pabs3 is currently certified at Master level.

Name: Paul Wise
Member since: 2005-06-22 15:16:22
Last Login: 2016-12-07 06:53:04

FOAF RDF Share This

Homepage: http://bonedaddy.net/pabs3/

Notes:

Projects

Recent blog entries by pabs3

Syndication: RSS 2.0

Check All The thingS!

check-all-the-things (aka cats, Meow!) is a tool that aims to make it easy to know which tools can be used to check a directory tree and to make it easy to run those tools on the directory tree. The tree could either be a source tree or a build tree or both. It aims to check as much of the tree as possible so the output can be very verbose and have many false positives. It is not for the busy, lazy or noise intolerant. It runs the checks by matching file names and MIME types against those registered for a list of checks. Each check has a set of dependencies, flags, filename wildcards, MIME type wildcards, comments and prerequisite commands. By default it:

  • doesn't check file MIME types as this is slower
  • shows which command is currently running
  • limits check output to 10 lines
  • hides checks that output nothing
  • kills checks when interrupted with Ctrl+C
  • exits when interrupted twice in quick succession
  • outputs various remarks at the end

It runs all checks for the current distro/release except:

  • dangerous ones that execute code in the current dir
  • ones that modify files in the current dir
  • ones that access the network (if there is no default route)
  • ones that need work to be usable
  • ones that need a human to run them

There are command-line options to customise the behaviour and automatic bash shell completion via argcomplete. There are 177 checks (including TODO ones) in 73 different categories. There are an additional 224 not-well-specified TODO items for new checks in comments. It is exceptionally easy to add new checks once one knows how to use the tool one wants to add.

At this point in time it is probably not a good idea to run it in an untrusted directory tree for several reasons:

  • there could be unknown vulnerabilities in the tools used
  • there could be unknown interactions with interpreters (known ones worked around)
  • there could be some commands doing unknown code execution
  • there could be other weirdness in some layers
  • there is no automatic sandboxing at all yet

The project initially started as really hacky wiki page full of commands to run. At some point I figured it was time to make this actually be maintainable and started on a project to do that. At around the same time Jakub Wilk was working on maquack to replace the wiki page. Somehow I found out about it and talked to him about it. It was vastly less hacky than my version so I ended up taking it over and continuing it under the check-all-the-things name. I polished it for the last two years and finally released it into Debian unstable during DebCamp16.

Syndicated 2016-07-04 18:10:55 from Advogato

DebConf16 Open Festival day 1

Today was day one of the DebConf16 Open Festival and I attended the open hardware panel, part of the talk about Code For South Africa, shirish's experiences and the DebConf new folks session.

The open hardware panel was a wide ranging discussion between bdale, Andy and indiebio. bdate talked about the experiences he has had with his rocketry hardware. bdale said "Make concious decisions about what you are buying", referencing a case where he investigated, found a GPL violation and didn't buy. Various people care about openness of different layers of the hardware. Off-the-shelf products are very strongly integrated, which is great for makers but means that people who care about lower layers like CPU micro-architecture aren't able to participate. Andy said "We are just beginning to come out of the shareware stage [of open hardware]". bdale mentioned the companies who do hardware production as a service from design files. Later in the pub some folks mentioned j-core, an open re-implementation of SuperH processors.

I missed most of the code4sa talk unfortunately, but it was about government services and open data.

shirish covered his journey through life to Debian. His youth, how satellite TV and knowledge of the outside world came to India around the time of the Iraq war. His experience accessing the Internet for the first time, uncensored vs the usual censorship in India's media. His experiences of Windows 95 viruses and crashes. He learned of PCTwist Linux through a magazine cover. His initial install was not a success but eventually managed to break through and install a desktop, but experienced network and other issues. Eventually he encountered Ubuntu and began contributing bug reports. His experiences there led him to Debian. He began blogging about Debian. In the last few years he and others have been going around the country doing mini-DebConfs at institutes around India. The first question was predictably about having a DebConf in India and how shirish might like to get more involved. DebConf in India sounds like a possibility some day and shirish was thinking about getting involved in publicity, marketting and the Debian installer.

The DebConf new folks session was a great intro to DebConf for folks new to the community. There were some quite excellent touches added to this year's version of the event by indiebio and Rhonda.

