[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

census: apt sources.list snippets

Hi all,

I figure that packages are probably the most important aspect of
Debian derivatives to integrate into Debian infrastructure, so I
started the integration work with the sources.list snippets added to
the census wiki pages.

I've written some scripts to download the census wiki pages, extract
the sources.list snippets from them and run aptitude update against
them. I sent some mails out to ask people to fix things and got a few
updates. I had to do some of the fixing myself, but as of today, I get
no errors :D

Some things I noticed along the way:

Some derivatives didn't bother to add a sources.list to the census.

Most derivatives don't have suite aliases like Debian's oldstable ->
lenny, stable -> squeeze, testing -> wheezy, sid -> unstable. I wonder
how Debian can promote the addition of these amongst our derivatives,
any thoughts? Having these would mean zero effort would be needed on
Debian's side when a derivative makes a new release.

Some derivatives didn't have deb-src lines or had non-working deb-src
lines. Some of them might use a different form of source package, just
build from a vcs or use automated tools (like) to create their binary
packages. Others distribute source packages but just forgot to add the

Some of the deb-src lines had [arch=i386] in them. I guess
sources.list files are not well understood in the area of source
packages, or something.

Some of them missed out suites or architectures.

Some of them had incorrect architectures (x86_64 vs amd64) or had
architectures that were not listed in their repository.

Some derivatives do not have browsable repositories, which are nice to have IMO.

Most distributions only have i386 and or amd64 binary packages.

Some derivatives have quite slow primary mirrors. The apt mirror stuff
that was talked about on debian-devel a while ago would be interesting

The scripts do not handle GPG stuff, which means that the end of the
script gives GPG errors when it completes. Does anyone know how to
disable signature checking?

W: GPG error: http://aptosid.com sid InRelease: The following
signatures couldn't be verified because the public key is not

I'll be improving the scripts and expanding their scope as I am able,
but I was wondering where I should publish the scripts? Perhaps in the
DEX group on alioth or should I create a 'derivatives' group on

The design will probably change, I think we probably want it to be
push based, ie someone adds or changes a wiki page then the cached
info for that derivative gets updated via a mail/RSS bot. The current
design does the whole set of derivatives as a group, probably the info
should be stored per-derivative and be updatable per-derivative.



Reply to: