Ubuntu
serf package

[MIR] serf

Bug #410624 reported by Anders Kaseorg on 2009-08-08

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	serf (Ubuntu)	Fix Released	Wishlist	Alexander Sack	Ubuntu later

Bug Description

1. Availability: i386, amd64 <http://archive.ubuntu.com/ubuntu/pool/universe/s/serf/>.

2. Rationale: serf is a new build-dependency of subversion 1.6.3 and 1.6.4 in Debian; subversion 1.6.1 is in Ubuntu main. In order to merge subversion 1.6.4 (LP bug #406245), we will either need to promote serf or add further Ubuntu-specific changes to subversion. Since Subversion upstream is considering changing the default HTTP client library from neon to serf (because it supports pipelined requests and multiple concurrent connections for better performance), it seems best for Ubuntu’s subversion to include both the neon and serf backends, like Debian’s.

3. Security: No CVE entries <http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=serf>, no Secunia history <http://secunia.com/search/?search=serf>, no setuid binaries, no network servers. serf is an HTTP client library.

4. Quality assurance: The package requires no configuration. The last upload by the Debian serf maintainer was a year ago, but there were two NMUs last month by the Debian subversion maintainer. The only open Debian bug report is an unconfirmed FTBFS of an old version (which isn’t too concerning given that the package has already built in Karmic). Upstream <http://code.google.com/p/serf/> has regular Subversion commits (many per week), and has 9 open bugs (out of 49) that don’t look particularly notable. There is a test suite that runs successfully at build.

5. UI standards: This is a library, not a user-facing application.

6. Standards compliance: There are 6 lintian warnings that look pretty minor <http://packages.qa.debian.org/s/serf.html>. It is packaged using CDBS and all Debian patches are applied with quilt. The two binary packages, libserf-0-0 and libserf-0-0-dev, install a library and corresponding development files to standard locations as you’d expect.

7. Dependencies: All dependencies and build-dependencies are in main (apr, apr-util, openssl, eglibc, zlib, cdbs, debhelper, quilt, autotools-dev).

8. Maintenance: This package is infrequently updated in Debian and is not likely to require any additional attention from Ubuntu.

9. Background information: Nothing notable beyond debian/control.

10. Internationalization: This is not a graphical application and does not require translation.

Revision history for this message

Richard Hansen (rhansen) wrote on 2009-08-09:

In case it's relevant to this bug, I just submitted bug #410901 about a minor build-depends issue with serf.

Revision history for this message

Loïc Minier (lool) wrote on 2009-08-12:

Alexander, could you please look at serf?

Changed in serf (Ubuntu):
assignee:	nobody → Alexander Sack (asac)

Revision history for this message

Max Bowsher (maxb) wrote on 2009-08-16:

Hi MIR approval team:

Subversion 1.6.1 is currently in Karmic - the upgrade to 1.6.4 contains some important bugfixes which really should not miss Karmic.

It would be fairly trivial to modify the 1.6.4 package to not use Serf, thus decoupling the bugfixes from the completion of this MIR - but that would be wasted work if the MIR is approved shortly after.

Please could you recommend whether this MIR is likely to be approved in the next few days, or whether I should submit a package which decouples the new upstream version from completion of this MIR, in order to avoid being caught out by FeatureFreeze.

Thanks!

Revision history for this message

Alexander Sack (asac) wrote on 2009-08-19:

If it's a trival change to subversion I would prefer to keep it out of main for this cycle.

From packaging point of view I don't like how the lib -dev package is versioned. It should be libserf0-dev to ease transitions. Maybe file a bug on this in debian. Setting this to incomplete for now. Once this becomes relevant (e.g. default moves to serf), set back to NEW again.

Revision history for this message

Anders Kaseorg (andersk) wrote on 2009-08-19:

I filed the -dev package version issue as http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542450 .

Martin Pitt (pitti) on 2009-08-26

summary:

- Promote serf from universe to main
+ [MIR] serf

Revision history for this message

Loïc Minier (lool) wrote on 2009-09-04:

I am marking this bug as confirmed and milestoning it for "later" to document that we'll look into promoting serf in karmic+1. If you think there's sufficient ground for promoting it in karmic, could you please document it here?

