Raúl Benencia

Debian contributions log — Vol. 1

Greetings from a windy San Francisco. This blog is a bit quiet; let’s fix that. I will start making some noise by sharing my contributions to the Debian project.

San Francisco downtown
A view of San Francisco downtown, from Dolores Park.


Debsources is the software behind sources.debian.org.

  • 2021-03-26: Fixed Docker build and updated HACKING instructions for running the Docker environment; I wanted to give a shot to the bugs tagged newcomer, but the first challenge I found was that — on master — the Docker-build instructions were not working. This contribution fixed that. After submitting it, though, I was made aware that the Docker build was already fixed on another branch.

  • 2021-03-27: Fixed Flake8 E741: A simple contribution to get familiar with the debsources code base. This contribution was put on hold. We decided to wait until the current effort for migrating from Python 2 to Python 3 is finished.

  • 2021-03-28: Fixed test_news test. I faced several issues with this test, so I fixed them.

  • 2021-04-06: Added CI. Debsources used to have a Travis CI but it stopped working at some point. This merge request started the discussion for using Salsa CI.

  • 2021-04-09: Enhanced Docker-build’s Makefile, as it was not using the same targets than the main Makefile. This patch fixed that situation, making it consistent.

    This contribution was part of the same merge request I started on 2021-04-06.

  • 2021-04-17: Fixed #783832. This bug was opened about six years ago to track tests that were failing to run on a CI (Travis, on those remote times). I’ve successfully ran all tests with Salsa CI, so this bug was finally closed.

    This contribution was part of the same merge request I started on 2021-04-06.

Kudos to Matthieu Caneill for patiently sponsoring these contributions. Thank you!


The Carnivore project — maintained by the QA team — is a database that plenty of Debian services use under the hood. From its README:

Goal is to reliably correlate identities with each other, that is, alternative email addresses, and the like, for the purpose of having all sorts of QA scripts, including DDPO, MIA, lintian, etc. etc. be able to show data grouped by maintainer, even though a single maintainer might be using multiple different email addresses.

I wanted to tackle some its bugs:

  • 2021-04-01: My first conclusion after analyzing the code base was that a small change will have big impact, so testing was paramount. The project does not describe how to do local testing, and I suspect there’s no direct way of doing so. This contribution adds a Docker test environment to ease local testing.

    I’m still looking for someone to sponsor this contribution.

  • 2021-04-03: carnivore gathers the name for a given identity from packages — using Maintainer and Uploaders field —, from GPG keys on the Debian keyrings, and from LDAP (DDs only). Some identities will have multiple names associated. Sometimes, this behavior is unwanted:

    • #963210 — carnivore: DDPO still using old name
    • #694081 — carnivore: should not import name from revoked gpg key

    This contribution allows setting a preferred name for a given identity.

    I’m still looking for someone to sponsor this contribution.

Emacs theme — Clues

The clues-emacs package provides a theme for Emacs. I adopted it during DebConf 19.

  • 2021-04-07: Commited an NMU patch to the VCS.

  • 2021-04-12: Prepared version 1.0.1-3. This version updates the packaging and adds CI. I was still missing DM upload permissions and Josue kindly gave them to me. Thank you!


Shoelaces is a tool for automating servers bootstrapping. I gave a talk about it on DebConf 19.

  • 2021-04-10: Uploaded version shoelaces_1.2.0+ds-1. This version packages a new upstream release, and also updates the packaging in general.

  • 2021-04-18: Prepared golang-github-namsral-flag version 1.7.4~alpha+git20170814.67f268f2-2. This package is a shoelaces dependency.

  • 2021-04-20: Prepared golang-github-justinas-alice version 1.2.0-1. This package is a shoelaces dependency.

The Mole

The Mole is an automatic SQL Injection exploitation tool.

  • 2021-04-11: Uploaded version 0.3-3. This version updates the packaging and adds CI.


Foremost is a program to recover files based on their headers, footers, and internal data structures.

  • 2021-04-16: Uploaded foremost version 1.5.7-10. I’ve updated the packaging, added CI and fixed a FTBFS on the way. I’ve also attended to a long-standing merge request from the Ubuntu team, and updated their bug report.