Received: (at 38148) by debbugs.gnu.org; 10 Nov 2019 02:32:52 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Nov 09 21:32:52 2019 Received: from localhost ([127.0.0.1]:50536 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1iTd23-00062X-T6 for submit <at> debbugs.gnu.org; Sat, 09 Nov 2019 21:32:52 -0500 Received: from imta-35.everyone.net ([216.200.145.35]:44198 helo=imta-38.everyone.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <bokr@HIDDEN>) id 1iTd21-00062P-ID for 38148 <at> debbugs.gnu.org; Sat, 09 Nov 2019 21:32:50 -0500 Received: from pps.filterd (omta001.sj2.proofpoint.com [127.0.0.1]) by imta-38.everyone.net (8.16.0.27/8.16.0.27) with SMTP id xAA2WHLT021256; Sat, 9 Nov 2019 18:32:47 -0800 X-Eon-Originating-Account: akprTc-jZ5cqmDvvte5VLwgVqX7j5v1zpLg_YOKTpSU X-Eon-Dm: m0116952.ppops.net Received: by m0116952.mta.everyone.net (EON-AUTHRELAY2 - 32d0d199) id m0116952.5dc217cf.23e861; Sat, 9 Nov 2019 18:32:45 -0800 X-Eon-Sig: AQMHrIJdx3bNJXT9cAIAAAAD,1f7abcd10b99894047a0fa22ba81e138 X-Eip: FxVFvvnB3BvuKXIb1meMdfvlBj3LnY1y1M3tb6pzKcU Date: Sat, 9 Nov 2019 18:32:36 -0800 From: Bengt Richter <bokr@HIDDEN> To: Tobias Geerinckx-Rice <me@HIDDEN> Subject: Re: bug#38148: Guix packages old/broken version of qutebrowser Message-ID: <20191110023236.GA900@HIDDEN> References: <20191109100530.zdfrewfmengq7pud@HIDDEN> <87ftix9eqa.fsf@nckx> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87ftix9eqa.fsf@nckx> User-Agent: Mutt/1.12.1 (2019-06-15) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-11-09_09:, , signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1034 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1910280000 definitions=main-1911100024 X-Spam-Score: -0.5 (/) X-Debbugs-Envelope-To: 38148 Cc: Florian Bruhin <me@HIDDEN>, 38148 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Reply-To: Bengt Richter <bokr@HIDDEN> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.4 (-) On +2019-11-09 17:49:49 +0100, Tobias Geerinckx-Rice via Bug reports for GNU Guix wrote: > Florian, > > [I'm not a regular qutebrowser user, nor maintainer — I don't think we have > one.] > > Florian Bruhin 写道: > > I'm the upstream author of qutebrowser - it looks like Guix currently > > packages > > qutebrowser 0.11.0: https://guix.gnu.org/packages/qutebrowser-0.11.0/ > > > > That version is very outdated (July 2017, there have been 28 new > > releases since > > then). It has various known security issues, but currently it just > > crashes > > outright, because such an old version isn't compatible with Qt 5.11 > > which is > > packaged in Guix. > > > > That results in me getting crash reports around once per week - at this > > point, > > it'd probably be better to not package qutebrowser at all, seeing that > > nobody > > seems to maintain that package for a long time now. > > Thank you for letting us know. My apologies for the noise from these > useless crash reports. > > Is there a supported way to replace the default bug report URL with our own? > > If not, I could patch qutebrowser to pop up a dialogue with our bug tracker > (e-mail) address instead. The crash report itself would likely be lost. > > I've tried qutebrowser 1.8.1 with QtWebKit and it runs, but then freezes (@ > 0% CPU) after some minutes. I had to SIGKILL it. However, so does 0.11.0. > > I'll try to get it to run, and hopefully the state of qutebrowser's > dependencies in Guix will improve as well. > > Kind regards, > > T G-R On reading the above, I wonder if we can invent a useful measure of "runs" vs "works" vs "crashes" that could automatically be visible in "guix show whatever-package". I mean, there is a huge difference in confidence (at least on my part :) between knowing that two developers have successfuly built and run a package for the first time after refurbishing some orphan package vs knowing that a thousand users have been using a tool many times daily for months without problems. Could packages be instrumented with a simple invocation-with-normal/abnormal-exit counter intialized on install, that could be voluntarily submitted to some guix email addrress for automatic reliability-score update that guix show whatever-package then accesses and presents? Some finer-grain reporting would problably be desirable for packages that install many executables. A service could be enabled to send reports periodically for a list of packages in use by a particular user, at the user's opt-in option of course. I guess you'd have to have some guard against robo-shill-bots pumping successful-use scores, but WDYT of the general idea? Maybe also a count of historical CVE's against any inputs to the package build? Well, the imagination rambles, but maybe something simple to start with could test the usefulness? -- Regards, Bengt Richter
bug-guix@HIDDEN:bug#38148; Package guix.
