[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#34523] Add tetrinet
From: |
pkill9 |
Subject: |
[bug#34523] Add tetrinet |
Date: |
Sun, 31 Mar 2019 12:44:39 +0100 (BST) |
So I looked at the PureOS page for Tetrinet
(https://software.pureos.net/package/source/landing/tetrinet) and the "VCS
browser" links to a git repository for Tetrinet which is served via https:
https://repo.or.cz/tetrinet.git, this is linked to on the frontpage of
http://tetrinet.or.cz (a link to the README) file, so I'll change the source to
use this instead.
On Thu, 28 Feb 2019 05:03:50 +0100, swedebugia <address@hidden> wrote:
> address@hidden skrev: (27 februari 2019 15:11:20 CET)
> >The Tetrinet maintainer added an SHA1 file:
> >http://tetrinet.or.cz/download/tetrinet-0.11.tar.bz2.sha1
> >
> >On Wed, 27 Feb 2019 07:10:46 +0000 (GMT), <address@hidden> wrote:
> >
> >> > Given that there is no pgp signed tarball or even a checksum on
> >that page, have you asked the maintainer about this and verified that
> >you got the code unaltered?
> >>
> >> Ok I emailed the current maintainer according to that page asking to
> >verify that I got the source code unaltered, and to maybe update the
> >page with that info.
> >>
> >> On Tue, 26 Feb 2019 21:45:23 +0100, swedebugia
> ><address@hidden> wrote:
> >>
> >> > address@hidden skrev: (26 februari 2019 16:20:28 CET)
> >> > >Hi Swedebugia,
> >> > >
> >> > >> having looked it up online I prefer the WP synopsis:
> >> > >> "TetriNET is a console multiplayer online Tetris game for up to
> >six
> >> > >people."
> >> > >>
> >> > >> There is a gnome version also. We should state clearly that this
> >is a
> >> > >> console/text-mode client.
> >> > >
> >> > >What does 'WP' mean?
> >> > >
> >> > >> As an aside I did not find a working server anywhere and the
> >homepage
> >> > >of
> >> > >> the project is dead. There is a possibility to host your own
> >server
> >> > >with
> >> > >> jetrix though.
> >> > >
> >> > >I played Tetrinet with someone over a server, but I can't remember
> >what
> >> > >the address was.
> >> > >
> >> > >You can't access the homepage of the project? I can access
> >> > >http://tetrinet.or.cz fine. Or do you mean it hasn't been updated
> >in
> >> > >ages?
> >> > >
> >> > >> There could be trademark issues with the name/game also see
> >> > >> https://en.wikipedia.org/wiki/The_Tetris_Company
> >> > >
> >> > >Regarding the potential trademark issues, both FSF-approved
> >distros
> >> > >Parabola and PureOS have Tetrinet in their repositories[1][2], so
> >I
> >> > >think it would be acceptable to add it to Guix. And if a copyright
> >> > >claim is made in the future it can always be removed.
> >> > >
> >> > >[1] Tetrinet in Parabola -
> >https://www.parabola.nu/packages/?q=tetrinet
> >> > >[2] Tetrinet in PureOS -
> >> > >https://software.pureos.net/search_pkg?term=tetrinet
> >> > >
> >> > >Thanks
> >> > >
> >> > >On Sat, 23 Feb 2019 07:23:43 +0100, swedebugia
> ><address@hidden>
> >> > >wrote:
> >> > >
> >> > >> On 2019-02-23 10:26, swedebugia wrote:
> >> > >> > For the sake of making it easy to find when searching
> >synopsies I
> >> > >> > suggest you add "game" to the end of yours.
> >> > >> > --
> >> > >> > Sent from my k-9 mail for Android.
> >> > >>
> >> > >> having looked it up online I prefer the WP synopsis:
> >> > >> "TetriNET is a console multiplayer online Tetris game for up to
> >six
> >> > >people."
> >> > >>
> >> > >> There is a gnome version also. We should state clearly that this
> >is a
> >> > >> console/text-mode client.
> >> > >>
> >> > >> As an aside I did not find a working server anywhere and the
> >homepage
> >> > >of
> >> > >> the project is dead. There is a possibility to host your own
> >server
> >> > >with
> >> > >> jetrix though.
> >> > >>
> >> > >> There could be trademark issues with the name/game also see
> >> > >> https://en.wikipedia.org/wiki/The_Tetris_Company
> >> > >>
> >> > >> --
> >> > >> Cheers Swedebugia
> >> >
> >> > Hi
> >> > I agree with your remarks
> >> > WP = wikipedia
> >> >
> >> > Given that there is no pgp signed tarball or even a checksum on
> >that page, have you asked the maintainer about this and verified that
> >you got the code unaltered?
> >> > --
> >> > Sent from my k-9 mail for Android.
>
> Good, did you point out that http is easy to spoof?
>
> If they are serious about application and distribution security they really
> should enable https.
>
> I had the same issue with another maintainer serving a hash over http. I
> asked him over email if my hash was correct. This is not perfect out of band
> but given most email providers post snowden now use starttls and enforce
> https it is better than nothing.
>
> Assuming it is tainted is my default stance with http. I would rather not use
> it at all and would like a browser that drops it or issue a dire warning when
> encountered.
> --
> Sent from my k-9 mail for Android.