+approved:
+
+ o What to do with multi-suite uploads? Presumably hold in unapproved
+ and warn? Or what? Can't accept just for unstable or reject just
+ from stable.
+
+ o Whenever we check for anything in accepted we also need to check in
+ unapproved.
+
+ o non-sourceful uploads should go straight through if they have
+ source in accepted or the archive.
+
+ o security uploads on auric should be pre-approved.
+
TODO
====
================================================================================
+[minor] kelly's copychanges, copykatie handling sucks, the per-suite
+ thing is static for all packages, so work out in advance dummy.
+
+[madison] # filenames ?
+[madison] # maintainer, component, install date (source only?), fingerprint?
+
Actually Urgent
---------------
o UrgencyLog stuff should minimize it's bombing out(?)
o Log stuff should open the log file g+w lamer
-<aj> elmo_home: (although, if you haven't already, you might want to add a `Reject: invalid character in Version:' check to katie sometime)
-<aj> elmo_home: (at least while auric's apt doesn't handle ~'s)
More Urgent
-----------
+ o [melanie] I was thinking, bomb out if a) no '[rene]' in the
+ -m/--message, and b) no other -d/--done or -C/--carbon-copy
+
+ o helena should footnote the actual notes, and also * the versions
+ with notes so we can see new versions since being noted...
+
+ o helena should have alternative sorting options, including reverse
+ and without or without differentiaion.
+
+ o julia should sync debadmin and ftpmaster
+
+ <drow> Can't read file.: /org/security.debian.org/queue/accepted/accepted/apache-perl_1.3.9-14.1-1.21.20000309-1_sparc.katie. You assume that the filenames are relative to accepted/, might want to doc or fix that.
+
+<neuro> the orig was in NEW, the changes that caused it to be NEW were pulled out in -2, and we end up with no orig in the archive :(
+
+ o SecurityAcceptedAutoBuild doesn't handle the case of foo_3.3woody1
+ with a new .orig.tar.gz followed by a foo_3.3potato1 with the same
+ .orig.tar.gz; jennifer sees it and copes, but the AA code doesn't
+ and can't really easily know so the potato AA dir is left with no
+ .orig.tar.gz copy. doh.
+
+ o orig.tar.gz in accepted not handled properly (?)
+
+ o amber doesn't include .orig.tar.gz but it should
+
o permissions (paranoia, group write, etc.) configurability and overhaul
+ o remember duplicate copyrights in lisaand skip them, per package
+
o <M>ove option for lisa byhand proecessing
o rene could do with overrides
o the whole versioncmp thing should be documented
- o security.debian.org: BYHAND auto-uploading doesn't work
- o security.debian.org: BYHAND auto-uploading assumes ftp-master
-
o lisa doesn't do the right thing with -2 and -1 uploads, as you can
end up with the .orig.tar.gz not in the pool
o lisa doesn't trap signals from fernanda properly
- o jenna sucks; should be rewritten to use python arrays rather than
- multiple selects, similar to heidi/natalie rewrites.
-
o queued and/or perl on sparc stable sucks - reimplement it.
o aj's bin nmu changes
Less Urgent
-----------
+ o Accept "," as a seperator in -a, -s etc. args
+
o change utils.copy to try rename() first
o [hard, long term] unchecked -> accepted should go into the db, not
o auto-purge out-of-date stuff from non-free/contrib so that testing and stuff works
o doogie's binary -> source index
- o Add urgency + installed date to the DB for aj/testing (? still needed ?)
o jt's web stuff, matt's changelog stuff (overlap)
o [Hard] Need to merge non-non-US and non-US DBs.
o Revisit linking of binary->source in install() in katie.
o Fix component handling in overrides (aj)
o Fix lack of entires in source overrides (aj)
- o direport misreports things as section 'devel'
+ o direport misreports things as section 'devel' (? we don't use direport)
o vrfy check of every Maintainer+Changed-By address; valid for 3 months.
o binary-all should be done on a per-source, per-architecture package
basis to avoid, e.g. the perl-modules problem.
o katie/jenna/rhona/whatever needs to clear out .changes
files from p-u when removing stuff superseded by newer versions.
[but for now we have halle]
- o test sig checking stuff in test/ (stupid thing is not modularized)
+ o test sig checking stuff in test/ (stupid thing is not modularized due to global abuse)
o when encountering suspicous things (e.g. file tainting) do something more drastic
* Easy:
+ o suite mapping and component mapping are parsed per changes file,
+ they should probably be stored in a dictionary created at startup.
o don't stat/md5sum files you have entries for in the DB, moron
boy (Katie.check_source_blah_blah)
o promote changes["changes"] to mandatory in katie.py(dump_vars)
o melanie should behave better with -a and without -b; see
gcc-defaults removal for an example.
o Reject on misconfigured kernel-package uploads
- o denise abuses sys.stdout == badly
o utils.extract_component_from_section: main/utils -> main/utils, main rather than utils, main
o Fix jennier to warn if run when not in incoming or p-u
o katie should validate multi-suite uploads; only possible valid one
* Bizzare/uncertain:
+ o drop rather dubious currval stuff (?)
o rationalize os.path.join() usage
o Rene also doesn't seem to warn about missing binary packages (??)
o logging: hostname + pid ?
o Handle the case of 1:1.1 which would overwrite 1.1 (?)
o maybe drop -r/--regex in madison, make it the default and
implement -e/--exact (a la joey's "elmo")
+ o dsc files are not checked for existence/perms (only an issue if
+ they're in the .dsc, but not the .changes.. possible?)
* Cleanups & misc:
projects / dak.git / blobdiff