Source: ruby-omniauth-bitbucket
Version: 0.0.2-1.1
Severity: Serious
In ruby-omniauth-bitbucket gemspec we can see:
$ cat omniauth-bitbucket.gemspec | grep omniauth | grep dependency
s.add_dependency 'omniauth', '~> 1.1'
s.add_dependency 'omniauth-oauth', '~> 1.0'
This should not work since we already have ruby-omniauth >= 2 in testing
and unstable:
$ rmadison -u debian ruby-omniauth
ruby-omniauth | 1.2.1-1+deb8u1 | oldoldoldstable | source, all
ruby-omniauth | 1.3.1-1+deb9u1 | oldoldstable | source, all
ruby-omniauth | 1.8.1-1~bpo9+1 | stretch-backports | source, all
ruby-omniauth | 1.8.1-1 | oldstable | source, all
ruby-omniauth | 1.9.1-1~bpo10+1 | buster-backports | source, all
ruby-omniauth | 1.9.1-1 | stable | source, all
ruby-omniauth | 2.1.1-1 | testing | source, all
ruby-omniauth | 2.1.1-1 | unstable | source, all
This is not causing a FTBFS because we are not explicitly checking
dependencies during tests (this is forced in autopkgtest), if the
following change is added we can reproduce the same autopkgtest failure
during the build:
commit 88dbbe95f4b83859ba2e009d3c97610f66b1fcff (HEAD -> master)
Author: Lucas Kanashiro <kanash...@ubuntu.com>
Date: Tue Feb 7 13:58:36 2023 -0300
d/rules: check dependencies when running tests
This demonstrates the FTBFS happening because we have ruby-omniauth
>= 2
in the archive. The same failure is reproducible with autopkgtest.
diff --git a/debian/rules b/debian/rules
index 00f8a91..2fab9b6 100755
--- a/debian/rules
+++ b/debian/rules
@@ -12,7 +12,7 @@
#export DH_RUBY_GEMSPEC=gem.gemspec
#
# Uncomment to check dependencies during build:
-# export GEM2DEB_TEST_RUNNER = --check-dependencies
+export GEM2DEB_TEST_RUNNER = --check-dependencies
%:
dh $@ --buildsystem=ruby --with ruby
All these mean that we likely have a broken ruby-omniauth-bitbucket in
testing, we should not ship this package in a stable release. Upstream
is inactive since 2017, so I do not expect any fix from them.
--
Lucas Kanashiro
