Re: jQuery dependency for Trac 0.11 should be < 1.3

["W. Martin Borgert" <debacle@debian.org>]

Quoting "anatoly techtonik" <techtonik@gmail.com>:
> If
> you see jquery.js file inside of its source package - why not to leave
> it alone - where is the Policy that requires to replace it with some
> external copy?

In general, Debian puts a lot of work into finding and removing
embedded code copies. Sometimes, this is not possible, e.g. if
upstream makes incompatible changes.

> The maintenance work in this
> case creates more problems than benefits and may be not as
> appreciated.

It would be helpful, if you could state the exact problems you
had because of the newer jQuery.

> What make people think that Trac developers won't release a new
> version when such important security problem arise?

Currently, 58 packages in Debian depends on jQuery. It makes
huge difference, if Debian has to update one package or 58.

> It is not necessary to do the extra job of removing jQuery liver from
> the Trac body at all. The only advantage I see are security patches.
> Anything else?

Security is only an example. Any kind of error is relevant.