!cApDlsILLZkmAyVoxe:matrix.org

Matrix on Debian

202 Members
https://wiki.debian.org/Matrix91 Servers

Load older messages


Timestamp Message
24 Mar 2020
12:26:37@andrewsh:matrix.organdrewshThe patched version of Twisted in Debian is 18.9.0-8, Ubuntu ships security fixes in 18.9.0-6ubuntu1; both include all necessary security fixes. Twisted 20.3.0 is currently in Debian experimental and hopefully will be uploaded to unstable by the end of the week.
12:26:50@andrewsh:matrix.organdrewshDebian backports for Buster will see updated synapse and Twisted around the weekend when packages migrate to testing.
12:58:02@jonas:matrix.jones.dkjonasandrewsh: it is an antipattern to use tightened dependencies to handle security updates!
12:58:54@andrewsh:matrix.organdrewshI don’t see why; it would be if I started requiring 20.3.0 for example
12:58:45@jonas:matrix.jones.dkjonasplease express _functional_ constraints with dependencies, and leave security updating to package management
13:00:32@jonas:matrix.jones.dkjonasyou are not alone in not seeing it: it is a(n anti)pattern
13:00:53@andrewsh:matrix.organdrewshwell, I find this a functional constraint
13:01:00@andrewsh:matrix.organdrewsh🙂
13:01:58* @jonas:matrix.jones.dkjonas not really surprised by that type of response - was even considering not mentioning at all because of the expected reaction
13:50:35@grin:grin.hugrin jonas: we love you anyway, I can assure you. ❤︎
13:51:27@grin:grin.hugrin It is probably not [always] trivial to convince another maintainer to release an update as a security update when it's not their security.
13:52:29@grin:grin.hugrinAnd some would actually complain if the deps weren't tight, anyway. EIther ways someone complains. (As a sidenote: tight deps make my life miserable as well, but I see why are they there. [As I am sure you do as well, there weren't any implied message about you.])
13:52:51@grin:grin.hugrin * And some would actually complain if the deps weren't tight, anyway. EIther ways someone complains. (As a sidenote: tight deps make my life miserable as well, but I see why are they there. [As I am sure you do as well, there weren't any implied message about you.])
13:54:01@grin:grin.hugrinI bet someone would get angry if synapse would depend on any twisted but refused to start due to insecure lib.... 🙄
17:22:01@andrewsh:matrix.organdrewsh jonas: I appreciate your comments (I really do!) but I think in this case the benefit is there while the downsides are nearly nil
17:22:28@andrewsh:matrix.organdrewshand please do mention things like this next time 🙂
17:57:18@jonas:matrix.jones.dkjonasok :-)
25 Mar 2020
05:35:21@pythiap:matrix.orgpythiap left the room.
28 Mar 2020
04:54:18@_neb_rssbot_=40hubert=3auhoreg.ca:matrix.orgRSS Bot [@hubert:uhoreg.ca] Debian package news for matrix-synapse:
Problems while searching for a new upstream version
18:01:29@joerg:alea.gnuu.deJörg Sommer set a profile picture.
30 Mar 2020
04:49:30@_neb_rssbot_=40hubert=3auhoreg.ca:matrix.orgRSS Bot [@hubert:uhoreg.ca] Debian package news for matrix-synapse:
matrix-synapse 1.12.0-1 MIGRATED to testing
11:54:32@_neb_rssbot_=40hubert=3auhoreg.ca:matrix.orgRSS Bot [@hubert:uhoreg.ca] Debian package news for matrix-synapse:
Accepted matrix-synapse 1.12.0-1~bpo10+1 (source) into buster-backports
31 Mar 2020
10:17:58@discmuc:matrix.orgdiscmuc joined the room.
12:06:39@thomas.perret:matrix.gresille.orgmoht joined the room.
23:06:38@hkalbasi:junta.plhkalbasi joined the room.
23:14:29@hkalbasi:junta.plhkalbasi left the room.
1 Apr 2020
22:58:32@phaze:rmail.chphaze joined the room.
2 Apr 2020
17:22:57@heterochromia420:matrix.orgGillian changed their display name from Doppelganger Gil 🐧 to Gillian.
17:23:10@heterochromia420:matrix.orgGillian changed their profile picture.
17:23:17@heterochromia420:matrix.orgGillian changed their profile picture.

There are no newer messages yet.


Back to Room List