Re: RFS: Security patch for GitHub CLI client gh

To: Santiago Vila <sanvila@debian.org>
Cc: Otto Kekäläinen <otto@debian.org>, Debian-Go Mailing List <debian-go@lists.debian.org>, Anthony Fok <foka@debian.org>
Subject: Re: RFS: Security patch for GitHub CLI client gh
From: "Loren M. Lang" <lorenl@north-winds.org>
Date: Sat, 4 Jan 2025 00:58:34 -0800
Message-id: <[🔎] Z3j4OrJSjAZmu7DE@alzatex.com>
In-reply-to: <Z3MkKhNiftATf8U/@alzatex.com>
References: <Z3JxJdrgcGPhItKu@alzatex.com> <a3112dce-2379-4845-9860-ea66e6b67c2e@debian.org> <f83b1c3f-168e-4fd2-a3d1-a4afd537c529@debian.org> <CAOU6tADacw3T4rt3FQJWOPkJ1bPeAZkAND51XB9oJKHgerqKKQ@mail.gmail.com> <009f40d1-af50-4419-b229-4f87c85fb82b@debian.org> <Z3MkKhNiftATf8U/@alzatex.com>

On Mon, Dec 30, 2024 at 02:52:26PM -0800, Loren M. Lang wrote:
> On Mon, Dec 30, 2024 at 09:01:03PM +0100, Santiago Vila wrote:
> > El 30/12/24 a las 19:24, Otto Kekäläinen escribió:
> > > You bypassed now both code reviews and uploaded despite failing CI.
> > 
> > For the record: I only see failed pipelines here:
> > 
> > https://salsa.debian.org/go-team/packages/gh/-/pipelines?page=1&scope=all
> > 
> > so it's not as if this package suddenly had switched from passing to not-passing.
> 
> Looks like this Pipeline has been failing since the beginning 2 years
> ago. It appears like there is some missing dependency on the
> bash-completion package somewhere along the way for Debhelper that needs
> to be added, although, it would probably be better for it to just not
> require bash-completion for an automated build.

OK, I've fixed the issue with the CI failing for gh. The package has a
build dependency on dh-sequence-bash-completion which requires that the
bash-completion package to be installed before starting the build. I
added a before_script section to the CI configuration to install the
missing package and it is now passing on the build. I also pulled in the
Salsa CI job that Otto added for building a complete package with the
normal Debian CI build. The MR is available here:

https://salsa.debian.org/go-team/packages/gh/-/merge_requests/3

I manually started the Salsa CI job after filing the MR, but I see that
is it stuck waiting for a Runner in the provision stage due to no
available runners. Otto, is this because this is being run outside of
the Debian namespace where no runners have been allocated for this
pipeline?

> 
> > 
> > Before we consider a pipeline a criteria to upload or not, we would maybe have
> > to review the ones that fail so that they stop failing.
> > 
> > Thanks.
> 
> -- 
> Loren M. Lang
> lorenl@north-winds.org
> http://www.north-winds.org/
> 
> 
> Public Key: http://www.north-winds.org/lorenl_pubkey.asc
> Fingerprint: 7896 E099 9FC7 9F6C E0ED  E103 222D F356 A57A 98FA

-- 
Loren M. Lang
lorenl@north-winds.org
http://www.north-winds.org/

Public Key: http://www.north-winds.org/lorenl_pubkey.asc
Fingerprint: 7896 E099 9FC7 9F6C E0ED  E103 222D F356 A57A 98FA

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: RFS: Security patch for GitHub CLI client gh
  - From: "Loren M. Lang" <lorenl@north-winds.org>

Prev by Date: Re: Proposing 2025 workflow changes for Go team
Next by Date: Re: RFS: Security patch for GitHub CLI client gh
Previous by thread: Re: RFS: Security patch for GitHub CLI client gh
Next by thread: Re: RFS: Security patch for GitHub CLI client gh
Index(es):
- Date
- Thread