Control: tags -1 + moreinfo On Thu, 2016-12-15 00:28 +0100, Loic Dachary <l...@dachary.org> wrote:
> The python-coverage package recommends libjs-jquery-hotkeys and does not > install the jquery.hotkeys.js. I'm not sure what you mean by “does not install”; the “Recommends” dependency will install the library at the time this package is installed. > However the file found in the coverage.py > sources is different from the file found in libjs-jquery-hotkeys: This is often the case for libraries. Which version is later? > In order to avoid unintended behavior or regressions, the > jquery.hotkeys.js file provided in the coverage.py sources must be > installed. No, that's against Debian policy for security management. The library should not be bundled, but instead should be installed once, where a security upgrade will benefit all applications using that library. > Although it is desirable to avoid file duplication That is not the primary reason; rather, the primary reason is to prevent divergent versions of code installed by different packages. > this can only be done > if the files are indeed identical or if they are provided by an upstream > that maintains an API of some kind. Agreed, the API should be reliable :-) -- \ `\ _o__) Ben Finney <bign...@debian.org>
