Package Todo Lists
Todo lists are used by the developers when a rebuild of a set of packages is needed. This is common when a library has a version bump, during a toolchain rebuild, or a general cleanup of packages in the repositories. The progress can be tracked here, and completed todo lists can be browsed as well.
| Name | Creation Date | Creator | Description | Package Count | Incomplete Count | Status |
|---|---|---|---|---|---|---|
| cmake 3.9 rebuild | 2017-08-14 | Felix Yan | Packages used to put file in /usr/share/cmake-3.8 need to be rebuilt to put them in the new place. | 5 | 0 | Complete |
| code.google.com retirement | 2017-07-16 | Jelle van der Waa | code.google.com source urls are no longer working. Update them for your packages. This todolist might include url= containing code.google.com, which should be updated as well. Script used to find these urls: grep -lr "code.google" | awk -F "/" '{print $1}' | uniq | 68 | 0 | Complete |
| imagemagick 6.9.9.0 rebuild | 2017-07-15 | Antonio Rojas | libMagick++-6.Q16HDRI.so.7 -> 8 libMagickCore-6.Q16HDRI.so.4 -> 5 libMagickWand-6.Q16HDRI.so.4 -> 5 Packages go to [staging] | 18 | 0 | Complete |
| exiv2 0.26 rebuild | 2017-07-14 | Antonio Rojas | libexiv2.so.14 -> 26 Packages go to [staging] | 26 | 0 | Complete |
| hardening-wrapper removal | 2017-07-10 | Bartłomiej Piotrowski | With recent changes in toolchain, it is feasible to replace hardening-wrapper with simple rebuild against testing (with testing/devtools installed). The major differences are lack of -fstack-check (which is not enough to prevent stack clashes without full distro rebuild) and no enforcement of full RELRO if LDFLAGS are ignored. Remove hardening-wrapper from makedepends and run checksec on both old and rebuild packages to see if there is any regression. If yes, it means that build system should be patched to reflect out LDFLAGS instead; otherwise push packages to stable repositories and mark them as done. | 11 | 0 | Complete |
| PIE static libraries rebuild | 2017-07-10 | Bartłomiej Piotrowski | Toolchain in [core] enforces position-independent executables. Non-PIE static libraries have to be rebuild, otherwise dependent packages will fail to build. If anything on the list seems bogus, ping me on IRC and remove from the todo. Packages can be pushed straight to [extra]/[community], as long as you remember to build them with up to date devtools and toolchain. | 198 | 0 | Complete |
| NTL 10.5 rebuild | 2017-07-07 | Antonio Rojas | libntl.so.34 -> 35 | 8 | 0 | Complete |
| libgit 0.26.0 | 2017-07-07 | Lukas Fleischer | Please rebuild affected packages and move them to [staging]/[community-staging]. | 10 | 0 | Complete |
| libgit 0.26 [deferred] | 2017-07-07 | Lukas Fleischer | Please rebuild affected packages and move them to [staging]/[community-staging]. | 0 | 0 | Complete |
| Clean qt5-tools dependency | 2017-06-25 | Balló György | Most packages require qt5-tools only to build, except if they use QtHelp. Please verify your package and move qt5-tools to makedepends if needed. If your package really depends on qt5-tools, just mark it as completed. | 8 | 0 | Complete |
| Gna! retirement | 2017-06-25 | Balló György | gna.org was retired recently, so any url and source should be changed in order to use the "new" upstream url. Unlucky it's not so easy to find the new url for any package, since there was no a complete migration to another hoster. More information: http://web.archive.org/web/20170505010209/https://mail.gna.org/public/project/2016-11/msg00001.html http://web.archive.org/web/20170401180752/https://gna.org/forum/forum.php?forum_id=2545 | 13 | 0 | Complete |
| NTL 10.4 rebuild | 2017-06-19 | Antonio Rojas | libntl.so.33 -> 34 | 8 | 0 | Complete |
