On Tue, 2021-03-16 at 13:55 -0400, Leo Famulari wrote: > I do agree that updating this program 5 versions in a graft was > perhaps > too much. > > We should always try to cherry-pick bug-fix patches when grafting. > > Otherwise the risk of breakage is too high. At least, these types of > patches should be reviewed on guix-patches. Léo, can you send them to > guix-patches in the future? > > Sometimes it is okay to update things in a graft, but it depends on > the > situation.
1.4.4 and 1.4.9 are ABI compatible? At least that's the reason I believed it wasnt risky. I can send them to the mailing list especially with such a core package (GNU Guix dependency). But often it stays there and no one is looking so. E.g. the unzip vulnerability patches, nobody looked until I actually pushed them out of waiting for reviews, I tried to hint multiple people on IRC during several days, no answer still, so I ended up pushing it, turns out I had several mistakes in it and because it was pushed well some people looked at it and helped fixing which was welcome.
signature.asc
Description: This is a digitally signed message part
