[opensuse-factory] Tumbleweed – Review of the weeks 2019/04 – 07 - openSUSE Factory

newer
[opensuse-factory] New Tumbleweed...

[opensuse-factory] Tumbleweed – Review of the weeks 2019/04 – 07

older
[opensuse-factory] Leap 15.1 Build...

Dominique Leuenberger / DimStar

15 Feb 2019 15 Feb '19

13:06

Dear Tumbleweed users and hackers, From the title of this post, it becomes apparent that I have to change something in my weekly planning – like better allocate time to writing the weekly reviews, and maybe stop taking a vacation 🙂 So I started looking into the releases of the last 4 weeks and was shocked to only find 8 snapshots (0121, 0124, 0125, 0126, 0201, 0202, 0205 and 0209). This is not how it used to be – but then, the last couple days/weeks also had some major updates that disrupted the flow a bit – Updates, we have all been eagerly awaiting, such as: * KDE Applications 18.12.1 * KDE Frameworks 5.54.0 * Linux kernel 4.20.2, 4.20.4 & 4.20.6 8 LibreOffice 6.2 * Wine 4.0 & 4.1 * Python 3.7 * Bash 5.0 * Readline 8.0 * Mesa 18.3.2 * glibc 2.29 * Ruby 2.6 * sysconfig 0.85.x Unfortunately, not all of those updates (looking at you, sysconfig) have been as painless to the users as they should have been – I’d like to apologize at this point for the trouble caused. Any such issue is taken as input into our testing infrastructure, in an attempt to better catch such issues before users struggle with them. Despite all those major achievements, a lot of new updates / changes are already being forged: * KDE Applications 18.12.2 & KDE Frameworks 5.55.0 (both to come in snapshot 0214+) * Mozilla Firefox 65.0 * Flatpak 1.2.0 * Linux kernel 4.20.7 and beyond * Removal of Ruby 2.5 from the distribution * Filesystem blacklisting: The kernel won’t autoload all filesystem modules anymore. The modules stay available, but won’t be autoloaded * Binutils 2.32 Cheers, Dominique

Attachments:

signature.asc (application/pgp-signature — 195 bytes)

Show replies by date

Christoph Feck

15 Feb 15 Feb

13:22

Hi Dominique, On 02/15/19 14:06, Dominique Leuenberger / DimStar wrote:

...

So I started looking into the releases of the last 4 weeks and was shocked to only find 8 snapshots (0121, 0124, 0125, 0126, 0201, 0202, 0205 and 0209).

Thanks for keeping it rolling! An average of two snapshots per week is plenty enough :) For critical issues that need to be fixed same day, there is always the possibility to use the update-channel.

...

Despite all those major achievements, a lot of new updates / changes are already being forged:

Is OpenSSL 1.1.1 still on the radar? Bug 1101780 seems to make no progress and according to https://www.openssl.org/blog/blog/2018/09/11/release111/ "are strongly advised to upgrade to OpenSSL 1.1.1." since a few months already. I find it odd that a single python package can block the release of a security update for so long. Thanks! -- Christoph Feck KDE Release Team -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

Dominique Leuenberger / DimStar

13:37

On Fri, 2019-02-15 at 14:22 +0100, Christoph Feck wrote:

...

Hi Dominique,

On 02/15/19 14:06, Dominique Leuenberger / DimStar wrote:

...
So I started looking into the releases of the last 4 weeks and was shocked to only find 8 snapshots (0121, 0124, 0125, 0126, 0201, 0202, 0205 and 0209).

Thanks for keeping it rolling! An average of two snapshots per week is plenty enough :) For critical issues that need to be fixed same day, there is always the possibility to use the update-channel.

Thanks - yes, sure, an average of two is still nice and shows it's rolling.

...

...
Despite all those major achievements, a lot of new updates / changes are already being forged:

Is OpenSSL 1.1.1 still on the radar? Bug 1101780 seems to make no progress and according to https://www.openssl.org/blog/blog/2018/09/11/release111/ "are strongly advised to upgrade to OpenSSL 1.1.1." since a few months already. I find it odd that a single python package can block the release of a security update for so long.

Oh, right - openSSL 1.1.1 is of course still on the radar (was flying a bi low though) In order to visualize it's errors better, if there are still any, I moved this now to an own staging area (Staging:J) - I should be able to make a much better assessment in a couple hours what, if anything, still blocks this. In general, 'a single build failure' can indeed block a major update - just imaging such a failure making the installer unusable for example. Cheers Dominique

Christoph Feck

14:05

On 02/15/19 14:37, Dominique Leuenberger / DimStar wrote:

...

Oh, right - openSSL 1.1.1 is of course still on the radar (was flying a bi low though)

In order to visualize it's errors better, if there are still any, I moved this now to an own staging area (Staging:J) - I should be able to make a much better assessment in a couple hours what, if anything, still blocks this.

In general, 'a single build failure' can indeed block a major update - just imaging such a failure making the installer unusable for example.

Thanks for the pointer. I now see that Staging:J indeed shows regressions in the autoyast installer, which of course need to be resolved before shipping. https://build.opensuse.org/project/staging_projects/openSUSE:Factory/J Christoph -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

Dominique Leuenberger / DimStar

14:21

On Fri, 2019-02-15 at 15:05 +0100, Christoph Feck wrote:

...

On 02/15/19 14:37, Dominique Leuenberger / DimStar wrote:

...
Oh, right - openSSL 1.1.1 is of course still on the radar (was flying a bi low though)

In order to visualize it's errors better, if there are still any, I moved this now to an own staging area (Staging:J) - I should be able to make a much better assessment in a couple hours what, if anything, still blocks this.

In general, 'a single build failure' can indeed block a major update - just imaging such a failure making the installer unusable for example.

Thanks for the pointer. I now see that Staging:J indeed shows regressions in the autoyast installer, which of course need to be resolved before shipping.

https://build.opensuse.org/project/staging_projects/openSUSE:Factory/J

That's probably a lie - that test must be from before openSSL 1.1 entered :J The first build fail coming out from the tests is perl-IO-Socket-SSL https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:J... Somehow I can't imagine us being the first ones trying to use perl in combination with openssl 1.1 :( Cheers Dominique

Dominique Leuenberger / DimStar

14:25

On Fri, 2019-02-15 at 15:21 +0100, Dominique Leuenberger / DimStar wrote:

...

On Fri, 2019-02-15 at 15:05 +0100, Christoph Feck wrote:

...
On 02/15/19 14:37, Dominique Leuenberger / DimStar wrote:

...
Oh, right - openSSL 1.1.1 is of course still on the radar (was flying a bi low though)

In order to visualize it's errors better, if there are still any, I moved this now to an own staging area (Staging:J) - I should be able to make a much better assessment in a couple hours what, if anything, still blocks this.

In general, 'a single build failure' can indeed block a major update - just imaging such a failure making the installer unusable for example.

Thanks for the pointer. I now see that Staging:J indeed shows regressions in the autoyast installer, which of course need to be resolved before shipping.

https://build.opensuse.org/project/staging_projects/openSUSE:Factory/J

That's probably a lie - that test must be from before openSSL 1.1 entered :J

The first build fail coming out from the tests is perl-IO-Socket-SSL

https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:J...

Somehow I can't imagine us being the first ones trying to use perl in combination with openssl 1.1 :(

This is actually https://rt.cpan.org/Public/Bug/Display.html?id=126899

Stefan Seyfried

14:58

Am 15.02.19 um 15:25 schrieb Dominique Leuenberger / DimStar:

...

On Fri, 2019-02-15 at 15:21 +0100, Dominique Leuenberger / DimStar

...
The first build fail coming out from the tests is perl-IO-Socket-SSL

https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:J...

Somehow I can't imagine us being the first ones trying to use perl in combination with openssl 1.1 :(

This is actually https://rt.cpan.org/Public/Bug/Display.html?id=126899

Fedora has something that seems toi work: https://src.fedoraproject.org/rpms/perl-IO-Socket-SSL/commits/master Should I try to borrow things from there or is there already one of the maintainers of the package working on that? -- Stefan Seyfried "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." -- Richard Feynman -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

Vitezslav Cizek

15:02

Hi Stefan, V Fri, 15 Feb 2019 15:58:17 +0100 "Stefan Seyfried" <stefan.seyfried@googlemail.com> napsáno:

...

