[Python-modules-team] Bug#979355: src:sphinx-rtd-theme: embeds several Sass libraries that should be packaged separately

Jonas Smedegaard dr at jones.dk
Tue Jan 5 18:37:06 GMT 2021 

Hi Dmitry,

Quoting Dmitry Shachnev (2021-01-05 19:02:39)
> On Tue, Jan 05, 2021 at 06:42:45PM +0100, Jonas Smedegaard wrote:
> > Source package sphinx-rtd-theme embeds Sass libraries Bourbon, Neat, 
> > and wyrm.
> >
> > Debian Policy §4.13 says:
> >
> > > Some software packages include in their distribution convenience 
> > > copies of code from other software packages, generally so that 
> > > users compiling from source don’t have to download multiple 
> > > packages. Debian packages should not make use of these convenience 
> > > copies unless the included package is explicitly intended to be 
> > > used in this way. If the included code is already in the Debian 
> > > archive in the form of a library, the Debian packaging should 
> > > ensure that binary packages reference the libraries already in 
> > > Debian and the convenience copy is not used. If the included code 
> > > is not already in Debian, it should be packaged separately as a 
> > > prerequisite if possible.
> >
> > Let me repeat the suggestion at https://bugs.debian.org/865306#30 
> > from 3½ years ago here:
> >
> > File RFPs and cc the SASS team: 
> > pkg-sass-devel at lists.alioth.debian.org
> 
> For Bourbon, there is already an RFP: https://bugs.debian.org/892811.

Yes.  W. Martin Borgert seems to care about having that Sass library 
properly packaged as system-shared library, reusable across packages, 
available for users as well, and properly maintained independenty on 
converse.js that he is/was packaging.  I.e. about Policy compliance.

What I suggest to do in cases where a bugreport is filed already: Post 
to the bugreport so that it is known that more users are in need of that 
RFPed package.  Most elegant is to "block" like W. Martin Borgert did, 
but a plain human email is helpful too.  You did that now: Thanks!


> For Neat, sphinx-rtd-theme currently uses an ancient version, 1.9.1 
> (released in 2018) while the latest upstream is 4.0.0.

Assuming you are pointing this out because your package cannot possibly 
use the newer release, then effectively we are talking about a fork of 
Neat.  Who is caring for bugs in that fork - you? Upstream of 
sphinx-rtd-theme?  Are you certain noone else may need this old fork as 
well, since you chose to embed it instead of packaging it as a proper 
package in Debian?


> For wyrm, it uses the latest version but wyrm itself is dead and 
> unmaintained for 6 years (since January 2015).

Although dead it is evidently still usable and should therefore be 
packaged as a system-shared library for all the reasons described above.


> I don’t think it makes sense to package old versions of software if 
> they will be used only by sphinx-rtd-theme. And with new versions it 
> just won’t build.

Please file an RFP for wyrm cc the Sass team, and mention the need for 
older Sass code.  Might make sense to either look into either patching 
sphinx-rtd-theme to work with newer Sass code or if unfeasable then ship 
both newest and some older snapshot in a sass-stylesheets.wyrm package.


> There is an upstream bug report requesting to move from wyrm to 
> something else: 
> https://github.com/readthedocs/sphinx_rtd_theme/issues/544.

Nice - that is helpful to mention in an RFP, as an entry into assessing 
feasability of changing sphinx-rtd-theme to work with newer Sass code.


> Please also note that I am trying to do my best rebuilding all CSS 
> files from SASS source,

Great!


> so this package meets DFSG and Policy “must” criteria, it just fails 
> to meet the “should, if possible” criterion.

Yes, I am aware - hence the severity of this bugreport.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://alioth-lists.debian.net/pipermail/python-modules-team/attachments/20210105/c3441aa2/attachment-0001.sig>

More information about the Python-modules-team mailing list