Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted crowdsec 1.0.8-1 (source) into unstable
Date: Tue, 02 Mar 2021 01:03:30 +0000
Signed by: Cyril Brulebois <kibi@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 02 Mar 2021 00:25:48 +0000
Source: crowdsec
Architecture: source
Version: 1.0.8-1
Distribution: unstable
Urgency: medium
Maintainer: Cyril Brulebois <cyril@debamax.com>
Changed-By: Cyril Brulebois <cyril@debamax.com>
Changes:
 crowdsec (1.0.8-1) unstable; urgency=medium
 .
   * New upstream stable release.
   * Refresh patches:
      + 0001-use-a-local-machineid-implementation.patch (unfuzzy)
      + 0002-add-compatibility-for-older-sqlite-driver.patch
   * Set cwversion variables through debian/rules (build metadata).
   * Add patch so that upstream's crowdsec.service is correct on Debian:
      + 0003-adjust-systemd-unit.patch
   * Really add lintian overrides for hardening-no-pie warnings.
   * Ship patterns below /etc/crowdsec/patterns: they're supposed to be
     stable over time, and it's advised not to modify them, but let's allow
     for some configurability.
   * Include a snapshot of hub files from the master branch, at commit
     d8a8509bdf: hub1. Further updates for a given crowdsec upstream
     version will be numbered hubN. After a while, they will be generated
     from a dedicated vX.Y.Z branch instead of from master.
   * Implement a generate_hub_tarball target in debian/rules to automate
     generating a tarball for hub files.
   * Add patch to disable geoip-enrich in the hub files as it requires
     downloading some files from the network that aren't under the usual
     MIT license:
      + 0004-disable-geoip-enrich.patch
   * Ship a selection of hub files in /usr/share/crowdsec/hub so that
     crowdsec can be set up without having to download data from the
     collaborative hub (https://hub.crowdsec.net/).
   * Ditto for some data files (in /usr/share/crowdsec/data).
   * Use DH_GOLANG_EXCLUDES to avoid including extra Go files from the
     hub into the build directory.
   * Implement an extract_hub_tarball target in debian/rules to automate
     extracting hub files from the tarball.
   * Implement an extract_data_tarball target in debian/rules to automate
     extracting data files from the tarball.
   * Ship crowdsec-cli (automated Golang naming) as cscli (upstream's
     preference).
   * Add patch to adjust the default config:
      + 0005-adjust-config.patch
   * Ship config/config.yaml accordingly, along with the config files it
     references.
   * Also adjust the hub_branch variable in config.yaml, pointing to the
     branch related to the current upstream release instead of master.
   * Create /var/lib/crowdsec/{data,hub} directories.
   * Implement configure in postinst to generate credentials files:
     Implement a simple agent setup with a Local API (LAPI), and with an
     automatic registration to the Central API (CAPI). The latter can be
     disabled by creating a /etc/crowdsec/online_api_credentials.yaml file
     containing a comment (e.g. “# no thanks”) before installing this
     package.
   * Implement purge in postrm. Drop all of /etc/crowdsec except
     online_api_credentials.yaml if this file doesn't seem to have been
     created during CAPI registration (likely because an admin created the
     file in advance to prevent it). Also remove everything below
     /var/lib/crowdsec/{data,hub}, along with log files.
   * Implement custom enable-online-hub and disable-online-hub actions in
     postinst. The latter is called once automatically to make sure the
     offline hub is ready to use. See README.Debian for details.
   * Also enable all items using the offline hub on fresh installation.
   * Add patch advertising `systemctl restart crowdsec` when updating the
     configuration: reload doesn't work at the moment (#656 upstream).
      + 0006-prefer-systemctl-restart.patch
   * Add patch automating switching from the offline hub to the online hub
     when `cscli hub update` is called:
      + 0007-automatically-enable-online-hub.patch
   * Add lintian override accordingly: uses-dpkg-database-directly.
   * Add ca-certificates to Depends for the CAPI registration.
   * Create /etc/machine-id if it doesn't exist already (e.g. in piuparts
     environments).
