[HTTPS-Everywhere] Creating a debian package for https everywhere
Rogério Brito
rbrito at ime.usp.br
Fri Feb 11 13:53:51 PST 2011
Dear Peter,
On Feb 11 2011, Peter Eckersley wrote:
> Rogério,
>
> Many thanks for working on this!
Thank you very much for your nice observations.
> Here are a few quick observations:
>
> - https everywhere 0.9.9.development.4 does not exist yet, so it seems
> problematic to package it ;).
Oh, sure. This is an artificiality on the Debian side of things.
In a pseudo-mathematics form, the idea is basically this: for any version
number m and any string n, the package manager treats the version number m~n
in a way that m~n < m, but m~n > (m-\epsilon), for any \epsilon > 0 and
m~n > m~n', for any n' lesser than n.
Thus, 0.9.9.development.4~foo is greater than 0.9.9.development.3, than
0.9.9.development.3.0.1, than 0.9.9.development.3+hotfix, and so on, but
lesser than 0.9.9.development.4.
I hope that this is not too confusing. :) (The fact that we can put tildes
arbitrarily chained is also nice).
> You could either package 0.9.9.development.3, using that .xpi file or
> git tag, or pick a git-<timestamp> type version number if you want to
> package the very latest thing that's in the master repository
Give the explanation above, what do you think would be a good policy, if I
want to generate both bleeding edge and "stabler" versions? The stabler
versions are very easy, though.
> - the install.rdf file still has the 0.9.9.development.3 version number,
> which is an incorrect intermediate state from the git repository. The
> install.rdf version number should be the same as the package's version
> number.
Oh, good catch.
> - I presume that these packages disable automatic updates? If so, it might
> be safest to package the stable releases rather than the development
> releases, because once something goes out in a stable release of debian, it
> can be around for a long, long time.
If you people don't mind it, I can try to make the deb packages as part of
the script that creates the xpi file or part of the makefile target, which
seems saner to me.
> - I was going to suggest that alternatively, you could pakcage the development
> branch for debian-volatile. However, it seems that debian-volatile is going
> away. Maybe it's okay to package the development branch if debian's
> stable-updates mechanism will allow you to get fixes to rulesets out to
> users in a timely manner.
Yes, two points here:
* For some software that I care about (read: HTTPS Everywhere and
youtube-dl), I tend to upload things to the main repository in the very
same day as they are released.
* I think that debian-volatile is indeed going away, but that Debian
backports is, perhaps, filling its role:
http://backports.debian.org/news/squeeze-backports_and_lenny-backports-sloppy_started/
Thanks for your feedback,
Rogério Brito.
--
Rogério Brito : rbrito@{ime.usp.br,gmail.com} : GPG key 4096R/BCFCAAAA
http://rb.doesntexist.org : Packages for LaTeX : algorithms.berlios.de
DebianQA: http://qa.debian.org/developer.php?login=rbrito%40ime.usp.br
More information about the HTTPS-everywhere
mailing list