[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1105155: marked as done (unblock: flatpak/1.16.1-1)

Your message dated Tue, 13 May 2025 11:48:19 +0000
with message-id <E1uEo7P-001L8x-2R@respighi.debian.org>
and subject line unblock flatpak
has caused the Debian Bug report #1105155,
regarding unblock: flatpak/1.16.1-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1105155: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105155
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: flatpak@packages.debian.org
Control: affects -1 + src:flatpak
User: release.debian.org@packages.debian.org
Usertags: unblock

[ Reason ]
New upstream bugfix release with fixes for crashes, performance issues 
and usability.

This is somewhat larger than I would normally expect a bugfix release to 
be, but everything in it seems desirable for Debian 13. Upstream has now 
branched for 1.16.x, so we can expect subsequent bug fix releases to be 
smaller, with new development happening on the 1.17.x branch for 
eventual inclusion in forky.

I am an upstream maintainer (although I have not been particularly 
active recently) so I can push back against any changes that the release 
team objects to. Please let me know if there are any.

[ Impact ]
If we don't take this, we won't be able to track 1.16.x for subsequent 
bug fix and security fix releases (which I expect to be considerably 
smaller!) during the lifetime of trixie.

[ Tests ]
There is a relatively thorough test suite, which is exercised by 
autopkgtest and ci.debian.net. I also did some brief manual testing, 
which was successful.

[ Risks ]
This is probably a key package? (or close to being one) and is high 
visibility, but because of its interactions with third-party software it 
strongly benefits from keeping up with upstream, and we have 
successfully used upstream stable releases for our stable updates since 
at least Debian 10.

The change to look for OCI certificates in /etc/containers/certs.d 
(common/flatpak-oci-registry.c, common/flatpak-utils-http.c) is the 
noisiest and therefore highest-risk, but is on a code path that is not 
used in practice by users of Debian and Flathub; the only significant 
user of Flatpak-over-OCI that I'm aware of is Fedora, and there is 
little reason for a Debian user to install Fedora's runtimes or apps. 
Ordinary Flatpak repositories like Flathub use libostree rather than OCI 
for runtime and app downloads.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing
      (lightly filtered, see header)

[ Other info ]
As with Debian 10-12, I'm aiming to follow the 1.16.x stable branch 
during the Debian 13 cycle.

unblock flatpak/1.16.1-1

Attachment: flatpak_1.16.1-1.diff.gz
Description: application/gzip


--- End Message ---
--- Begin Message --- 
Unblocked.

--- End Message ---
Reply to: