overrides coming to dist-git (stg)
by Pierre-Yves Chibon 04 May '20

04 May '20

Good Morning Everyone, A little while ago[1], we integrated anitya in dist-git itself, allowing to stop using fedora-scm-request's[2] git repository to store this information. However, this git repository is still being used to store bugzilla overrides (i.e.: default assignee on bugzilla ticket when they differ from the point of contact (main admin) of the package in dist-git). Together with Karsten Hopp we worked on integrating this functionality on pagure-dist-git[3], thus allowing to get rid entirely of the git repository at fedora-scm-request[2]. This work has been deployed in staging today. We would very much appreciate if you could take a few minute of your time and see if it works to your liking: https://src.stg.fedoraproject.org/ The overrides information from production has been migrated yesterday to the staging dist-git, so what you see in the UI reflects the current state of the overrides in production as of yesterday. Here is an example with an override: https://src.stg.fedoraproject.org/rpms/0ad One note: in the rpms namespace, the UI will always show you the default assignee for Fedora and Fedora EPEL, regardless of whether the package is in EPEL. This is a shortcoming we are aware of and will be looking at fixing in the near future but potentially after it has reached production. Thank you for your understanding and help testing this, Pierre [1] https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedorapr… [2] https://pagure.io/releng/fedora-scm-requests [3] https://pagure.io/pagure-dist-git/

1 1

Fedora 33 System-Wide Change proposal: Node.js 14.x by default
by Ben Cotton 01 May '20

01 May '20

https://fedoraproject.org/wiki/Changes/Nodejs14x == Summary == The latest release of Node.js to carry a 30-month lifecycle is the 14.x series. As with 12.x, 10.x and 8.x before it, Fedora 33 will carry 14.x as the default Node.js interpreter for the system. The 12.x interpreter will remain available as a non-default module stream. == Owner == * Name: [[User:zvetlik| Zuzana Svetlikova]] * Email: zsvetlik(a)redhat.com * Name: [[User:Sgallagh| Stephen Gallagher]] * Email: sgallagh(a)fedoraproject.org * Responsible SIG: Node.js SIG == Detailed Description == Fedora 33 will ship with the latest LTS version of Node.js by default. This will either be the `nodejs:14` module stream or else replicated to the non-modular repository, depending on the status of other release engineering work around supporting modular content in the non-modular buildroots. To end-users, the experience should be identical: `dnf install nodejs` will give them `nodejs-14.x` and the matching `npm` package. == Benefit to Fedora == Node.js is a popular server-side JavaScript engine. Keeping Fedora on the latest release allows us to continue tracking the state-of-the-art in that space. For those whose applications do not yet work with the 14.x release, Fedora 33 will also have the 12.x release available as a selectable module stream. == Scope == * Proposal owners: The packages are already built for Fedora 33 in a non-default module stream. On June 14th, 2020, the nodejs-14.x packages will become the default in Fedora 33 (either by making the 14.x module stream be the default stream or by rebuilding the packages as non-modular, depending on other factors). * Other developers: Any developer with a package that depends on Node.js at run-time or build-time should test with the 14.x module stream enabled as soon as possible. Issues should be reported to nodejs(a)lists.fedoraproject.org * Release engineering: [https://pagure.io/releng/issue/9426 #9426] Release engineering and FESCo will need to approve the change to the default module stream. * Policies and guidelines: N/A (not needed for this Change) * Trademark approval: N/A (not needed for this Change) == Upgrade/compatibility impact == As with previous releases, users running Fedora 31 or Fedora 32 with the non-modular nodejs-12.x packages will be automatically upgraded to the 14.x packages, which may cause issues. If users are running software known not to support Node.js 14.x yet, they can switch the system to use 12.x with dnf module commands. == How To Test == * Confirm that `dnf install nodejs` results in Node.js 14.x being installed. * Confirm that upgrading from Fedora 31 or Fedora 32 with nodejs-12.x installed (non-modular) results in an upgrade to nodejs-14.x * Confirm that upgrading from Fedora 31 or Fedora 32 with the `nodejs:12` module enabled does *not* result in an upgrade to 14.x and still has `nodejs:12` enabled on Fedora 33. * Confirm that upgrading from Fedora 31 or Fedora 32 with the `nodejs:14` module enabled upgrades successfully and still has `nodejs:14` enabled on Fedora 33. == User Experience == Users will have the 14.x release of Node.js available by default. See the "Upgrade/compatibility impact" section for specific details. == Dependencies == All packages prefixed with `nodejs-` depend on this package. If they do not work with Node.js 14.x, they will need to be updated, made modular and dependent upon the `nodejs:12` stream or else removed from Fedora 33. Prior to the switchover date to Node.js 14.x as the default, packagers are strongly encouraged to test their existing Node modules with 14.x via the Modular version by running: ``` dnf reset nodejs dnf module install nodejs:12/development ``` == Contingency Plan == * Contingency mechanism: Revert to Node.js 12.x as the default stream. This may require bumping epoch or making the `nodejs:12` stream the default, depending on the status of the modules-in-non-modular-buildroot work at the time. * Contingency deadline: Beta Freeze * Blocks release? No * Blocks product? No == Documentation == * https://nodejs.org/dist/latest-v14.x/docs/api/ * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md == Release Notes == Fedora 33 now ships with Node.js 14.x as the default Node.js JavaScript server-side engine. If your applications are not yet ready for this newer version, you can revert to the 12.x series by running the following commands <pre> dnf remove nodejs dnf module reset nodejs dnf module install nodejs:14 </pre> -- Ben Cotton He / Him / His Senior Program Manager, Fedora & CentOS Stream Red Hat TZ=America/Indiana/Indianapolis

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

devel-announce May 2020