[pkg-go] Security support for packages written in Go

Paul Tagliamonte paultag at debian.org
Wed Apr 6 02:41:04 UTC 2016


On Wed, Apr 06, 2016 at 12:37:10PM +1000, Dmitry Smirnov wrote:
> I feel your pain. Over last 9 months I've invested even greater effort to 
> packaging of containers related Golang software.
> 
> Yet we can provide anything we want to users of stable releases through 
> official backports:
> 
>     http://backports.debian.org/

| Backports are packages taken from the next Debian release (called
| "testing"), adjusted and recompiled for usage on Debian stable.

So my confusion here is that you don't want to see them in Stable, but
you do want to see them in testing (and backports). This isn't what
testing is for, of course :)

This, to me, feels like more of a systemic issue than this small side
conversation.

I don't see anything inherent about Go that makes it unsupportable.

I *do* see more software being developed in a way that makes it nearly
impossible for Debian to distribute. This, however, is a much bigger
conversation.

Cheers,
  Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-go-maintainers/attachments/20160405/673e87e7/attachment.sig>


More information about the Pkg-go-maintainers mailing list