1. Forum
  2. Usenet
  3. LINUX.DEBIAN.DEVEL

  • Thanks for sqv in apt

    From Ian Jackson@21:1/5 to All on Fri Jan 10 18:20:01 2025
    Hi. I just wanted to say thank you to all the people who have
    contributed to the fact that apt now verifies packages with Sequoia
    (sqv) by default.

    I know I will have missed some people, hence the CC to -devel and to
    the Debian Rust team. And thanks of course are also due to all the
    upstream contributors to Sequoia and its dependencies.

    This change (and Sequoia adoption more generally) will be an
    improvement for many of Debian's users, and also enable other
    necessary changes. But I have a more personal reason for being
    pleased right now:

    This change has sped up the dgit test suite, running locally on my
    laptop, from taking around 9-10 mins, to taking 5-6. So this single
    change has sped up my tests by a factor of nearly 2. When doing
    serious development[1] I like to run the test suite on every commit,
    so this is a massive boon.

    For those who want to know where such a terrific speedup came from:
    The dgit test suite does a *lot* of simulated uploads, mostly with
    little pet apt archives. So it runs apt a lot. And, the test suite
    has multiple horrific workarounds for gnupg2's terrible startup races, including a nightmarish contraption that completely serialises all
    invocations of gnupg across all the different tests; empirically that
    reduced the failure probability of the whole test suite from "at least
    one test always fails" to "it might fail once or twice on a long
    branch". So not running gnupg means less serialisation and less
    overhead. I also expect it to be more reliable :-).

    In Debian the benefits of improvements are often diffuse, and felt by
    users a long way from the developers. For a user it's hard to know
    who to thank. And of course change comes with bugs and sometimes with controversy, which are less nice things to land on the maintainers'
    and contributors' plates. So I felt that when one specific change had
    made such a dramatic positive impact on me, I wanted to say thanks.

    I look forward to more and more adoption of gnupg alternatives in
    Debian.

    And thanks to everyone who helps make Debian be the capable but boring operating system that just works, giving our users across the world a
    system that serves *their* interests, and helps them get shit done.

    Best wishes and a belated happy new year.

    Ian.

    [1] Currently, I'm doing final pre-merge tests on this 73-commit
    MR which implements most of the remaining architectural changes
    requested in Russ's security review of tag2upload:
    https://salsa.debian.org/dgit-team/dgit/-/merge_requests/86
    I now expect these tests to complete many hours sooner.

    --
    Ian Jackson <ijackson@chiark.greenend.org.uk> These opinions are my own.

    Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk,
    that is a private address which bypasses my fierce spamfilter.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)