A new release of mkinitcpio has been tagged. The release can be downloaded from
GitLab:
https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/releases/v35…
Changes since the previous release:
Bugfix release:
* mkinitcpio failed to setup the required files in /dev/fd to support process
substitution. This resulted in hooks/resume failing to work after a shellcheck
fix up.
Contributions from: Morten Linderud
– 2023-03-19
A new release of mkinitcpio has been tagged. The release can be downloaded from
GitLab:
https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/releases/v35
Changes since the previous release:
New Features:
* mkinitcpio now has support for post-generation hooks. These can be
used to act on generated initramfs images such as Secure Boot signing.
The feature is documented in the mkinitcpio(8) man page.
Changes in mkinitcpio:
* Improved code quality of scripts with shellcheck.
* Replaced hexdump usage with od.
* The makefile was taught `coverage` which generates a coverage report of
mkinitcpio.
* Several improvements on the symlink handling of mkinitcpio.
* add_binary was taught to check for script interpreters and warns about
missing interpreters.
* UKIs are now generated with dynamically allocated section sizes instead
of the previous hard coded values.
* xz compression is now always executed in "multithreaded mode" through
the -T0 switch after the xz utilitiy's recent improvements in reproducibility.
* Several fixups to improve consistency for msg/error/warning messages.
* Preset scripts are now documented in the mkinitcpio(8) man page.
* mkinitcpio will now attempt to more thoroughly clean up its temporary files upon
exit.
* Modules included in the initramfs now retain their permissions instead of being
hard coded to 644.
* The kernel-install script will now utilize the staging area as expected by
systemd.
* The init script now passes file system labels, file system UUIDs, partition
labels and partition UUIDs directly to the mount and fsck commands instead of
resolving them.
Changes in hooks:
* install/sd-vconsole is now executed inside a subshell to avoid
affecting the global scope.
* install/sd-vconsole and install/consolefont now look for zstd compressed fonts.
Changes in packaging:
* The installed preset now includes commented-out suggestions for UKI and
default_options.
* libalpm/scripts/mkinitcpio will now also delete UKIs when
uninstalling a kernel.
Contributions from: Adam Maroti, cedric cvl, ff0x, Florian Eitel,
Josephine Pfeiffer, Markus Weippert, Michael Kopp, Morten Linderud,
nl6720, rogueai, Sebastian Wiesner, Tobias Powalowski, Yishen Miao
– 2023-03-18
Hi all,
I made some improvements for namcap[1] to follow the recently applied
guidelines, and fix some issues:
- Warn if a transitive dependency is not specified, do not warn if a
required dependency is already satisfied by another package.
- Warn if an included shared library is not specified in provides=().
- Warn if a linked soname dependency is not specified in depends=().- -
- Use importlib to detect the path of python modules for faster and
more reliable processing.
- Detect libraries loaded via GObject Introspection in Python scripts.
- Fix handling debug packages by disabling/fixing some checks.
- Print list of files needed by uninstalled library.
- Add basic colored output.
- Various other fixes.
It would be great to get some feedback and review. If someone wants to
test my changes, a namcap-improved[2] package is available for this in
AUR.
[1] https://gitlab.archlinux.org/pacman/namcap/-/merge_requests
[2] https://aur.archlinux.org/packages/namcap-improved
--
György Balló
Trusted User
A new release of mkinitcpio has been tagged. The release can be downloaded from
GitLab:
https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/releases/v34
Changes since the previous release:
Announcement of future breaking changes:
* Preset variables *_efi_image are deprecated in favor of *_uki and
option --uefi is deprecated in favor with --uki. The old variables and
options still work, but emit a deprecation warning.
Changes in mkinitcpio:
* Preserve relativity of symbolic links that reside in the same
directory as their targets.
* Fix symbolic link creation and create target files with correct
permissions.
* Document add_udev_rule that has been available since v31.
* Instead of using stat to get the file permissions and install to copy
it, use cp unless custom permissions are specified. This improves
overall speed of file additions.
* Existing test suite is migrated to bats (Bash Automated Testing
System) and more tests are now available.
* Ensure /proc/cmdline is read as text and make sure to append a newline
and NUL to the .cmdline embedded in unified kernel images. This works
around an issue where /proc/cmdline contains garbage.
* The kernel-install plugin now supports generating unified kernel
images.
* Warn if the interpreter (from the shebang) is missing when adding
"binaries" that are actually scripts.
Changes in hooks:
* hooks/shutdown once again works when /run/initramfs/ already exists in
the initramfs.
* install/autodetect looks up modules in the target kernel version
instead of the currently running one.
* install/consolefont, install/keymap and install/sd-vconsole now
declare vconsole.conf supported variables as local to prevent
conflicts with misconstructed hooks may set these variables globally.