Checksums-Sha1:
 c95223e1f8a7dbe9ea6880f461434c279522b6a9 4113 crowdsec_1.0.8-1.dsc
 b4578e550c122525141b54f0f340da7d57c66b64 6633 crowdsec_1.0.8.orig-data1.tar.gz
 fc4ea1e240eeeb6d52f9e66532a710eebf7afaf4 328614 crowdsec_1.0.8.orig-hub1.tar.gz
 fbe11b10729fc59e3bd34ff3cd444f14a390c6aa 28991798 crowdsec_1.0.8.orig.tar.gz
 1926be922d664e717cbfcb7f18648d507d5ded81 15028 crowdsec_1.0.8-1.debian.tar.xz
 0a574cbfaae028f935e043a0e59404ebea365541 22413 crowdsec_1.0.8-1_source.buildinfo
Checksums-Sha256:
 8faba7cf2f401041778043dc6677be0490e8295435e2e5098b0eab3482063c92 4113 crowdsec_1.0.8-1.dsc
 5162c01310629e0546229a40902d586fddd713208ff5a65fda7660eadd4fa06a 6633 crowdsec_1.0.8.orig-data1.tar.gz
 8928fbff222c2401296b22f65b7e4373fac5f6793aa8eb5b587076e675e98f48 328614 crowdsec_1.0.8.orig-hub1.tar.gz
 69eaff551eab31fc83207f9f8388ab0ccb4e2caeb7386cce5da79d4752f56b40 28991798 crowdsec_1.0.8.orig.tar.gz
 87f6a8765306766fd2b1938b4f9a83301cf689211c92ffc829a72fc0234fde03 15028 crowdsec_1.0.8-1.debian.tar.xz
 2e1202a95709a4da81835127cc132639c8d839f93e63071be47ced7a9ab55977 22413 crowdsec_1.0.8-1_source.buildinfo
Files:
 6a5511cd55dc081949239aed78a48082 4113 golang optional crowdsec_1.0.8-1.dsc
 c9a40e5a33657fd69d51cf87f814b184 6633 golang optional crowdsec_1.0.8.orig-data1.tar.gz
 12fe8aa6f1f1d09fee6e524657661f52 328614 golang optional crowdsec_1.0.8.orig-hub1.tar.gz
 1029b77760e3f6b33d40c9f02c770244 28991798 golang optional crowdsec_1.0.8.orig.tar.gz
 1a59e5ff6e71d1833ed461f709452752 15028 golang optional crowdsec_1.0.8-1.debian.tar.xz
 e136491d0b70a35671f3e5ef5eb5d8f4 22413 golang optional crowdsec_1.0.8-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCgAuFiEEtg6/KYRFPHDXTPR4/5FK8MKzVSAFAmA9hnMQHGtpYmlAZGVi
aWFuLm9yZwAKCRD/kUrwwrNVIKOVD/42t/vlRs3qis8qpCBWwdKZ9nQjxe2KPZXN
VzHB5s2jASpORX8xrZ8Yr462s3l1IRYgGzX1x0XrkdzKlZ1XPvsH0b6SnFeBAfze
5TRFUka+Bcu6osyL9Gaf+DLqCXrZd37H070u3sMSWtWw+9nV0ry7KL2QqPsr4spx
u1DW7V0HxPJ+QCFBp10z9uGwWIyxUIihCwhvRx0dxJs/aj+cYN2oG60ZXy5PNJ8z
qQLZv7JdMFoXn/QuHOBNwXNHt15GySqAUhiLqGrVFtqb/P4799Srl3+Iwl7rItrx
L7z6KkaE5zvsopSy+mg7nPjJRfeNWZCU+cJsae9tGR5SnCujPen3WP4wi1Z5TCct
CDJvdKwT6/aQ/GwNa2p4f0MCprUbxUiOGEHyNqmB5/Tt4TIchorr7Qa8unm2Q0e7
v1+UC+bccuXhWf7OOL9dsS0R5CWk3wSOs6GYXb3E/AF8kBkCDDC1eC9VuYJNOACS
9ba1wrBUB8vpXNPeVVwW17K4Zu1rL/fnD1jpL7UZ0KDt++9RDJ8H13cKcCGZZx+P
SzK5oEV319vwFlOmBEjJlZY2tEezzK3ex9aCAxzs9DY899JsB2QqXR2mi4EHGUrg
OFgSPkUNugHDszgSChB8iqoYvcF1HNgO0wM6NXBy7pYeOHv5ETGuxEeAS7g4WRIO
s6imbOHNcw==
=hFiS
-----END PGP SIGNATURE-----
News for package crowdsec
