Bug#782344: unblock: python-django/1.8-1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#782344: unblock: python-django/1.8-1
From: Luke Faraone <lfaraone@debian.org>
Date: Fri, 10 Apr 2015 11:54:49 -0400
Message-id: <[🔎] 20150410155449.15203.6172.reportbug@luke-microkernel.zulip.net>
Reply-to: Luke Faraone <lfaraone@debian.org>, 782344@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: security
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package python-django

I have not yet uploaded python-django 1.8 to unstable, but would like to do so.

== Justification ==

We are currently slated to ship the 1.7 series. Upstream's security and support
policy[1] indicates that they generally only support the current stable release
and the one prior, with the exception of releases designated as "long-term
support" releases.

As Django 1.8 is out, we will lose upstream security support for 1.7 as soon as
1.9 is released. However, 1.8 is a "long-term support" release, which will
receive support until at least April 2018[2].

It would improve the security of our users to ship a version in the next stable
release of Debian that will be supported by upstream for the duration of our
release. Django is a mature project with sound release-engineering practices,
and it would be useful to leverage the work they are doing to the maximum
extent. To quote[2]:

> Minor releases (A.B.C, etc.) will be issued as needed, often to fix security
issues. These releases will be 100% compatible with the associated major
release, unless this is impossible for security reasons or to prevent data
loss. So the answer to “should I upgrade to the latest minor release?” will
always be “yes.”


[1]: https://docs.djangoproject.com/en/1.8/internals/release-process
/#supported-versions
[2]: https://www.djangoproject.com/download/

== Discussion of changes ==

>From a careful reading of the changelog[3], comparing against the dependencies
we currently provide in testing:

  - The supported Python versions has not changed between versions.
  - Support for MySQL <5.5 has been dropped. We only ship 5.5 in testing.
  - Support for PostgreSQL <9.0 has been dropped. We only ship 9.4 in testing.
  - Support for GEOS 3.1 has been dropped. We only ship 3.4.2 in testing.
  - Support for SpatiaLite <2.4 has been dropped. We only ship 4.1.1

Various features have been deprecated, this will not impact end-users other
than the raising of a DeprecationWarning.

I am committed to testing all of the reverse-depends currently shipped by
Debian to identify any possible breakage, but a cursory review did not indicate
any obvious candidates. I anticipate to be done with this review by 14 April
2015.

[3]: https://docs.djangoproject.com/en/1.8/releases/1.8/

unblock python-django/1.8-1

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Reply to:

Follow-Ups:
- Bug#782344: unblock: python-django/1.8-1
  - From: Julien Cristau <jcristau@debian.org>
- Processed: Re: Bug#782344: unblock: python-django/1.8-1
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#782344: marked as done (unblock: python-django/1.8-1)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Re: Hints for d-i jessie RC3, part 2
Next by Date: Processed: Re: Bug#780321: unblock: openldap/2.4.40+dfsg-1 (pre-approval)
Previous by thread: Bug#782310: marked as done (unblock: gnome-font-viewer/3.14.0-2)
Next by thread: Bug#782344: unblock: python-django/1.8-1
Index(es):
- Date
- Thread