On 6/25/24 16:34, Jérémy Lal wrote:
>
>
> Le mar. 25 juin 2024 à 22:22, Salvatore Bonaccorso <carnil@debian.org
> <mailto:carnil@debian.org>> a écrit :
[...]
>
> Thanks a lot for your work Adrian. Please note that there is currently
> a nodejs upload pending for releasing via a DSA, which will rebase
> nodejs to 18.20.3+dfsg-1~deb12u1 so this might invalidate those
> changes.
>
> Jérémy, Aron is that something you want to have included in your
> prepared update?
>
>
> Indeed, it's applied to 18.20.3+dfsg-1~deb12u1, along with other skipped
> tests.
> I'll resume work on this by the end of the week.
>
While we wait for this, is there any reason to keep the existing
18.20.3+dfsg-1~deb12u1 upload in the embargoed security queue? Security
packages are actively building against it, which is a bit of a problem
for reproducibility. Someone actually asked me about oddities in the
chromium package that was originally built for bookworm-security, and
now sits in the 12.6 point release. It turns out that it built against
the embargoed nodejs, but since that nodejs package was never released,
they can't use it to reproduce the chromium in 12.6.
If there's a new nodejs bookworm-security package being uploaded at some
point and the currently embargoed nodejs package will never be released,
perhaps we should REJECT it now?
Sorry, probably me being overbooked here.
I was supposed to check the regressions against it, and been on another job since then.