[pkg-go] Security support for packages written in Go
Martín Ferrari
tincho at tincho.org
Sun Jul 10 19:53:30 UTC 2016
On 09/07/16 20:39, Florian Weimer wrote:
>> We can get list of all source packages to re-build from reverse build
>> dependencies. Then it should be possible to filter arch:any packages to bin-
>> NMU.
>>
>> Alternatively Built-Using field could be of help.
>
> We already discussed why this doesn't work with the present state of
> the metadata.
while the current state prevents having properly automated tools
covering all cases, we already have quite a bit of information in that
field, and we can always manually discover and re-upload applications
when a rdep has a security fix. I know it is not ideal, but also it does
not prevent us from providing proper support, IMHO.
--
Martín Ferrari (Tincho)
More information about the Pkg-go-maintainers
mailing list