| gsl 2.4 rebuild | 2017-06-19 | Antonio Rojas | libgsl.so.19 -> libgsl.so.23 | 23 | 0 | Complete |
| hdf5 1.10.1 | 2017-06-17 | Bruno Pagani | /usr/lib/libhdf5.so.100 -> /usr/lib/libhdf5.so.101 Packages go to [staging]. | 16 | 0 | Complete |
| libconfig 1.6 rebuild | 2017-06-14 | Antonio Rojas | libconfig.so.9 -> 8 packages go to [staging] | 8 | 0 | Complete |
| OpenMPI 2.x version bump | 2017-06-09 | Anatol Pomozov | OpenMPI 2.x has been released a while ago. It is time for us to make the package update. Please rebuild the packages and upload it to [staging]. | 16 | 0 | Complete |
| libevent 2.1 | 2017-06-09 | Bartłomiej Piotrowski | libevent{,_core,_extra,_openssl,_pthreads}-2.0.so.5 -> 2.1.so.6 Packages go to [staging]. | 32 | 0 | Complete |
| Qt 5.9 rebuild | 2017-05-31 | Antonio Rojas | The usual batch of rebuilds. Packages go to staging | 13 | 0 | Complete |
| boost 1.64.0 | 2017-05-17 | Bartłomiej Piotrowski | Packages go to staging. | 93 | 0 | Complete |
| OpenSSL 1.0 - take 3 | 2017-05-17 | Jan de Groot | We need to re-version OpenSSL library symbols to stay compatible with Debian Stable and non-free software. FS#53836 This one breaks ABI with openssl-1.0-3, so build order can be important here. | 30 | 0 | Complete |
| protobuf 3.3.0 | 2017-05-06 | Lukas Fleischer | Please rebuild affected packages and move them to [staging]/[community-staging]. | 21 | 0 | Complete |
| x265 2.4 rebuild | 2017-04-26 | Maxime Gauduin | libx265.so=110 -> libx265.so=116 I'll handle the rebuild, sit back and relax. | 7 | 0 | Complete |
| cmake 3.8 rebuild | 2017-04-17 | Felix Yan | Packages used to put file in /usr/share/cmake-3.7 need to be rebuilt to put them in the new place. | 5 | 0 | Complete |
| openssl rebuild, take 2 | 2017-04-05 | Antonio Rojas | The openssl 1.1 rebuild causes issues in some packages which have dependencies linking to different openssl versions, due to symbols clash. This affects mostly Qt packages. To prevent this, openssl-1.0 1.0.2.k-3 adds versioned symbols. Packages that link to openssl-1.0 need to be rebuilt against this new version to have them use the versioned symbols. Packages go to staging. | 33 | 0 | Complete |
| Guile 2.2.0 | 2017-03-29 | Bartłomiej Piotrowski | libguile-2.0.so → libguile-2.2.so libguilereadline-v-18.so has been removed. There is also guile2.0 package that can be co-installed with guile. Packages go to [staging]. | 17 | 0 | Complete |
| LLVM 4.0 | 2017-03-28 | Evangelos Foutras | libLLVM-3.9.so -> libLLVM-4.0.so libclang.so.3.9 -> libclang.so.4 | 21 | 0 | Complete |
| iptables 1.6.1 rebuild | 2017-03-27 | Bartłomiej Piotrowski | Yay for soname changes in minor release. libxtables.so.11 → libxtables.so.12 Packages go to staging. | 4 | 0 | Complete |
| libass, libbluray and x265 rebuild | 2017-03-26 | Maxime Gauduin | Now that the OpenSSL rebuild is done, we can have a crack at this. Packages go to staging. libass.so=5-64 -> libass.so=9-64 libbluray.so=1-64 -> libbluray.so=2-64 libx265.so=102-64 -> libx265.so=110-64 | 29 | 0 | Complete |
| libzip 1.2 rebuild | 2017-03-12 | Antonio Rojas | package went straight to [testing], so rebuilds go to testing/community-testing | 14 | 0 | Complete |
| Fedorahosted.org retirement | 2017-03-03 | Timothy Redaelli | fedorahosted.org was retired on 2017-03-01, so any url and source should be changed in order to use the "new" upstream url. Unlucky it's not so easy to find the new url for any package, since there was no a complete migration to another hoster. More information: https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement | 24 | 0 | Complete |
| libgit2 soname bump | 2017-02-24 | Jan de Groot | libgit2.so.24 -> libgit2.so.25 libgit2 is on the OpenSSL 1.1.0 todo list, so these go together. | 8 | 0 | Complete |
