On Mon, 18 Sep 2023 17:48:33 +0200, Francesco P. Lovergine wrote: > > > May I suggest that you ask ftp-masters to REJECT it? Seems they were quicker :) > > Yep indeed. Maybe a wrapper could be tought for packages that have some optional dep on that? > I would simply patch Mozilla::CA to have SSL_ca_file() returning the Debian > directory /usr/share/ca-certificates/mozilla instead of the cacert.pem file. > That would avoid to patch third-parties code that eventually use explicitly > the modules. This is compatible with the IO::Socket::SSL module. Right, that's a possible option. > Does it make sense? Given that we've had to patch only 3 packages (in pkg-perl) over the last decades and that the patch is trivial¹, and given that a Mozilla::CA package doing different things on Debian than upstream would cause confusion, I recommend against going that way. Let's see what others on the list say. Cheers, gregor ¹ modulo grep errors: liblwp-protocol-https-perl/debian/patches/cert.patch liblwpx-paranoidagent-perl/debian/patches/0002-Use-ca-certificates.patch libnet-jabber-bot-perl/debian/patches/2001_cert.patch -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `-
Attachment:
signature.asc
Description: Digital Signature