[Python-apps-team] Bug#861152: Bug#861725: unblock: nagstamon/2.0.1-4
Moritz Schlarb
schlarbm at uni-mainz.de
Wed May 3 10:24:41 UTC 2017
Hi Julien, hi Paul,
On 03.05.2017 11:51, Julien Cristau wrote:
> I don't see how not checking certificates is in any way a reasonable
> thing to do. Silencing warnings about it makes it even worse.
Absolutely true - but:
- This has been the behavior of the Nagstamon package since forever
(which is not a valid argumentation point - I know, but it's still a fact)
- It is actually the intended behavior by the upstream developer (until
https://github.com/HenriWahl/Nagstamon/issues/302 gets resolved) - the
added patch just actually makes the disabling of warnings work (which
worked before in jessie but not anymore in stretch)
- We anticipated the concerns regarding not checking certificates and
wrote a paragraph in README.debian about our rationale for accepting
that with regards to the primary type of user of such monitoring software
On 03.05.2017 11:32, Paul Wise wrote:
> I don't think the warnings should be disabled,
> I think that the certificates should be verified.
> Why are the warnings being disabled?
Because upstream chose to do so - I want to stress again that my patch
just fixes the code to actually do what upstream wanted it to do.
Now whether these warnings are disabled or not isn't the real problem
here - that should be clear.
But it was because of these warnings (which, again, do not come from a
change in behavior but just in reporting it), that Paul reported #861152
and tagged it as release critical which lead to the package being put in
the removal queue...
If you'd like, we can explicitly re-enable the warnings so the behavior
is visible to the users.
But I don't want to have nagstamon removed simply because of that...
What do you think?
Regards,
--
Moritz Schlarb
Unix-Gruppe | Systembetreuung
Zentrum für Datenverarbeitung
Johannes Gutenberg-Universität Mainz
Raum 01-321 - Tel. +49 6131 39-29441
OpenPGP Fingerprint: DF01 2247 BFC6
5501 AFF2 8445 0C24 B841 C7DD BAAF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: schlarbm.vcf
Type: text/x-vcard
Size: 367 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/python-apps-team/attachments/20170503/a5c3f461/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/python-apps-team/attachments/20170503/a5c3f461/attachment.sig>
More information about the Python-apps-team
mailing list