Full text available.Received: (at 38148) by debbugs.gnu.org; 9 Nov 2019 16:50:00 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Nov 09 11:50:00 2019 Received: from localhost ([127.0.0.1]:50202 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1iTTw0-00069V-GH for submit <at> debbugs.gnu.org; Sat, 09 Nov 2019 11:50:00 -0500 Received: from tobias.gr ([80.241.217.52]:53118) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <me@HIDDEN>) id 1iTTvx-00069J-WA for 38148 <at> debbugs.gnu.org; Sat, 09 Nov 2019 11:49:59 -0500 Received: by tobias.gr (OpenSMTPD) with ESMTP id 9d6804d9; Sat, 9 Nov 2019 16:49:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=tobias.gr; h=from:to:cc :subject:references:in-reply-to:date:message-id:mime-version :content-type; s=2018; i=me@HIDDEN; bh=wcH0PetOejGPaANQ3FkKKc fV1E3vpJU3JOt/TxpyAQQ=; b=KopZWH/BpZbM6UdPKTpgVqNhQ6UCpV6fkZEgJg NRyfHuK9rzUwjzBZdWIzoGvC9ACW0oYSbNdDE0rd3BDlahkG+P1VOi1F2ph7mhq/ EKT9Nxp7eAC8XFApLyptlCkvcfDnoXqJ08AwIeeB//C/eYfFtnjb30KQxGS3mzv0 Tgza7lQfcLka3fJ/vTPX55NTQurz/FKz3eNMFYzfx/zWByiWHlj3GYXzkagXevYB Z0hNykoZWaBlztylrmYvWVZ0TDsa3nhzv2UozgU8dwAteyM9+0e6Njru5NmNvLeA uhB/9c8REgD1UH7Qhk8TNBkJSe1IKz2GK0fCac7QPa9odC8A== Received: by submission.tobias.gr (OpenSMTPD) with ESMTPSA id 09e00694 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Sat, 9 Nov 2019 16:49:54 +0000 (UTC) From: Tobias Geerinckx-Rice <me@HIDDEN> To: Florian Bruhin <me@HIDDEN> Subject: Re: bug#38148: Guix packages old/broken version of qutebrowser References: <20191109100530.zdfrewfmengq7pud@HIDDEN> In-reply-to: <20191109100530.zdfrewfmengq7pud@HIDDEN> Date: Sat, 09 Nov 2019 17:49:49 +0100 Message-ID: <87ftix9eqa.fsf@nckx> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 38148 Cc: 38148 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) --=-=-= Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Florian, [I'm not a regular qutebrowser user, nor maintainer =E2=80=94 I don't=20 think we have one.] Florian Bruhin =E5=86=99=E9=81=93=EF=BC=9A > I'm the upstream author of qutebrowser - it looks like Guix=20 > currently packages > qutebrowser 0.11.0:=20 > https://guix.gnu.org/packages/qutebrowser-0.11.0/ > > That version is very outdated (July 2017, there have been 28 new=20 > releases since > then). It has various known security issues, but currently it=20 > just crashes > outright, because such an old version isn't compatible with Qt=20 > 5.11 which is > packaged in Guix. > > That results in me getting crash reports around once per week -=20 > at this point, > it'd probably be better to not package qutebrowser at all,=20 > seeing that nobody > seems to maintain that package for a long time now. Thank you for letting us know. My apologies for the noise from=20 these useless crash reports. Is there a supported way to replace the default bug report URL=20 with our own? If not, I could patch qutebrowser to pop up a dialogue with our=20 bug tracker (e-mail) address instead. The crash report itself=20 would likely be lost. I've tried qutebrowser 1.8.1 with QtWebKit and it runs, but then=20 freezes (@ 0% CPU) after some minutes. I had to SIGKILL it.