Update requests for packages imported from Arch Linux

Our:

pacman -Si btrfs-progs | grep Version
Version         : 6.1-1

Their:

Arch Linux - btrfs-progs 6.1-2 (x86_64) :

btrfs-progs 6.1-2

Thanks!

I just synced unstable, it’s now available.

Please don’t post here because you’re impatient. :stuck_out_tongue_winking_eye:

2 Likes

memo is out of date on Arch, released version (Arch build 12/13, v. 5.6.1-1) is a broken push …Nemo works but behavior is buggy, supposed to be fixed in 12/20 build that is part of Mint 21 release. plz fix soon as the bug is a pain. see regression in pathbar · Issue #3147 · linuxmint/nemo · GitHub for details.

It was flagged out of date erroneously. 5.6.1 is the latest release tag. The Mint package appears to be the same version according to the changelog.

Important security update for cargo (rust) CVE-2022-46176.

Cargo did not verify SSH host keys from package registers.

All Rust versions containing Cargo before 1.66.1 are vulnerable.

rust 1:1.66.1-1 is currently in the unstable branch.

I do not think keeping such a critical security issue at testing is a good idea.

You read this part, right?

If you can’t upgrade to Rust 1.66.1 yet, we recommend configuring Cargo to use the git CLI instead of its built-in git support. That way, all git network operations will be performed by the git CLI, which is not affected by this vulnerability. You can do so by adding this snippet to your Cargo configuration file:

[net]
git-fetch-with-cli = true
1 Like

git version 2.39.1-1 contains critical security fixes, see:

So it should be fast-tracked.

It’s already in the testing and unstable branch. Please do not request packages that are already in the repos. This has been mentioned many, many times.

<rant>

Oh, but it’s not in the stable branch, you say. If you’re that concerned about security and bleeding edge updates then you would already be using the testing or unstable branch.

Riddle me this: What’s the point in having three branches if no one uses the other two? People complain there are issues when a stable update hits. If more people used the testing and unstable branches and provided feedback, then there would be less issues in the stable branch. For those who already do, thank you very much. You are appreciated.

Manjaro unstable is on par with Arch stable. The only reason why Manjaro’s unstable branch could possibly be “unstable” at times is the short transition between syncing Arch stable and updating Manjaro custom packages. That period is normally within hours or even minutes. At most it could be up to a day if there’s toolchain rebuilds. Remember, not every team member is in the same time zone. The testing branch will not have that issue at all and is basically a preview of the next stable update.

</rant>

Any questions or comments? They are welcome. Please speak freely just as I have done.

If so the discussion will be converted into a new topic and this post will reference it.

EDIT: A reply to this post has been removed because the author of said post does not know how to discuss a topic constructively.

5 Likes

Certbot needs to be updated and fix due to issues, there is a version mismatch somewhere.

It was flagged out of date yesterday. As was mentioned in your thread, it seems to be a local issue on your end. There are neither Arch bug reports, Arch forum posts nor Manjaro forum posts about it.

1 Like

I manually updated Discord a little while ago while we’re waiting for Arch to rebuild a corrupt package stopping us from syncing.

The version in the Arch repos is newer than the one in our repos, so I told the OP of the linked thread above that I’d put in the update request. :man_shrugging:

yt-dlp has released a new version that copes with the changed YouTube API. The version 2024.03.10 should be provided.

This version is already available on Arch Linux. Since my software depends on it, I’d very much appreciate an update

Update - The request was made because an AUR install will pull the wrong version. From that point of view it is irrelevant if a more recent version is in another repository. Yt-dlp can be downloaded via curl - which I had implemented intrinsically until someone requested the repository dependency …

It’s available in Manjaro unstable repository as well.

see this.

Using the AUR on Manjaro stable branch is officially supported this much - :zero:

yt-dlp version 2024.03.10-1 is available on Unstable and Testing branches
packages.manjaro.org - yt-dlp