Opened 2 years ago

Last modified 5 months ago

#20643 needs_review task

make and maintain a registry of what debs are on and why

Reported by: arma Owned by: irl
Priority: Medium Milestone:
Component: Internal Services/Service - deb.tpo Version:
Severity: Normal Keywords:
Cc: hiro Actual Points:
Parent ID: Points:
Reviewer: arma Sponsor:


We've accumulated a variety of debs on, with a variety of maintainers. I think the knowledge of who these people are is not recorded well.

Step one, we should figure out who is in charge of each of the debs that's there. For example, is the pyptlib deb there because of one of the obfs debs? Or is it leftover from something and nobody needs it anymore? Similarly, is tor-arm there because it got brought in as a dependency to...something else that's there?

Then step two, we should write all of that in one place (a page on this wiki? a text file in the root? someway else?), and make sure that those people know that they have the responsibility to keep their debs up to date, or to decide to take them down when they're no longer needed.

Child Tickets

Change History (11)

comment:1 Changed 2 years ago by arma

Owner: changed from weasel to hiro
Status: newassigned

I'm giving this one to hiro since I bet weasel is unexcited to do it.

comment:2 Changed 2 years ago by arma

Oh, and for extra credit, we could figure out what our current policy is for adding new ones (I suspect it is "badger weasel until he says it's ok, and then later when you don't maintain your debs he regrets it"), and figure out an improved policy (like, something about having a sponsor who is a core tor contributor), and write it down for people.

comment:3 Changed 2 years ago by arma

And for extra extra credit, we could set up some nagios or other monitoring to let us know when the versions on have fallen behind the versions of the mainline debian repos.

comment:4 Changed 23 months ago by arma

To be clear, there's no need to edit or write to in order to do the items in this ticket.

comment:5 Changed 23 months ago by irl

I started having a go at this before I knew there was a ticket. Some ideas that I've had regarding this:

  • I like the view provided by DDPO (e.g.
  • I'd like to be able to compare to the versions in the corresponding Debian/Ubuntu suites
  • I'd like to see the results of uscan to see when the package needs updating to a new upstream (can be the results of the Debian package's uscan provided by Debian)
  • The packages on deb.tpo are listed nicely in the Sources.gz file for each suite, you can read these files with deb822 (in python-debian on Debian systems)
  • A single HTML table is really all that's required here
  • We could have a policy of having an extra Maintainer line in the control files that ends up in the Sources.gz to keep track of who is the maintainer for each package, depending on what the archive software supports (I think Ubuntu does this to differentiate the Ubuntu maintainer from the Debian maintainer)

comment:6 Changed 10 months ago by arma

I'm still excited for somebody to work on this!

The topic came up again in #25704, where somebody was suggesting putting nyx into our deb.tpo repo.

comment:7 Changed 6 months ago by irl

Owner: changed from hiro to irl
Status: assignedaccepted

Hoping to look at this this week.

comment:8 Changed 5 months ago by irl

Reviewer: arma
Status: acceptedneeds_review

I have compiled information here.

comment:9 Changed 5 months ago by atagar

Any reason we can't drop tor-arm?

comment:10 Changed 5 months ago by irl

atagar: Primarily the reason is not being sure that there is no reason. If you think we can drop it, then please file a ticket on the deb.tpo component.

comment:11 Changed 5 months ago by atagar

Thanks irl, done: #27084

Last edited 5 months ago by irl (previous) (diff)
Note: See TracTickets for help on using tickets.