Debian derivatives census: PureOS: welcome!

To: Jonas Smedegaard <dr@jones.dk>
Cc: debian-derivatives@lists.debian.org
Subject: Debian derivatives census: PureOS: welcome!
From: Hector Oron <zumbi@debian.org>
Date: Thu, 24 Aug 2017 18:41:49 +0200
Message-id: <[🔎] CAODfWeHk-nvMRdUJisDNwtDogLTQf=vyHnx-JJ3OUeSY63_zkw@mail.gmail.com>

Hi Jonas,

I would like to welcome yourself and PureOS to the Debian derivatives
census! Would you like to take this opportunity to introduce yourself
and PureOS to us all?

https://wiki.debian.org/Derivatives/Census/PureOS

It would be great if you could join our mailing list and IRC channel:

https://wiki.debian.org/DerivativesFrontDesk

I would encourage you to look at Debian's guidelines for derivatives:

https://wiki.debian.org/Derivatives/Guidelines

You may want to look at our census QA page, some of the mails from there
may apply to PureOS.

https://wiki.debian.org/Derivatives/CensusQA

The page says that PureOS modifies Debian binary packages. It is quite
rare that distributions modify Debian binary packages instead of
modifying source packages and rebuilding them. Does PureOS actually do
this?
If so could you describe what kind of modifications you are making?
If not I guess the page needs to be fixed.

The apt repository for PureOS does not contain source packages [for the
contrib and non-free section], including for packages licensed under
the GNU GPL.
This may or may not be a copyright violation depending on whether or
not you distribute those elsewhere. In any case, please add source
packages to your repository so that Debian can automatically create
patches to be presented to Debian package maintainers.

https://wiki.debian.org/Derivatives/CensusQA#No_source_packages
https://wiki.debian.org/Derivatives/Integration#Patches

The page is missing a dpkg vendor field. It is important that Debian
derivatives set this properly on installed systems and mention the value
of the field in the derivatives census.

https://wiki.debian.org/Derivatives/Guidelines#Vendor

There doesn't appear to be a PureOS blog or a blog aggregator for
PureOS developers. If these existed they would be syndicated on Planet
Debian derivatives and would help the Debian community find out the
things that are happening in PureOS.

http://planet.debian.org/deriv/

Next year the annual Debian conference is in Taiwan. It would be
great if developers from PureOS could attend DebConf.

https://debconf.org/

I would encourage Purism (the PureOS corporate sponsor) to contribute
financially to ensure the continued survival of Debian and the success of
the annual Debian conference.

https://www.debian.org/donations
https://debconf.org/sponsors/

I note that PureOS is [partly] based on Debian [testing/unstable]. A
great way to help
ensure that the next Debian release working well is to install and run the
how-can-i-help tool and try to work on any issues that come up.

https://www.lucas-nussbaum.net/blog/?p=837
https://packages.debian.org/unstable/how-can-i-help
https://wiki.debian.org/how-can-i-help

You might want to consider adding DNSSEC to your domains, TLSA records
and SSL to some of your domains. SSL on the repository will help PureOS
users to obscure package names and version numbers from global active
adversaries. You might also want to add HSTS headers.

http://dnsviz.net/d/PureOSwebsite/
https://wiki.mozilla.org/Security/Guidelines/Web_Security

Please feel free to circulate this mail within the PureOS team.


-- 
 Héctor Orón  -.. . -... .. .- -.   -.. . ...- . .-.. --- .--. . .-.

Reply to:

Follow-Ups:
- Re: Debian derivatives census: PureOS: welcome!
  - From: Jonas Smedegaard <dr@jones.dk>
- Re: Debian derivatives census: PureOS: welcome!
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Debian derivatives census: Canaima: status?
Next by Date: Re: Debian derivatives census: PureOS: welcome!
Previous by thread: Debian derivatives census: Canaima: status?
Next by thread: Re: Debian derivatives census: PureOS: welcome!
Index(es):
- Date
- Thread