* install/memdisk uses the add_udev_rule function available since v31.
Contributions from: Adam Maroti, Christian Hesse, Geert Hendrickx,
Hector Martin, Morten Linderud, Tcc, Tobias Powalowski, nl6720, rogueai
– 2022-12-07
Rendered markdown at https://md.archlinux.org/s/edXOVFGbE
Unrendered/raw markdown:
# 2022-12-07 repod meeting
Date: 2022-12-07T19:30:00Z
Location: Jitsi
Scribe: brett
## Attendees
* alad
* artafinde
* brett
* dvzrv
* isaac
* lobachevsky
* wCPO
## Agenda
### Git and PGP
* Evaluating which Git/PGP integration for signing and signature checking to use ([#155](https://gitlab.archlinux.org/archlinux/repod/-/issues/155)). Current ecosystem is not ideal, so finding the "best" solution is difficult.
* Ideally a separate service would run alongside repod that would be able to sign
* Shelling out to gpg/git commands not ideal since repod integration would be awkward due to output parsing (gpg is particularly awful).
* Getting Git integration is more important than GPG integration right now.
### Updating dependencies
* Still no integration for renovatebot; It does not parse pyproject.toml (it only integrates into poetry).
* Update of mypy was difficult.
### Grouping of repositories
Can now add a group number to repositories! Groups must have unique packages in that group and will reject package uploads if that is violated.
### Manpage improvements
* Readability of manpages have been improved. ([#153](https://gitlab.archlinux.org/archlinux/repod/-/issues/153)).
* Lots of options are exposed and more are coming! Considering grouping the options for better navigation.
* Usage of equals sign after the options confused an attendee; It's not a very common pattern but adopted by other projects like systemd.
### Module refactoring
Some models are now being used across modules, so work was done to combine them into `common/models.py`
Regex verification of package values (`common/regex.py`) not compiled into a regex object: This is a possible improvement if it's do-able.
### Funding
Still no funding. Prototype fund didn't pan out. Still waiting for reply from Internet Fund. Valve still hasn't replied.
### Talk at Hacking in Parallel (HIP)
https://hip-berlin.de/
December 27-30 2022 in Berlin. Tickets are sold out but dvzrv will be giving a talk:
"Pacman can have the cookies and eat the ghosts too"
Schedule to be released shortly. All talks on the stages can be recorded and streamed via media.ccc.
Link to formatted notes:
https://md.archlinux.org/s/7sRUcSzjC
Raw notes in markdown:
# 2022-11-23 repod meeting
Date: 2022-11-23T19:30:00Z
Location: Jitsi
Scribe: brett
## Attendees
* brett
* dvzrv
* prawn
* yitz
## Agenda
### Archiving
* Not much documentation yet, but some info available in manpage
* Functions similarly to db-scripts at the moment
* Source tarball archiving/handling is not implemented yet
* Plan to continue using archive.org as long-term package archival
* Current archive.org archival is a separate [detached process](https://gitlab.archlinux.org/archlinux/archivetools);
It's unlikely (though still possible) that repod will handle this
archival.
### Build requirements check
* Checks if packages in archive are around and their specific version
* Allows us to only add packages that are reproducible
* manpage readability could be improved
* Error handling in task/do functions also needs improvement
* Better formatting than a runtime error desirable
* This would improve accessibility to development/usage
### Mypy and dependency updates
* Pip dropped as a direct dependency; Now an implicit dependency
* Used to produce bizarre error messages when used in conjunction
with poetry
* pdm.lock file needs manual updating at the moment (can't even update
metadata) due to [missing features](https://github.com/renovatebot/renovate/issues/10187)
### Other dependencies
* Checking for existing PKGBUILDs/sha256sum (and a number of other tasks) requires Git migration
* GPG pypi package woefully outdated; Mailing list is
[silent/ignoring patches](https://lists.gnupg.org/pipermail/gnupg-devel/2022-November/035158…
* pygit not desirable for use; pygit2/dulwich preferred
### Funding
No funding yet - one more application in progress
### Good first issues
Collaboration welcome for tackling some of the "simpler" tickets! (e.g.
documentation tasks such as #154, #148 or adding checks such as #143,
#142 #92)
### Project file reorganization
Some of the Python source files are getting quite large and are
potentially going to be split into smaller files. Even some of the
smaller files can be a little difficult to grasp due to
complexity/unexpected run orders.
A new release of mkinitcpio has been tagged. The release can be downloaded from
GitLab:
https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/releases/v33
Changes since the previous release:
Announcements:
* Development has moved to the Arch Linux GitLab instance. The new
URL is https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio
Changes in mkinitcpio:
* Introduce DECOMPRESS_MODULES in mkinitcpio.conf. Allows the user to
toggle if modules should be recompressed during initramfs creation or
not. Defaults to "yes".
