Skip to main content

overlint: Static analysis for your Gentoo overlay

While repoman does a good job of finding smells in ebuilds, a tool to evaluate an overlay with respect to the state of the Gentoo main tree has to my knowledge been missing so far. overlint is a simple command line tool. From a technical view point it reports

  • which version bumps from the overlay are missing from the main tree (e.g. the overlay has 7.1 but the main tree has 7.0, only),
  • which revision bumps are missing from the main tree (e.g. the overlay has 3.0-r1 but the main tree has 3.0, only), and
  • which exact same revisions exist in both trees with differing ebuilds.

On a higher level these findings often indicate that

  • certain changes are still to be integrated with the Gentoo main tree to benefit a wider audience and/or that
  • an ebuild appeared in an overlay first but can be removed now as the Gentoo main tree has grown an equivalent (or identical) copy.

As a consequence overlint has two main use cases, each with a different user audience:

  • Overlay maintainers can use overlint to better keep their overlay in shape.
  • Gentoo developers and proxy maintainers can use overlint to detect valuable patches missing from the main tree.

Here is example output of overlint 0.4.1 for the calculate overlay:

# overlint-cli /var/lib/layman/calculate/
Version bumps missing from Gentoo main tree
  italc :: 1.0.13, 2.0.0
  foo2zjs :: 20081129, 20110512
  madwifi-ng ::
  madwifi-ng-tools ::

Revision bumps missing from Gentoo main tree
  unzip :: 6.0-r9
  wgetpaste :: 2.18-r1

Ebuils that differ at same revision
  unhide :: 20110113
  bin_replace_string :: 0.2
  qt-creator :: 2.4.1
  pam_keystore :: 0.1.3
  tw_cli :: 9.5.3
  grub :: 1.99-r2
  talloc :: 2.0.7
  linux-sources :: 0

To get it run:

# sudo emerge -av app-portage/overlint

The source code is up on;a=summary. For small patches just send them along, for bigger ones get in touch before the work, please. Thanks!

Fwd: SSL And The Future Of Authenticity

At 07:29 I should be long sleeping but this video of 2011 that I stumbled upon has kept me out of bed for longer. For entry-level security people like me the level of detail is great with this talk. At the point where the focus moves to a proposed solution that the speaker is involved with I had the impression that his view loses a bit of its objectivity and attention to detail due to personal, emotional involvement. I I could imagine that convergence is not the answer yet, but maybe it even is.

My virtual journey of today

I spent some time surfing the internet today (really!) and came by quite a few interesting things, unusually many in my perception. It all started with a video on Ganeti which led to a video on SELinux (which I knew zero about before) which in turn led to a video on mitmproxy. I googled "mitmproxy" and soon ran into the website and universe of Aldo Cortesi. There were an analysis of correlation between choice of programming language and other parameters like the number of contributers made from history on Github, an article about the use of Hilbert curves to binary blob visualization, thoughts on the pros and cons of using object-relational mappers in Python, a way to visualize sorting algorithms, entertaining code review bits on a javascript crypto libarary, the fact that the amount of gold can overflow in World of Warcraft, and a bunch of links to stuff on other sites that I followed including the 3D Mandelbulb, eyetracking-based guidelines on the design of web forms, a page that convinced me that it's very easy for a website to identify me as a certain past visitor even with cookies off, thoughts on how random humans want randomness to be, the fact that the mobile app of uploaded your entire address book without telling or asking before previously, that there are offers for 20 minutes CPU time on 400 machines each to crack WPA keys for about 20 US dollars, and how ugly OpenSSL's code is. My personal quote of today (from here) is: "A thing that two people can lift is not a router".

Fwd: Restless

At first it felt a bit like this movie was made for an audience of people below 30. Maybe it is. Restless is quite a sad movie. But it does make up for it and when it leaves it is not sadness that remains. Better see for yourself.

Fwd: Drive

My brother once said: Nicolas Cage is a guarantee for a crap movie. From from my past impressions the opposite seems to be true for Ryan Gosling. I'm just back from "Drive". Good movie. Two downsides. First it's very brutal. Reminded me of a scene in American History X once, the scene I wish I had never seen. Second, the loudness: loud is very loud or everything else too low. The theater I went to turned the volume up to a level where the action hurt my ears. I can still feel it. When it didn't crash-boom-bang the level was right. I liked the music.

(German) Leitfaden für Abschlussarbeiten an der TU Berlin

Die TU Berlin hat sich anscheinend entschieden, die Domain www.textlabor.tu-, das Textlabor, komplett offline zu nehmen. Das Textlabor hat bisher unter anderem den Leitfaden "AssisThesis — Qualitative Anforderungen an wissenschaftliche Arbeiten an der TU Berlin" bereitgestellt, über den nun so leicht niemand mehr stolpern wird. Sehr clever...

Judith Theu­er­kauf, die Haupt-Autorin von AssisThesis, hat allerdings eine eigene Webseite, wo das Dokument in zwei Editionen, eine für Studenten und eine für Betreuer, weiter zu finden ist.

Interessant auch: die TU Berlin hat damals 90.000 Euro in dieses Projekt investiert.