Quoting "anatoly techtonik" <techto...@gmail.com>:
If you see jquery.js file inside of its source package - why not to leave it alone - where is the Policy that requires to replace it with some external copy?
In general, Debian puts a lot of work into finding and removing embedded code copies. Sometimes, this is not possible, e.g. if upstream makes incompatible changes.
The maintenance work in this case creates more problems than benefits and may be not as appreciated.
It would be helpful, if you could state the exact problems you had because of the newer jQuery.
What make people think that Trac developers won't release a new version when such important security problem arise?
Currently, 58 packages in Debian depends on jQuery. It makes huge difference, if Debian has to update one package or 58.
It is not necessary to do the extra job of removing jQuery liver from the Trac body at all. The only advantage I see are security patches. Anything else?
Security is only an example. Any kind of error is relevant. -- To UNSUBSCRIBE, email to debian-python-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org