| libglvnd move | 2017-02-13 | Laurent Carlier | (lib32-)libglvnd will provide (lib32-)libgl, (lib32-)libegl and (lib32-)libgles and will depend on (lib32-)opengl-driver. (lib32-)nvidia-utils and (lib32-)mesa will provide (lib32-)opengl-driver and will provide their respective (lib32-)nvidia-gl and (lib32-)mesa-gl for compatibility with old packages. (lib32-)nvidia-304xx will move to unsupported when the rebuild will move to testing, as (lib32-)mesa will not provide anymore libegl and libgles. I will take care of the rebuild, you can take care of the testing! | 6 | 0 | Complete |
| libxml++ 3.0 update | 2017-02-08 | Jan de Groot | Libxml++ 3.0 is incompatible but parallel installable with libxml++-2.6. Rebuilding (or patching) against 3.0 is prefered, in other cases the package should be recompiled against libxml++2.6. Packages go to staging. | 9 | 0 | Complete |
| ImageMagick 6.9.7.7 | 2017-02-07 | Antonio Rojas | libMagickCore-6.Q16HDRI.so.3 -> 4 libMagickWand-6.Q16HDRI.so.3 -> 4 | 15 | 0 | Complete |
| OpenSSL 1.1.0 Rebuild | 2017-01-29 | Pierre Schmitz | See https://lists.archlinux.org/pipermail/arch-dev-public/2017-January/028673.html Needs to be moved together with the libgit2 rebuild. For packages which needs a lot of fixing and not a simple patch, you can use the openssl-1.0 package For pkg-config builds use: export PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig For cmake cmake it's -DOPENSSL_INCLUDE_DIR=/usr/include/openssl-1.0 -DOPENSSL_SSL_LIBRARY=/usr/lib/openssl-1.0/libssl.so -DOPENSSL_CRYPTO_LIBRARY=/usr/lib/openssl-1.0/libcrypto.so | 359 | 0 | Complete |
| opencv 3.2 | 2017-01-29 | Antonio Rojas | libopencv_*.so.3.1 -> libopencv-*.so.3.2 | 9 | 0 | Complete |
| protobuf 3.2.0 | 2017-01-29 | Lukas Fleischer | Please rebuild affected packages and move them to [staging]/[community-staging]. | 19 | 0 | Complete |
| NSS update | 2017-01-25 | Jan Alexander Steffens | NSS 3.28 requires changes in Gecko-based packages in order not to break HTTP2. https://bugzilla.mozilla.org/show_bug.cgi?id=1323209 The following patch has to be backported: https://hg.mozilla.org/mozilla-central/raw-rev/361ac226da2a Firefox 51 is already compatible. Packages go to [staging]. Perhaps an opportunity to drop xulrunner? | 5 | 0 | Complete |
| Qt 5.8 | 2017-01-23 | Antonio Rojas | These packages fail to build against Qt 5.8 and need to be fixed before moving it to [testing] | 6 | 0 | Complete |
| Phasing out old GNOME libraries | 2017-01-20 | Balló György | The following GNOME libraries are deprecated since 2008, and unmaintained since 2011: gnome-vfs, libbonobo, libbonoboui, libgnome, libgnomeui, libsexy, orbit2 We try to get rid from these packages. This TODO contains a list of packages which depend (directly or indirectly) on gnome-vfs, libsexy or orbit2. If the package can be built without these libraries, do so. Otherwise, contact with upstream for a solution, or remove the package. Updated packages can go straight to extra/community. | 60 | 0 | Complete |
| Phasing out qtwebkit | 2017-01-20 | Balló György | QtWebKit for Qt 4 has been unmaintained for quite a while, and lots of CVEs have accumulated. For more information about the WebKit situation, take a look at https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/ To protect our users we should try to limit the packages using qtwebkit, with the goal of eventually getting rid of it completely. This TODO contains a list of packages which depend (directly or indirectly) on qtwebkit, except: - if the package depends on kdelibs and it doesn't use the libkdewebkit.so library, - if the package depends on python{,2}-pyqt4 and it doesn't use the QtWebKit module. What should be done: - If the package can be updated to Qt 5, do so. - Otherwise, if QtWebKit is an optional dependency, build without it. - Otherwise, consider removing the package, especially if it's a browser. Updated packages can go straight to extra/community. If nothing can be done right now, mark the package as completed anyway. We'll be evaluating the situation again after this TODO is through. | 34 | 0 | Complete |
