[Pkg-javascript-devel] Bug#1074059: bookworm-pu: package nodejs/18.19.0+dfsg-6~deb12u2
Jérémy Lal
kapouer at melix.org
Wed Jul 3 22:36:46 BST 2024
Le mer. 3 juil. 2024 à 23:04, Andres Salomon <dilinger at queued.net> a écrit :
>
>
> On 6/25/24 16:34, Jérémy Lal wrote:
> >
> >
> > Le mar. 25 juin 2024 à 22:22, Salvatore Bonaccorso <carnil at debian.org
> > <mailto:carnil at debian.org>> a écrit :
> [...]
> >
> > Thanks a lot for your work Adrian. Please note that there is
> currently
> > a nodejs upload pending for releasing via a DSA, which will rebase
> > nodejs to 18.20.3+dfsg-1~deb12u1 so this might invalidate those
> > changes.
> >
> > Jérémy, Aron is that something you want to have included in your
> > prepared update?
> >
> >
> > Indeed, it's applied to 18.20.3+dfsg-1~deb12u1, along with other skipped
> > tests.
> > I'll resume work on this by the end of the week.
> >
>
> While we wait for this, is there any reason to keep the existing
> 18.20.3+dfsg-1~deb12u1 upload in the embargoed security queue? Security
> packages are actively building against it, which is a bit of a problem
> for reproducibility. Someone actually asked me about oddities in the
> chromium package that was originally built for bookworm-security, and
> now sits in the 12.6 point release. It turns out that it built against
> the embargoed nodejs, but since that nodejs package was never released,
> they can't use it to reproduce the chromium in 12.6.
>
> If there's a new nodejs bookworm-security package being uploaded at some
> point and the currently embargoed nodejs package will never be released,
> perhaps we should REJECT it now?
>
Sorry, probably me being overbooked here.
I was supposed to check the regressions against it, and been on another job
since then.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-javascript-devel/attachments/20240703/c1fc58cb/attachment.htm>
More information about the Pkg-javascript-devel
mailing list