Bug 30895

Summary: gh (github-cli) - The CLI for GitHub; NEW PKG REQUEST
Product: Mageia Reporter: Kristoffer Grundström <lovaren>
Component: New RPM package requestAssignee: All Packagers <pkg-bugs>
Status: NEW --- QA Contact:
Severity: enhancement    
Priority: Normal CC: davidwhodgins, fri, lovaren
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: gh CVE:
Status comment:
Attachments: Proposal spec file
New proposal spec file

Description Kristoffer Grundström 2022-09-26 20:39:54 CEST 
Description of problem: I took the liberty of packaging the CLI for GitHub called gh in short which is written in the Go language.

Version-Release number of selected component (if applicable): 2.14.2
Comment 1 Kristoffer Grundström 2022-09-26 20:40:19 CEST 
Created attachment 13401 [details]
Proposal spec file

CC: (none) => lovaren

Comment 2 Kristoffer Grundström 2022-09-26 20:47:16 CEST 
Latest version of it is 2.16.1, but it needs to have an update in our spec file to either ignore the vendor archive or to use mod=mod I think.

Feel free to push an update for it once it's fixed.
Comment 3 David Walser 2022-09-27 00:44:54 CEST 
If anyone does import this, please give the package a real name.  gh will be impossible to search in bugzilla.
Comment 4 Kristoffer Grundström 2022-09-27 03:48:25 CEST 
(In reply to David Walser from comment #3)
> If anyone does import this, please give the package a real name.  gh will be
> impossible to search in bugzilla.

github-cli ?
Comment 5 Dave Hodgins 2022-09-27 05:29:23 CEST 
https://groups.google.com/g/linux.debian.bugs.dist/c/G9kHRwVAz6Q

Both the package and the command should be renamed.

github-cli seems to be the best option.

CC: (none) => davidwhodgins

Comment 6 David Walser 2022-09-27 14:28:54 CEST 
Yeah, that would be good.  I'm familiar with gh from having seen it in Fedora's updates-announce, as they have it packaged.  It has had a few security updates already.  We should probably have an official policy against two letter package names, honestly.  It makes it impossible to track for security issues.  We already had a package named rt, which should have been named request-tracker, that I dropped because it had been missing security updates for years, because the rt name made it impossible to track or have any visibility into.  The package could still have "Provides: gh" so that "urpmi gh" would still work.
Comment 7 Lewis Smith 2022-09-28 19:56:20 CEST 
Thank you Kristoffer for this suggestion. Usual plug:

"Assigning this package request to all packagers collectively. On a voluntary basis, one of them might, if there are no license or other legal issues, want to integrate it to the distribution and maintain it for bug and security fixes.

You Kristoffer might also want to join the packager team to maintain this piece of software: see https://wiki.mageia.org/en/Becoming_a_Mageia_Packager"

Assignee: bugsquad => pkg-bugs
Severity: normal => enhancement
Summary: gh - The CLI for GitHub => gh (github-cli) - The CLI for GitHub; NEW PKG REQUEST

Comment 8 Kristoffer Grundström 2022-12-28 02:41:00 CET 
Created attachment 13607 [details]
New proposal spec file

Attachment 13401 is obsolete: 0 => 1

Comment 9 Kristoffer Grundström 2023-02-10 00:41:37 CET 
Ping! Can this be released before the stable release of 9 or does it have to wait until Cauldron is once again reopened/unfrozen?
Comment 10 Morgan Leijström 2024-02-16 17:48:09 CET 
I believe new packages can be introduced in a released Mageia version in the updates repositories.  Like pending nvidia-newfeature.

CC: (none) => fri

Comment 11 Dave Hodgins 2024-02-16 22:25:08 CET 
The updates policy is available at https://wiki.mageia.org/en/Updates_policy

For new packages, which are an exception to the rules, they are allowed when
they are required for a security or bug fix update for an existing package,
or it's required to support new hardware.