<feed xmlns='http://www.w3.org/2005/Atom'>
<title>apt/debian/rules, branch main</title>
<subtitle>Debians commandline package manager</subtitle>
<id>https://git.kalnischkies.de/apt/atom?h=main</id>
<link rel='self' href='https://git.kalnischkies.de/apt/atom?h=main'/>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/'/>
<updated>2026-03-02T21:53:49Z</updated>
<entry>
<title>Copyright changes</title>
<updated>2026-03-02T21:53:49Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>jak@debian.org</email>
</author>
<published>2026-03-02T21:53:49Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=140e4e2f84813c85d96488031e6d3e0359f7b6d5'/>
<id>urn:sha1:140e4e2f84813c85d96488031e6d3e0359f7b6d5</id>
<content type='text'>
</content>
</entry>
<entry>
<title>sqv: Warn about signatures that will be rejected by policy within a year</title>
<updated>2025-04-25T21:07:07Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2025-04-25T18:53:45Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=85c435f23718e168345ea60270b24a57061b54f4'/>
<id>urn:sha1:85c435f23718e168345ea60270b24a57061b54f4</id>
<content type='text'>
This implements a simple check where we first run `sqv` with
`--policy-as-of` 1 year in the future. If the file is validly
signed one year in the future, it is validly signed now.

If the file is not validly signed 1 year in the future, we check
if it is validly signed now, and otherwise print an error message.

The --policy-as-of feature was added in sqv 1.3.0, hence we add a
version requirement to the dependency.
</content>
</entry>
<entry>
<title>debian: Plug sqv into the package build</title>
<updated>2024-12-22T22:52:05Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-12-20T11:03:26Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=f5a24acea31248f98db51d7a2fd1d7b2198bb177'/>
<id>urn:sha1:f5a24acea31248f98db51d7a2fd1d7b2198bb177</id>
<content type='text'>
Our goal is for each platform to have one blessed OpenPGP verification
system: Platforms that support sqv get sqv, platforms that don't get
gpgv. To do so we hardcode the architecture list at build time.

At build time we check if /usr/bin/sqv exists, which is the condition
that apt uses to see if it should build with sqv support.

We use a slight hack here to build with sqv on the official Debian
buildds but use gpgv on Ubuntu by abusing the fact that Ubuntu
resolves alternative build dependencies, and gpgv is installed
in the buildd image.
</content>
</entry>
<entry>
<title>Build examples for arch:any packages again after nodoc branch</title>
<updated>2022-05-11T15:45:49Z</updated>
<author>
<name>David Kalnischkies</name>
<email>david@kalnischkies.de</email>
</author>
<published>2022-05-11T15:45:49Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=09f0342ff2a56f8ce8fb9a96648d370f9e21dd01'/>
<id>urn:sha1:09f0342ff2a56f8ce8fb9a96648d370f9e21dd01</id>
<content type='text'>
Who does arch:any builds, right?

Ignoring for changelog as this would just confuse readers as the
effected version was never released.

Regression-of: cd92098caa64b7fd30cdc6b5d56bf7e9e17a449e
Gbp-Dch: Ignore
</content>
</entry>
<entry>
<title>Add pkg.apt.nodoxygen build profile</title>
<updated>2022-05-07T08:45:44Z</updated>
<author>
<name>David Kalnischkies</name>
<email>david@kalnischkies.de</email>
</author>
<published>2022-04-20T11:18:20Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=c5b22c3dabd0cc8d0ce87576cded2594c2cd7ca1'/>
<id>urn:sha1:c5b22c3dabd0cc8d0ce87576cded2594c2cd7ca1</id>
<content type='text'>
The documentation generated by doxygen is currently not reproducible,
but as fixing this seems hard we can at least provide a way to check
more automatically if the rest of src:apt is reproducible or not.
</content>
</entry>
<entry>
<title>Avoid building all docs in nodoc build profile</title>
<updated>2022-05-07T08:45:44Z</updated>
<author>
<name>David Kalnischkies</name>
<email>david@kalnischkies.de</email>
</author>
<published>2022-04-19T11:06:44Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=cd92098caa64b7fd30cdc6b5d56bf7e9e17a449e'/>
<id>urn:sha1:cd92098caa64b7fd30cdc6b5d56bf7e9e17a449e</id>
<content type='text'>
Differentiating between different types of documentation we build helps
in better expressing what needs to be done for our arch:any and arch:all
packages currently as well.
</content>
</entry>
<entry>
<title>Add support for "nodoc" build profile</title>
<updated>2022-05-07T08:45:44Z</updated>
<author>
<name>Vagrant Cascadian</name>
<email>vagrant@reproducible-builds.org</email>
</author>
<published>2022-04-17T22:11:12Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=725fef5ebf45d03fea75866e9795717bf576d26a'/>
<id>urn:sha1:725fef5ebf45d03fea75866e9795717bf576d26a</id>
<content type='text'>
References: https://wiki.debian.org/BuildProfileSpec#Registered_profile_names
Closes: #1009797

[@donkult: reworded commit message slightly &amp; changed variable name]
</content>
</entry>
<entry>
<title>Pass -DCMAKE_BUILD_RPATH_USE_ORIGIN=ON via dh_auto_configure override</title>
<updated>2022-05-07T08:45:43Z</updated>
<author>
<name>Vagrant Cascadian</name>
<email>vagrant@reproducible-builds.org</email>
</author>
<published>2022-04-17T23:12:47Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=e6cefc7683de4f29be7ebcab004ea0ab80ce49bc'/>
<id>urn:sha1:e6cefc7683de4f29be7ebcab004ea0ab80ce49bc</id>
<content type='text'>
CMake by default sets the RPATH property on executables that link to
shared libraries in the same project with an absolute path, which
triggers BuildId differences.

References: https://tests.reproducible-builds.org/debian/issues/unstable/cmake_rpath_contains_build_path_issue.html
 https://gitlab.kitware.com/cmake/cmake/-/issues/18413
Closes: #1009796

[@donkult: reworded commit message slightly and have flag passed first]
</content>
</entry>
<entry>
<title>Only protect two kernels, not last installed one</title>
<updated>2022-04-07T11:19:52Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2022-04-06T11:51:08Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=824651ded0bcf8603e9b508860b8fe5a68fc53ff'/>
<id>urn:sha1:824651ded0bcf8603e9b508860b8fe5a68fc53ff</id>
<content type='text'>
The kernel autoremoval algorithm was written to accomodate
for Ubuntu's boot partition sizing, which was written to
accomodate 3 kernels - 2 installed ones + a new one being
unpacked.

It seems that when the algorithm was designed, it was overlooked
that it actually kept 3 kernels.

LP: #1968154
</content>
</entry>
<entry>
<title>Fix debian-rules-uses-deprecated-systemd-override</title>
<updated>2020-01-16T11:11:35Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2020-01-16T11:10:36Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=11cd71b567639a37b46f5c61f4b790e51aa0a0c4'/>
<id>urn:sha1:11cd71b567639a37b46f5c61f4b790e51aa0a0c4</id>
<content type='text'>
We accidentally managed to restart apt-daily{,-upgrade}.service
again because our dh_systemd_start override was being ignored
since we switched to debhelper 12. Override dh_installsystemd
instead.

Gbp-Dch: full
</content>
</entry>
</feed>