| Phasing out gstreamer0.10 | 2017-01-20 | Balló György | GStreamer 0.10 has been unmaintained for quite a while, [1] and some CVEs have accumulated. [2] The last release was in 2012. Applications should use GStreamer 1 now. To protect our users, we try to get rid from the following packages: gstreamer0.10, gstreamer0.10-base, gstreamer0.10-bad, gstreamer0.10-bad-plugins, gstreamer0.10-base-plugins, gstreamer0.10-ffmpeg, gstreamer0.10-good, gstreamer0.10-good-plugins, gstreamer0.10-mm, gstreamer0.10-python, gstreamer0.10-ugly, gstreamer0.10-ugly-plugins, perl-gstreamer, perl-gstreamer-interfaces This TODO contains a list of packages which depend (directly or indirectly) on gstreamer0.10. - If the package can be updated to GStreamer 1, do so. - Otherwise, if GStreamer is an optional dependency, build without it. - Otherwise, remove the package. Updated packages can go straight to extra/community. [1] https://lists.freedesktop.org/archives/gstreamer-announce/2013-March/000273.html [2] https://bugs.archlinux.org/task/52335 | 24 | 0 | Complete |
| Phasing out webkitgtk{,2} | 2017-01-19 | Jan Alexander Steffens | WebkitGTK+ 2.4 has been unmaintained for quite a while, and lots of CVEs have accumulated. The last release fixing CVEs, 2.4.10, only fixed about half the vulnerabilities known, and that release was only made because 2.4.9 was broken with GTK+ 3.20, and Evolution quickly needed a working HTML renderer. For more information about the WebKit situation, take a look at https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/ To protect our users we should try to limit the packages using webkitgtk(2), with the goal of eventually getting rid of it completely. This TODO contains a list of packages which depend (directly or indirectly) on webkitgtk or webkitgtk2. If the package can be updated to webkit2gtk, do so. Otherwise, if WebKit is an optional dependency, build without it. Otherwise, consider removing the package, especially if it's a browser. Updated packages can go straight to extra/community. If nothing can be done right now, mark the package as completed anyway. We'll be evaluating the situation again after this TODO is through. | 72 | 0 | Complete |
| poppler 0.51.0 | 2017-01-17 | Andreas Radke | sorry, no .so bump this time. | 0 | 0 | Complete |
| protobuf 3.1.0 | 2017-01-12 | Lukas Fleischer | Please rebuild affected packages and move them to [stating]/[community-staging]. | 19 | 0 | Complete |
| pacman hooks: fontconfig / xorg-mkfontdir | 2017-01-11 | Christian Hesse | This rebuild covers packages using these hooks / commands: fontconfig (fc-cache) xorg-mkfontdir (mkfontscale & mkfontdir) Each rebuild requires the install file updated to remove these commands. No need for staging, packages go the usual way. | 58 | 0 | Complete |
| pacman hooks: systemd-{sysusers,tmpfiles} | 2017-01-11 | Christian Hesse | This rebuild covers packages using these hooks / commands: systemd-sysusers systemd-tmpfiles Each rebuild requires the install file updated to remove these commands. No need for staging, packages go the usual way. | 77 | 0 | Complete |
| libraw 0.18 | 2017-01-06 | Antonio Rojas | libraw.so.15 -> libraw.so.16 libraw_r.so.15 -> libraw_r.so.16 | 11 | 0 | Complete |
| xapian 1.4 rebuild | 2017-01-02 | Felix Yan | libxapian.so=22-64 -> libxapian.so=30-64 Packages go to [staging]. | 7 | 0 | Complete |
| boost 1.63.0 rebuild | 2017-01-01 | Bartłomiej Piotrowski | Soname were bumped to 1.63.0. Packages go to [staging]. | 93 | 0 | Complete |