Re: "Browserified" stuff
On 14456 March 1977, Martín Ferrari wrote:
> On 09/10/16 23:56, Adam Borowski wrote:
>
>> Another issue is, as mentioned in the TC discussion, the inability to fix
>> any non-trivial security bugs in stable. I can't quite imagine the Security
>> Team hunting for a specific old version of grunt and all of its extensive
>> dependencies to rebuild the buggy package. Such state hits the definition
>> of "contrib" exactly, why not actually use it for this purpose? Demotion of
>> libjs-handlebars would require changing or demoting two more packages:
>> prometheus and kcov, which would be a hassle but not the end of the world.
> Prometheus being in contrib basically means the work I have done for the
> past year is worthless, as users could as well just grab unofficial
> packages from other places. I am not saying this to justify the mess
> with handlebars, I want to find a solution, but putting this in contrib
> or non-free is not an option for me.
It is not useless, and contrib is way different than any random
repository out there.
The solution is to have the full build environment needed (for
prometheus and all its dependencies) in main - or accept that it can't be
done (or is too much work for the amount of people interested in doing
it) and move to contrib. There isn't anything bad or de-valuing in that,
thats simply how it is defined in our policies.
--
bye, Joerg
I’m not normally a praying man, but if you’re up there, please save me Superman!
Reply to: