Re: seeking review of pat 0.19.1

To: Simon Josefsson <simon@josefsson.org>
Cc: debian-hams@lists.debian.org, tony mancill <tmancill@debian.org>, debian-go@lists.debian.org, taowa@debian.org, donfede@casagrau.org
Subject: Re: seeking review of pat 0.19.1
From: Federico Grau <donfede@casagrau.org>
Date: Sun, 7 Dec 2025 12:22:52 -0500
Message-id: <[🔎] 20251207172252.cdwuvcwyreygmz4y@casagrau.org>
In-reply-to: <[🔎] 878qfewk7k.fsf@josefsson.org>
References: <[🔎] 20251207044702.pq5y4bd7nk2tlue6@casagrau.org> <[🔎] 878qfewk7k.fsf@josefsson.org>

On Sun, Dec 07, 2025 at 01:27:27PM +0100, Simon Josefsson wrote:
> Federico Grau <donfede@casagrau.org> writes:
> 
> > Some questions/issues include (advise if these are better addressed OOB):
> >
> > a) golang-github-hashicorp-go-version in Debian is 1.6.0 . 
> >    pat 0.19.1 released 2025-09-13 lists a dependency on 1.7.0 (but compiles ok
> >    with 1.6.0).
> >    Since then, a new hashicorp-go-version 1.8.0 was released 2025-11-28.
...
> If things build, then I would start by getting 'pat' into unstable
> first, and test if it works.  Having version diffs is unavoidable in the
> Go/Debian ecosystem, what matters is if things works.
> 
> If you have time, please prepare hashicorp-go-version 1.8.0 and do
> reverse builds of it and upload to unstable if it it works with all
> reverse build dependencies.  But doing this is not a show-stopper for
> 'pat'.
> 
> > Per vendor-n8jja-pat-vara.patch
> 
> Why not package that properly?  Vendoring is a maintainance pain.
> 
> >     Debian package golang-github-imdario-mergo has v1.0.1 which was released
> >     2024-08-17 and packaged 2024-11-09.
> >
> >     Upstream released v1.0.2 on 2025-05-07.
> 
> Same here, if you have time, do a package update, check reverse builds,
> and upload if okay.
> 
> /Simon

Kind thanks again for the constructive feedback Simon.  

Concur with further testing of `pat' in unstable.

*** I welcome a sponsored upload as there are cycles to review and progress it.

Similarly, I'll aim to progress updates for the 2x packages described in the
next couple weeks or so.

*** Might there be any tips or examples to identify and check "[Golang]
reverse builds"?
Admittedly, my focus has been predominantly around `pat'.  Definitely don't
want to break other packages during my updates.

The vendoring of pat-vara was implemented by another contributor; the limited
potential audience to use that Golang library/package may have been part of
the reasoning to use vendoring.  Unless there is alternate guidance, at this
juncture I'd be inclined to leave pat-vara as is for now, and maybe revisit
that later in 2026.

Regards,
donfede

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: seeking review of pat 0.19.1
  - From: Simon Josefsson <simon@josefsson.org>
- Re: seeking review of pat 0.19.1
  - From: Federico Grau <donfede@casagrau.org>

References:
- seeking review of pat 0.19.1
  - From: Federico Grau <donfede@casagrau.org>
- Re: seeking review of pat 0.19.1
  - From: Simon Josefsson <simon@josefsson.org>

Prev by Date: Re: seeking review of pat 0.19.1
Next by Date: Re: seeking review of pat 0.19.1
Previous by thread: Re: seeking review of pat 0.19.1
Next by thread: Re: seeking review of pat 0.19.1
Index(es):
- Date
- Thread