Hi, Quoting David Kalnischkies (2024-01-18 19:30:00) > On Thu, Jan 18, 2024 at 02:35:40PM +0000, Aidan wrote: > > I am looking for a sponsor for my package "dpkg-buildenv": > > Similar to my recent "veto" of apt-verify in #1059267, which was > subsequently ignored and pushed into the archive anyhow how did this happen? Both maintainers of apt spoke up against apt-verify getting uploaded with the name that it had. How did it make it into the archive after all? Simon, given the "vetos" you got from apt maintainers: Why did you still think it was a good idea to upload using the contended name? Now I read in #1060181 that your tool parses configuration files in /usr/share/apt/verify.d and /etc/apt/verify.d. I hope that in contrast to the naming dispute, this choice of path was agreed upon with the apt maintainers? I hope that letting this package through NEW was just a slip-up by FTP masters? If not, what was the rationale to allow for a package to grab the namespace of such an important Debian utility? Now leaving the namespace grab aside: There are a bunch of very good technical arguments as as well that David and Julian made in #1059267 and which I do not need to repeat here. Julian already said in that bug that he'd immediately file an RC bug should that package get accepted. What went wrong here such that this package went through despite these reasons against it? Am I missing something? Thanks! cheers, josch
Attachment:
signature.asc
Description: signature