I also got some things done. Usual spam reporting. Reviewed wiki RecentChanges. Talked to the chromium-bsu/MacPorts maintainer about AX_CHECK_GL brokenness. Filed Debian wishlist bug #829292 asking to update autoconf-archive. Redirected a Hurd porterbox request to the exodar admin and quickly found out I was wrong to do that, rectified. Then we found out the LDAP sync to exodar was broken. Replied to someone who intends to sell Debian pre-installs. Thanked BunsenLabs folks for joining the derivatives list. Applied reproducible builds patch for cats from Chris Lamb. Heard about awesome new terminal-mode screensaver. Moo! Prepared a blog post about check-all-the-things.

Syndicated 2016-07-03 05:17:51 from Advogato

DebCamp16 day 8

Apply wget security update to mentors.debian.net. Poke the DebConf video team about archiving the one Debian & stuff podcast episode. Discuss exclusion, privilege & DebConf. Usual spam reporting. Review wiki RecentChanges. Fix some typos from RecentChanges. File Debian wishlist bug #829177 against bugs.debian.org. Mention the recent post about breaking Android full-disk encryption on the exploits Debian wiki page. Answer questions about recommended build configuration for chromium-bsu from the maintainer of it in FreeBSD. Mention that HTML SRI could help secure initial Debian downloads. File Debian bug #829199 against file and add workaround in derivatives census. Report broken boss-gnome source package to BOSSLinux folks on IRC. Delete and re-download Parsix apt folder to stop hash sum mismatches. File Debian minor/wishlist bugs #829209/#829211/#829212 against cypher-lint. Add a porterbox guest account for one of the RTC GSoC students. Extend the expiry of another guest account. Direct query about the excuses HTML to the release team. File Debian bug #829241 against fonts-play. Discuss accessibility, life, the universe and rakia.

Syndicated 2016-07-02 05:21:40 from Advogato

DebCamp16 day 7

Usual spam reporting. Review wiki RecentChanges. Provide feedback for the staging site of the new codebase for screenshots.d.n. Redirect bugs-search.d.o complaint to the BTS maintainers. Point out pastebinit already supports fpaste.org. Polish chromium-bsu, make a new upstream release to fix Debian RC bug #822711. Upload screenshot of chromium-bsu menu. Notify chromium-bsu package maintainers in other distros (hug whohas). Avoid checking WAV files for spelling errors in cats. Make the old PTS download i18n data over https. File #829092 to get the per-package i18n data to use https for links. Point someone on mentors to the Debian PHP group wiki page.

Syndicated 2016-07-01 05:38:56 from Advogato

DebCamp16 day 6

Redirect one person contacting the Debian sysadmin and web teams to Debian user support. Review wiki RecentChanges. Usual spam reporting. Check and fix a derivatives census issue. Suggest sending the titanpad maintainence issue to a wider audience. Update check-all-the-things and copyright review tools wiki page for licensecheck/devscripts split. Ask if debian-debug could be added to mirror.dc16.debconf.org. Discuss more about the devscripts/licensecheck split. Yesterday I grrred at Debian perl bug #588017 that causes vulnerabilities in check-all-the-things, tried to figure out the scope of the issue and workaround all of the issues I could find. (Perls are shiny and Check All The thingS can be abbreviated as cats) Today I confirmed with the reporter (Jakub Wilk) that the patch mitigates this. Release check-all-the-things to Debian unstable (finally!!). Discuss with the borg about syncing cats to Ubuntu. Notice autoconf/automake being installed as indirect cats build-deps (via debhelper/dh-autoreconf) and poke relevant folks about this. Answer question about alioth vs debian.org LDAP.

Syndicated 2016-06-29 20:49:00 from Advogato

77 older entries...

 

pabs3 certified others as follows:

  • pabs3 certified pabs3 as Apprentice
  • pabs3 certified frob as Journeyer
  • pabs3 certified rc as Journeyer

Others have certified pabs3 as follows:

  • pabs3 certified pabs3 as Apprentice
  • wingo certified pabs3 as Apprentice
  • richdawe certified pabs3 as Apprentice
  • lerdsuwa certified pabs3 as Apprentice
  • mpr certified pabs3 as Apprentice
  • zx80user certified pabs3 as Apprentice
  • rc certified pabs3 as Journeyer
  • yosch certified pabs3 as Master
  • glasseyes certified pabs3 as Journeyer
  • codehelp certified pabs3 as Journeyer
  • badvogato certified pabs3 as Journeyer

[ Certification disabled because you're not logged in. ]

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

X
Share this page