Hi Moritz, thanks for the review!
On Fri, Apr 16, 2021 at 03:47:49PM +0200, Moritz Mühlenhoff wrote:
> > These source package sets comes to mind:
> > - node-*
> That would be super-noisy and will potentially clash with a lot of local
> package state. I won't hurt to patch debian-security-support to support
> such globbing, but let's not include that into the default data sets.
right. or let's at least first see how this plays out in practice before
putting it into a stable release...
> > The current code considers higher versions as supported, but as discussed in
> > the BTS there doesn't seem to be a valid use case for this, so I just
> > dropped the version-based check (and adapted the test suite).
> Haven't looked at the code, but agreed on dropping the version check, for
> a given distro a source package should be tracked as unsupported independent
> of the version.
yes.
> But I think these should be made for after release, they are not in line
> with the freeze policy.
yes, agreed.
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Nach wieviel Einzelfällen wird ein Einzelfall zum Normalfall?
(Jan Böhmermann)
signature.asc
Description: PGP signature