=20 However, so does 0.11.0. I'll try to get it to run, and hopefully the state of=20 qutebrowser's dependencies in Guix will improve as well. Kind regards, T G-R --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfo+u0AlEeO9y5k0W2Imw8BjFSTwFAl3G7i0ACgkQ2Imw8BjF STwmCg//areiHAe++JpbOXDi5CjWsuZHFDd+HNqCyWZLMRXVGg3CO113YZIaFQcU 5FXvBDjlzPcT9chOIt1GsBkTWRdrDPRkYX4WNBFcJcZrfKLLsfHzFWHucCNKZbFB lkSE1sVClH9LpimJghEQ8+HkSSwhOe0CNmfjj1Dj4tVKiVXDv1k+zaDgoX4NN8FP eAHjLUmuhci7PL4Dd5mk6hA8jIt/P8w/FUXQzhaXs5t7wxdlwY4vmTQzhA6UkBQU BkrpUWwzl5xZt3H6OGYXLfpto2ajDKLuXfdvCJTyfhlpbB2+7837UEAiaNhVWGnZ cCJvM4Ibl7M+QJdYJBUQlNQlirwlCyzO8xdX5TJvtI6CsQRNe3V2qet0ynAWjMAS ykU/2aGYvZuTQ7TfXrdl485uMcAfAzgWvy87cLjzcMryv1Ca078/Ohp01IX3mz3j juL/2lwJ0yhRv5HtSQ4bV7jffnpR/64ZzRNp1dZyrge7RkGmUGIHiZUwrnVD2I08 b/PLMoCSkvnMbhAL7tT1yR9foxTVADeQsxbfBl6Hp9bUFzzPMvMQZYrXoH3LGelO ltz2iXIy3XpPyE8s9wGdOeoFKt8xDkEdfr32MMw0w9ZW3NYwdRHDrRGc8c7FsTJl HjdmT4fJB26au7FaFJUsucfpGR3GZVr0uYOBg1+kYoB3yul+by0= =wosX -----END PGP SIGNATURE----- --=-=-=--
bug-guix@HIDDEN:bug#38148; Package guix.
Full text available.
Received: (at submit) by debbugs.gnu.org; 9 Nov 2019 11:25:31 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Nov 09 06:25:31 2019
Received: from localhost ([127.0.0.1]:48293 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1iTOrx-0001ul-T3
for submit <at> debbugs.gnu.org; Sat, 09 Nov 2019 06:25:30 -0500
Received: from lists.gnu.org ([209.51.188.17]:41939)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <me@HIDDEN>) id 1iTNch-0008Fk-70
for submit <at> debbugs.gnu.org; Sat, 09 Nov 2019 05:05:39 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:46963)
by lists.gnu.org with esmtp (Exim 4.90_1)
(envelope-from <me@HIDDEN>) id 1iTNcg-0000mO-0G
for bug-guix@HIDDEN; Sat, 09 Nov 2019 05:05:39 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level:
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
version=3.3.2
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
(envelope-from <me@HIDDEN>) id 1iTNce-0000R5-68
for bug-guix@HIDDEN; Sat, 09 Nov 2019 05:05:37 -0500
Received: from menkent.uberspace.de ([185.26.156.18]:57906)
by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
(Exim 4.71) (envelope-from <me@HIDDEN>) id 1iTNcd-0000Q2-SM
for bug-guix@HIDDEN; Sat, 09 Nov 2019 05:05:36 -0500
Received: (qmail 19156 invoked from network); 9 Nov 2019 10:05:32 -0000
Received: from localhost (HELO hooch.localdomain) (127.0.0.1)
by menkent.uberspace.de with SMTP; 9 Nov 2019 10:05:32 -0000
Date: Sat, 9 Nov 2019 11:05:30 +0100
From: Florian Bruhin <me@HIDDEN>
To: bug-guix@HIDDEN
Subject: Guix packages old/broken version of qutebrowser
Message-ID: <20191109100530.zdfrewfmengq7pud@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="buappeeqvazrpqhh"
Content-Disposition: inline
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
recognized.