Thanks!

Changed in serf (Ubuntu):
importance:	Undecided → Wishlist
milestone:	none → later
status:	New → Confirmed

Revision history for this message

Anders Kaseorg (andersk) wrote on 2011-06-27:

libserf-0-0-dev was just renamed to libserf-dev in 0.7.2-1 (http://bugs.debian.org/542450).

Revision history for this message

Matthias Klose (doko) wrote on 2011-08-11:

now synced 0.7.2-1

Revision history for this message

Matthias Klose (doko) wrote on 2011-08-11:

hmm, no, this is in experimental, and requires a soname bump. will you handle that?

Revision history for this message

Anders Kaseorg (andersk) wrote on 2011-08-11:

#10

I’m not the developer, but I can file more bugs, I guess… In what way do you want this to be handled?

Revision history for this message

Matthias Klose (doko) wrote on 2011-08-11:

#11

provide a list of packages which need to be rebuilt, then test rebuild. but we are now in feature freeze, so maybe do this at the start of the next cycle?

Revision history for this message

Anders Kaseorg (andersk) wrote on 2011-08-11:

#12

Nothing in the archive depends libserf-0-0 right now except its own dev package.

Revision history for this message

Matthias Klose (doko) wrote on 2011-08-12:

#13

now synced, and fails half of the tests :-(

Revision history for this message

Anders Kaseorg (andersk) wrote on 2011-08-12:

#14

Huh, yeah, that looks like http://bugs.debian.org/632573 . Is it possible that Ubuntu’s buildds are missing /etc/hosts entries for ip6-localhost?

Revision history for this message

Anders Kaseorg (andersk) wrote on 2011-08-18:

#15

serf_1.0.0-1_-2.debdiff Edit (2.0 KiB, text/plain)

I got a patch upstream that fixes the FTBFS:
http://code.google.com/p/serf/source/detail?r=1560
It’s also in Debian’s serf 1.0.0-2 (just uploaded); debdiff attached.

Revision history for this message

Matthias Klose (doko) wrote on 2011-08-19:

#16

promoted; please co on with the subversion changes

2011-08-19 05:54:54 INFO Override Component to: 'main'
2011-08-19 05:54:54 INFO 'serf - 1.0.0-2/universe/libs' source overridden
2011-08-19 05:54:54 INFO 'libserf-dev-1.0.0-2/universe/libdevel/OPTIONAL' binary overridden in oneiric/amd64
2011-08-19 05:54:54 INFO 'libserf-dev-1.0.0-2/universe/libdevel/OPTIONAL' binary overridden in oneiric/armel
2011-08-19 05:54:54 INFO 'libserf-dev-1.0.0-2/universe/libdevel/OPTIONAL' binary overridden in oneiric/i386
2011-08-19 05:54:54 INFO 'libserf-dev-1.0.0-2/universe/libdevel/OPTIONAL' binary overridden in oneiric/powerpc
2011-08-19 05:54:54 INFO 'libserf1-1.0.0-2/universe/libs/OPTIONAL' binary overridden in oneiric/amd64
2011-08-19 05:54:54 INFO 'libserf1-1.0.0-2/universe/libs/OPTIONAL' binary overridden in oneiric/armel
2011-08-19 05:54:54 INFO 'libserf1-1.0.0-2/universe/libs/OPTIONAL' binary overridden in oneiric/i386
2011-08-19 05:54:54 INFO 'libserf1-1.0.0-2/universe/libs/OPTIONAL' binary overridden in oneiric/powerpc
2011-08-19 05:54:54 INFO 'libserf1-dbg-1.0.0-2/universe/debug/EXTRA' binary overridden in oneiric/amd64
2011-08-19 05:54:54 INFO 'libserf1-dbg-1.0.0-2/universe/debug/EXTRA' binary overridden in oneiric/armel
2011-08-19 05:54:54 INFO 'libserf1-dbg-1.0.0-2/universe/debug/EXTRA' binary overridden in oneiric/i386
2011-08-19 05:54:54 INFO 'libserf1-dbg-1.0.0-2/universe/debug/EXTRA' binary overridden in oneiric/powerpc