* Support UKI generation on AArch64.
* Introduce a new --remove switch which allows mkinitcpio to remove all
mkinitcpio generated files. Only works together
with the -p/-P switches currently.
* In the initramfs the file /etc/os-release, symlinked to
/etc/initrd-release, is now included. systemd enabled initramfs
environments might need this file.
* Supports finding kernel version in gzipped non-x86 kernels.
* Try to properly resolve symlinks when adding files into the initramfs.
Changes in hooks:
* install/fsck now includes the e2fsck binary and symlinks fsck.ext*
utilities to this binary.
* install/fsck will no longer attempt to include nonexistent fsck
helpers.
* install/kms will attempt to include modules that implement the privacy
screen feature. Currently the module names are hardcoded.
Changes in packaging:
* mkinitcpio-remove and mkinitcpio-install are now unified into a single
script installed to 'libalpm/scripts/mkinitcpio'.
Contributions from: 0x7F, Felix Yan, Hugo Osvaldo Barrera,
Morten Linderud, nl6720, rogueai, Simon Brüggen, Tobias Powalowski
– 2022-11-20
Hi all,
the next meeting for repod will take place on 2022-11-23 19:30 UTC.
https://meet.jit.si/20221123-repod
NOTE: This is later than usual and will likely stay like this, as we are
trying to accomodate people in more timezones!
Best,
David
--
https://sleepmap.de
Hi all,
here are the meeting minutes from today's repod meeting in rendered
form: https://md.archlinux.org/s/eGuBZ71fJ
The raw markdown below:
# 2022-11-10 repod meeting
Date: 2022-11-10T18:00:00Z - 19:00:00Z
Location: Jitsi
Scribe: dvzrv
## Attendees
* dvzrv
* polyzen
* wCPO
## Agenda
## Check package metadata against filename
The metadata of added packages is now also validated against their
filenames
[!132](https://gitlab.archlinux.org/archlinux/repod/-/merge_requests/132).
## Fix flaky file detection
Our use of python-magic has been adapted to work around flaky behavior
of the file library when it comes to detection of compressed files
[!134](https://gitlab.archlinux.org/archlinux/repod/-/merge_requests/134).
## Remove symlinks on updating packages
The binary package and management repository symlinks for packages and
pkgbases are now removed when updating packages
[!135](https://gitlab.archlinux.org/archlinux/repod/-/merge_requests/135).
## Check stability flow (per repository)
The stability flow of repositories is now honored (versions of packages
per repository must follow staging > testing > stable)
[!136](https://gitlab.archlinux.org/archlinux/repod/-/merge_requests/136).
## Archiving
Work has started on implementing archiving in repod
[#96](https://gitlab.archlinux.org/archlinux/repod/-/issues/96), to
allow configurable locations (globally and per repository) for archiving
the package files (and their signatures) when they are being added to a
repository successfully.
## Further tickets added for dbscripts feature compatibility
Short meeting with Levente to talk about existing [features and checks
in dbscripts](https://gitlab.archlinux.org/archlinux/repod/-/issues/96)
which led to more tickets for the 0.3.0 milestone:
* to ensure unique packages in a group of repositories, we need to
implement a configurable grouping functionality for repositories
[#149](https://gitlab.archlinux.org/archlinux/repod/-/issues/149)
(overlaps with how archiving works)
* to ensure that we packages can be reproducible, we want to ensure that
they have been built with packages currently in a group of
repositories, with a set of packages about to be added in the same
action or with packages that are now in the archive
[#150](https://gitlab.archlinux.org/archlinux/repod/-/issues/150)
(overlaps with grouping to detect which repositories should be
evaluated).
* for ensuring that a package version has been built using a specific
upstream source repository, we need to check git tags (and their
signatures), checksums and metadata of PKGBUILDs to match the given
binary package's metadata
[#151](https://gitlab.archlinux.org/archlinux/repod/-/issues/151).
This will requirea git backend, which can hopefully later be reused
for the management repository backend. Overlaps with
[#118](https://gitlab.archlinux.org/archlinux/repod/-/issues/118) and
[#120](https://gitlab.archlinux.org/archlinux/repod/-/issues/120).
## Documentation improvement (beginner friendly)
There are some easy first tickets:
* figure out and document differences between existing projects used for
repository management
[#148](https://gitlab.archlinux.org/archlinux/repod/-/issues/148)
* document sought after workflow scenarios
[#144](https://gitlab.archlinux.org/archlinux/repod/-/issues/144)
* configurable enforcement of UID domain
[#92](https://gitlab.archlinux.org/archlinux/repod/-/issues/92) (helps
us to maintain signer trust via WKD)
Best,
David
--
https://sleepmap.de