#buildroot is now tracked by #Repology, huge thanks to Bernd Kuhls for pointing me to usable repository data. Repository freshness is currently 56.7%.

I don't believe in paid conferences. Conferences are meant for free thought sharing with as little borders as possible, and paywall is a huge border, not only for the price but just for inconvenience of paying, especially from some countries. I've been asked several times if I'm going to represent #repology on #packagingcon. Well, I don't see any point, and I don't expect to see many enthusiasts there and I can't see how [FOSS] packaging can be improved in such unwelcome commercial environment.

I spotted the Got 0.90 release thanks to @AMDmi3's tool repology.org

Which, currently still doesn't distinguish between the -portable branch of Game of Trees and the one specific to OpenBSD.

Nonetheless, I was checking repology.org to see how ZMap is doing in relation to the 3.0.0 release.

At least at the time as I write this toot, of the 103 repositories tracked, MacPorts is the ONLY one at 3.0.0!

https://repology.org/project/zmap-network-scanner/versions

Two are at -beta1. I do not see any at RC1 or even RC2.

So, that may be a first for any MacPort which I maintain?

It's been an interesting Friday.

#MacPorts #ZMap #Repology #OpenSource

Terra 38 is on #Repology now!

https://repology.org/repository/terra_38

#terrapkg #FyraLabs

I've got to add all packages on #terra into madoguchi (api server for packages info). Hopefully everything will go well and we'll get accepted by #Repology.

#FyraLabs
https://github.com/repology/repology-updater/issues/1307
https://github.com/terrapkg/madoguchi

I think I may be able to answer my own question, just after posting I realized that I forgot about #repology.

https://repology.org/project/rust/badges

I've just requested #repology to add #terra 38. Hope things go well!
https://github.com/repology/repology-updater/issues/1307

also guys, #LURE is getting added into #repology
https://github.com/repology/repology-updater/issues/1297

I converted my `jq`-based hack to show stale packages into a named tool.

Welcome `nix-olde`: a tool to find the outdated packages used in your NixOS system against repology.org database: https://github.com/trofi/nix-olde

Initial `jq`-based hack reported 15% of outdated packages against my system. `nix-olde` reports 25% and I think it's closer to reality.

#nixpkgs #repology

nixpkgs is known to be one of the up-to-date package repositories know to repology.

But those are average numbers. How many outdated packages does your system have? I wrote a hack based on repology data a while ago. https://trofi.github.io/posts/272-peeking-at-stale-nixpkgs-packages.html gives a glimpse on data used for the hack.

My system has 15% of outdated packages.

#nixpkgs #repology

@thomholwerda #repology

Looks like #Redhat's #EPEL packagers realized that when #inxi docs say you should always update repos to use current inxi, that's a good idea (because inxi will never create dependency issues in a repo based on packages version requirements, outside of #Perl and #Coremodules). Much to my surprise, checked #repology and saw EPEL 7, 8, 9 all shipping inxi current, 3.3.23. Hats off packagers, this helps your users and you. There's never a reason to ship old inxi's, no matter how old the repo.

And #acxi is now in #slackbuilds!

https://slackbuilds.org/repository/15.0/audio/acxi/

and that was picked up quite rapidly by #repology.

https://repology.org/project/acxi/versions

I do not expect this to make any real difference, beyond maybe a few people discovering that acxi does something they find useful that might not otherwise have discovered that.

Here's to Free Audio, something not to be taken lightly or for granted, for without the tireless efforts of groups like #xiph.org and others, we would be in proprietary codec hell.

#Security section added to #repology. It lists recent CVEs linked to Repology projects (and thus, repository packages).

https://repology.org/security/recent-cves

Many thanks to #altlinux devs for providing comprehensive data on packages in their repositories to #repology. The more data from repositories the more use for package maintainers and #foss project developers.

https://github.com/repology/repology-updater/pull/1204

Yay, #repology has finally switched to #ython 3.10

#repology #rms

Nice!

@brainwane Hi! I've seen you're pypa/warehouse developer, how possible do you think it would be to publish a dump of all PyPI packages metadata as a plain file? I desperately need it for #Repology, and there's no other way to obtain the data, as iterating all packages over API is too slow, unreliable, not future proof and requires a dedicated service, and BigQuery datasets require Google account which is not an option either.

Switch successful so far, the only problem encountered is aiohttp module which needs its cython files regenerated, issue reported:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250200

Also, Wen Heping is going to import python 3.9 into the ports tree this weekend:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250160

Switching #repology codebase to python 3.9 now.

So I'm like a security guy now, submitting CVE metadata fixes to NIST NVD for problems discovered by #repology (thanks to NVD people for being responsive btw). Also I'm now monitoring new CVEs stream to find missing CPE bindings and make sure all new CVEs are reported by Repology as vulnerable package versions. Recent #NXNSATTACK CVEs are, for instance.

This is cool. I feel that the project is uniting more parts of #foss ecosystem.

#Repology now supports reporting package versions with known vulnerabilities

https://repology.org/news#2020-05-17