Hello Fukui, I know it has been more than 7 days since you asked for the review, so I'm prioritizing this, although it will take me a couple of days until I get enough time to review it. As a rule of thumb, I try to always tell people that they are free to ping me after 7 days if they don't get a reply, it probably means I missed it, and if not, I should have at least replied something by that time.
> I've created a new version of the libewf package [0], which is going to be > 20140814-1 with this update. > This version introduces the following changes: > * New upstream version 20140814 > * Update d/copyright > > This new source package was tested using salsa-ci, > and all jobs successfully passed except for test-crossbuild-arm64 [1]. > I believe the git repository was successfully recreated to avoid a sponsor > rebasing my branch on top of the team's repo. > That said, if things are wrong, please let me know. > > If this update is satisfactory and helpful, > I would appreciate it if you review and sponsor the package. Great, thanks for the level of details in your email :) > By the way, I found that some external libraries are embedded into the libewf > source package, such as libodraw. > I wonder whether we need to separate such libraries from the libewf source > package. > If they are successfully separated, that would make it easier to maintain and > update the package. > If you have some idea about this, kindly share it with me. > To find out what packages are embedded, synclibs.sh would be helpful: > $ git clone https://github.com/libyal/libewf.git > $ cd libewf/ > $ ./synclibs.sh There have been a couple of discussions about this in the past, you can see them here, the consensus seems to be on the side of sticking with the vendored libs: https://lists.debian.org/debian-security-tools/2021/10/msg00018.html https://lists.debian.org/debian-security-tools/2020/12/msg00012.html Thank you for contributing! -- Samuel Henrique <samueloph>
