[Pkg-javascript-devel] Bug#857993: Please don't remove npm from Stretch
Niels Thykier
niels at thykier.net
Mon Apr 3 14:45:00 UTC 2017
Thomas Goirand:
> Hi,
>
> [...]
>
> Also, removing such a non-leaf package at this point of the release is a
> way too late. IMO, a bug should have been opened a long time ago asking
> for an upgrade of the package.
>
Hi,
I would (also) strongly prefer, if we got better at finding and dealing
with things like outside the freeze. That said...
In the concrete case, the removal does not look too bad at a metadata
level. Assuming qtwebchannel5-examples can drop its dependency, the
rest can be removed from testing without affecting any other package
than those listed below.
"""
$ dak rm -nR -s testing npm
[...]
Checking reverse dependencies...
# Broken Depends:
npm2deb: npm2deb
qtwebchannel-opensource-src: qtwebchannel5-examples [...]
# Broken Build-Depends:
ruby-license-finder: npm
"""
> Last, at this point in time, I believe we should discuss the issue with
> the release team. They may agree, for example, that we upgrade the
> package to a newer version (this is unlikely, but it is up to them to
> tell). They may don't agree that we "fix" so many source package to
> remove the build-dependency. Anyway, the solution should be discuss with
> them. Therefore, I'm CC-ing the release team.
>
From my PoV; upgrade is unlikely to be accepted. Removal appears to be
doable, so the real question is:
* Is npm so out of date that it is release critical?
If yes, fix qtwebchannel-opensource-src (etc.) and remove the rest from
stretch. If no, tag it -ignore and move on. To be honest, I know next
to nothing about npm and its state, so I will apply "Do-cracy" to this
decision.
AFAICT, Jérémy Lal have done all of the uploads since 2013 and is the
sole committer to the packaging between 2013-08 to 2014-08[1], which
pretty much makes Jérémy the closest person to an "active do'er" in this
case.
@Jérémy Lal: Your call:
* Are you willing to support npm for 3-5 years in stretch given its
current state?
- If yes, then tag the npm bug stretch-ignore or downgrade it
- If no, then we will effectuate the removal before the release.
Thanks,
~Niels
[1] https://anonscm.debian.org/cgit/pkg-javascript/npm.git/log/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-javascript-devel/attachments/20170403/7fb098b7/attachment-0001.sig>
More information about the Pkg-javascript-devel
mailing list