Hi Joachim, your approach seems sensible to sort-of make Debian hold a core of the packages on [h|st]ackage. I do not think Debian needs to contain every leaf package, but enough to enable bootstrapping from. >This implies that we should remove all packages that are neither in >Stackage nor that are (used by) key packages. > >I added support for such reasoning to the package plan, and marked a >few packages as key packages. This would currently imply that we can >remove these packages: > * cryptonite Since the new version of tls will depend on cryptonite, it would be a waste to remove it. This also means it will soon be in the dependencies, leaving the drop list that way. > * ed25519 I'm testing my own code against this and the new hackage-security will likely depend on this implementation, so I think there is enough merit to have it in Debian - even if only as a trust anchor. In the long run there will be a pure haskell implementation (working on it), but very likely this package may be useful for some time even after that. I have marked it as "key" and will care for it if the need arises. Greetings Marcel
Attachment:
pgp_6eWlxVWNJ.pgp
Description: OpenPGP digital signature