My best tool with package bumps: Meld
For quite some time I have been using Meld to detect relevant changes between two releases when I update a package in Gentoo. I run
# ebuild foobar-1.2.ebuild manifest prepare # ebuild foobar-1.3.ebuild manifest prepare
and throw Meld at both outputs
# meld /var/tmp/portage/[..]/foobar-1.2/work/foobar-1.2/ \ /var/tmp/portage/[..]/foobar-1.3/work/foobar-1.3/ &
Meld makes it easy to see what has changed and (especially) what has not
changed. With sole
diff -r that would be difficult. I usually start by
inspecting changes to
configure.ac. If upstream did a good job that diff
tells what dependencies to touch, already. Near the left and right margin you
can see where else the file has been modified. No need to scroll-search down
for more: you already know what you get.
ChangeLog files usually offer pointers of interest, too.
If my hint on Meld made a single Gentoo packager juggler's life easier or more efficient, I have achieved what I was aiming for. Sorry for the noise to everyone else.
second preview image up there has been losslessly reduced by 40% in size just
by running it through
overlint: Static analysis for your Gentoo overlay
While repoman does a good job of finding smells in ebuilds, a tool to evaluate an overlay with respect to the state of the Gentoo main tree has to my knowledge been missing so far. overlint is a simple command line tool. From a technical view point it reports
- which version bumps from the overlay are missing from the main tree (e.g. the overlay has 7.1 but the main tree has 7.0, only),
- which revision bumps are missing from the main tree (e.g. the overlay has 3.0-r1 but the main tree has 3.0, only), and
- which exact same revisions exist in both trees with differing ebuilds.
On a higher level these findings often indicate that
- certain changes are still to be integrated with the Gentoo main tree to benefit a wider audience and/or that
- an ebuild appeared in an overlay first but can be removed now as the Gentoo main tree has grown an equivalent (or identical) copy.
As a consequence overlint has two main use cases, each with a different user audience:
- Overlay maintainers can use overlint to better keep their overlay in shape.
- Gentoo developers and proxy maintainers can use overlint to detect valuable patches missing from the main tree.
Here is example output of overlint 0.4.1 for the calculate overlay:
# overlint-cli /var/lib/layman/calculate/ =============================================================== Version bumps missing from Gentoo main tree =============================================================== net-misc/ italc :: 1.0.13, 2.0.0 net-print/ foo2zjs :: 20081129, 20110512 net-wireless/ madwifi-ng :: 0.9.4.4178.20120131 madwifi-ng-tools :: 0.9.4.4178.20120131 =============================================================== Revision bumps missing from Gentoo main tree =============================================================== app-arch/ unzip :: 6.0-r9 app-text/ wgetpaste :: 2.18-r1 =============================================================== Ebuils that differ at same revision =============================================================== app-forensics/ unhide :: 20110113 dev-util/ bin_replace_string :: 0.2 qt-creator :: 2.4.1 sys-auth/ pam_keystore :: 0.1.3 sys-block/ tw_cli :: 9.5.3 sys-boot/ grub :: 1.99-r2 sys-libs/ talloc :: 2.0.7 virtual/ linux-sources :: 0
To get it run:
# sudo emerge -av app-portage/overlint
The source code is up on http://git.overlays.gentoo.org/gitweb/?p=proj/overlint.git;a=summary. For small patches just send them along, for bigger ones get in touch before the work, please. Thanks!
Fwd: More tricks for defeating SSL in practice
More Tricks For Defeating SSL in Practice - ekoparty Security Conference 5th edition from ekoparty on Vimeo.
I have actually been watching the Black USA 2009 version but it seems very very similar to the ekoparty one above, except without the view of the speaker.
Fwd: SSL And The Future Of Authenticity
At 07:29 I should be long sleeping but this video of 2011 that I stumbled upon has kept me out of bed for longer. For entry-level security people like me the level of detail is great with this talk. At the point where the focus moves to a proposed solution that the speaker is involved with I had the impression that his view loses a bit of its objectivity and attention to detail due to personal, emotional involvement. I I could imagine that convergence is not the answer yet, but maybe it even is.
My virtual journey of today
Fwd: Sarah Kay: If I should have a daughter ...
Fwd: Brené Brown: Listening to shame
At first it felt a bit like this movie was made for an audience of people below 30. Maybe it is. Restless is quite a sad movie. But it does make up for it and when it leaves it is not sadness that remains. Better see for yourself.
Beautiful. Strongly recommended.
My brother once said: Nicolas Cage is a guarantee for a crap movie. From from my past impressions the opposite seems to be true for Ryan Gosling. I'm just back from "Drive". Good movie. Two downsides. First it's very brutal. Reminded me of a scene in American History X once, the scene I wish I had never seen. Second, the loudness: loud is very loud or everything else too low. The theater I went to turned the volume up to a level where the action hurt my ears. I can still feel it. When it didn't crash-boom-bang the level was right. I liked the music.