Am 15.02.19 um 15:25 schrieb Dominique Leuenberger / DimStar:

...
On Fri, 2019-02-15 at 15:21 +0100, Dominique Leuenberger / DimStar

...
The first build fail coming out from the tests is perl-IO-Socket-SSL

https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:J...

Somehow I can't imagine us being the first ones trying to use perl in combination with openssl 1.1 :(

This is actually https://rt.cpan.org/Public/Bug/Display.html?id=126899

Fedora has something that seems toi work: https://src.fedoraproject.org/rpms/perl-IO-Socket-SSL/commits/master

Should I try to borrow things from there or is there already one of the maintainers of the package working on that?

No need, I'm looking into that. Vita -- Vítězslav Čížek Emergency Update Team (EMU) "Whilst you sleep, we're probably saving the universe." -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

Stefan Seyfried

15:09

Am 15.02.19 um 16:02 schrieb Vitezslav Cizek:

...

Hi Stefan,

V Fri, 15 Feb 2019 15:58:17 +0100 "Stefan Seyfried" <stefan.seyfried@googlemail.com> napsáno:

...
Am 15.02.19 um 15:25 schrieb Dominique Leuenberger / DimStar:

...
On Fri, 2019-02-15 at 15:21 +0100, Dominique Leuenberger / DimStar

...
The first build fail coming out from the tests is perl-IO-Socket-SSL

https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:J...

Somehow I can't imagine us being the first ones trying to use perl in combination with openssl 1.1 :(

This is actually https://rt.cpan.org/Public/Bug/Display.html?id=126899

Fedora has something that seems toi work: https://src.fedoraproject.org/rpms/perl-IO-Socket-SSL/commits/master

Should I try to borrow things from there or is there already one of the maintainers of the package working on that?

No need, I'm looking into that.

OK. Note that the additional patches in the fedora package look unrelated to the test failures (at least to my relatively untrained eye ;-) Thanks, -- Stefan Seyfried "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." -- Richard Feynman -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

Vitezslav Cizek

16:15

V Fri, 15 Feb 2019 16:09:47 +0100 "Stefan Seyfried" <stefan.seyfried@googlemail.com> napsáno:

...

Am 15.02.19 um 16:02 schrieb Vitezslav Cizek:

...
Hi Stefan,

V Fri, 15 Feb 2019 15:58:17 +0100 "Stefan Seyfried" <stefan.seyfried@googlemail.com> napsáno:

...
Am 15.02.19 um 15:25 schrieb Dominique Leuenberger / DimStar:

...
On Fri, 2019-02-15 at 15:21 +0100, Dominique Leuenberger / DimStar

...
The first build fail coming out from the tests is perl-IO-Socket-SSL

https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:J...

Somehow I can't imagine us being the first ones trying to use perl in combination with openssl 1.1 :(

This is actually https://rt.cpan.org/Public/Bug/Display.html?id=126899

Fedora has something that seems toi work: https://src.fedoraproject.org/rpms/perl-IO-Socket-SSL/commits/master

Should I try to borrow things from there or is there already one of the maintainers of the package working on that?

No need, I'm looking into that.

OK. Note that the additional patches in the fedora package look unrelated to the test failures (at least to my relatively untrained eye ;-)

As it turns out, the failure could have been a random one. perl-IO-Socket-SSL built successfully after a rebuild trigger in openSUSE:Factory:Staging:J. The two additional Fedora patches indeed look unrelated as they just introduce post-handshake authentication. Vita -- Vítězslav Čížek Emergency Update Team (EMU) "Whilst you sleep, we're probably saving the universe." -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

2110

Age (days ago)

2110

Last active (days ago)

List overview

Download

9 comments

4 participants

participants (4)

Christoph Feck
Dominique Leuenberger / DimStar
Stefan Seyfried
Vitezslav Cizek

[opensuse-factory] Tumbleweed – Review of the weeks 2019/04 – 07

tags

participants (4)