X-Received-From: 185.26.156.18
X-Spam-Score: -1.4 (-)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Sat, 09 Nov 2019 06:25:27 -0500
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.4 (--)
--buappeeqvazrpqhh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi,
I'm the upstream author of qutebrowser - it looks like Guix currently packa=
ges
qutebrowser 0.11.0: https://guix.gnu.org/packages/qutebrowser-0.11.0/
That version is very outdated (July 2017, there have been 28 new releases s=
ince
then). It has various known security issues, but currently it just crashes
outright, because such an old version isn't compatible with Qt 5.11 which is
packaged in Guix.
That results in me getting crash reports around once per week - at this poi=
nt,
it'd probably be better to not package qutebrowser at all, seeing that nobo=
dy
seems to maintain that package for a long time now.
Florian
--=20
https://www.qutebrowser.org | me@HIDDEN (Mail/XMPP)
GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc
I love long mails! | https://email.is-not-s.ms/
--buappeeqvazrpqhh
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE4E5WAAJAG47w528KkW6wyP1VoHIFAl3Gj2cACgkQkW6wyP1V
oHJMNBAAqPiw7LjQnuRQPqR2xWvTDsc97kmFEeCWP9PhL++VpaqcSWOXhM5ngskm
Ybw8envr+1jS6/PuVB/E3ecKxX41TEDmSU1RJ6Y5/78GTTDU7qFjPNDVFiFvN/Mv
09MzkxDk0F3dYPwCni8axt4y+1Q8XlO4i6tWSHRSJ/sheO8ztT6xBkv9mau8jw8y
nkjqwVWRkroqi1Vr32hTNc1PH8Oejg9sSPah+IvaPW6vpXv7+YPXb2OlPrBrJL+x
XFn5nL+4SkltFIvMi5xDGQfoyOqLAqnW31lfB4rs24dcDhQZyCpHDWWaE0WenOCZ
M/BVCjFPy4n92uwAWEHgMsmozqK6HwnGY1E/+J/t9+WKlHjuRI3NtqPadXg7cPI9
2R95Wc3PdLinqCS9/8ynotq+5jkp3g4I+CQLtZbTxGjHYSEpw27seHvWGVQWTM9m
05MDgfiGQUm5w7y5JezmhVpOgQWAUJ21fmeA22LrDt9a9HfMB5TY87NsJWP/M8CW
1IG7cJlILob6N3kXlTNIAU45jEUXONUNTY2pDT/MKEE43XdP5kiA75SIQ+9BF3fM
iTY+UnOuGTT1sRgIJKZFpbuArUy33VI1UEg4e+Rpz/x7F+/bPTgJTXOtWQhKsqcB
sMHukSfb8p/P9wJU6Glldaqon0mY6MCUYRA6xdchvMaPq6YprKE=
=DiqZ
-----END PGP SIGNATURE-----
--buappeeqvazrpqhh--
Florian Bruhin <me@HIDDEN>:bug-guix@HIDDEN.
Full text available.bug-guix@HIDDEN:bug#38148; Package guix.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.