Bug#946588: thunderbird's dowgrade prevention is being triggered after upgrade from stretch
Hello Emilio, Am 13.12.19 um 14:06 schrieb Emilio Pozuelo Monfort: > Pushed to branch debian/sid. That should fix this error during the build: > > 0:01.29 ./buildid.h.stub > 0:01.41 Ignoring invalid MOZ_BUILD_DATE: 1575912135 > > And consequently the timestamp in the build id header of the application.ini > file will be that one of the changelog. This also should make that part of the > build reproducible. cool! Thank you very much! And that's on top also perfect in time as I wanted to start right now to work on 68.3.0 for buster and stretch. But isn't a build for buster or stretch taking the time for SOURCE_DATE_EPOCH from the changelog entry for buster resp. stretch? Than we would need to add some magic to grep the date from the corresponding changelog entry from unstable. That's fragile ... :-( We could use the timestamp from the file ./sourcestamp.txt instead, that's a unique stamp for every new upstream version. > $ head -n1 ./sourcestamp.txt > 20191129091924 -- Regards Carsten
Bug#946588: thunderbird's dowgrade prevention is being triggered after upgrade from stretch
On 12/12/2019 13:58, Carsten Schoenert wrote: > Hi Emilio, > > Am 12.12.19 um 13:13 schrieb Emilio Pozuelo Monfort: > >> We should be able to fix this by setting the build id to the timestamp from >> the >> changelog, then making sure we use slightly older timestamps in older >> releases, >> so that jessie < stretch < buster < sid. From looking at the code and >> d/rules, >> that was already the intention, but it's currently broken. I'm testing a >> patch >> to fix it, will send it later after verifying it. > > really appreciated! > Feel free to push this directly to Salsa. Pushed to branch debian/sid. That should fix this error during the build: 0:01.29 ./buildid.h.stub 0:01.41 Ignoring invalid MOZ_BUILD_DATE: 1575912135 And consequently the timestamp in the build id header of the application.ini file will be that one of the changelog. This also should make that part of the build reproducible. The change can be backported to buster and stretch. jessie needs an adapted fix because SOURCE_DATE_EPOCH is not available with its dpkg but I will take care of that. Cheers, Emilio
Bug#946588: thunderbird's dowgrade prevention is being triggered after upgrade from stretch
Hi Emilio, Am 12.12.19 um 13:13 schrieb Emilio Pozuelo Monfort: > We should be able to fix this by setting the build id to the timestamp from > the > changelog, then making sure we use slightly older timestamps in older > releases, > so that jessie < stretch < buster < sid. From looking at the code and d/rules, > that was already the intention, but it's currently broken. I'm testing a patch > to fix it, will send it later after verifying it. really appreciated! Feel free to push this directly to Salsa. -- Regards Carsten Schoenert
Bug#946588: thunderbird's dowgrade prevention is being triggered after upgrade from stretch
On 11/12/2019 16:51, Carsten Schoenert wrote: > Control: forcemerge -1 946347 > > Hello Jens, > > this issue was first submitted by #946347 > https://bugs.debian.org/946347 > > Am 11.12.19 um 12:33 schrieb Jens Holzkämper: >> The current package of thunderbird in stretch (68.2.2-1~deb9u1) reports a >> bigger version number than the current package in buster (68.2.2-1~deb10u1) >> due >> to the inclusion of the build timestamp. The version reported by stretch is >> 68.2.2_20191116203149/20191116203149 and buster >> 68.2.2_20191116193034/20191116193034. >> >> This information is then used by thunderbird to fill the compatibility.ini in >> the profile and after an upgrade from stretch to buster leads to thunderbird >> prompting to either quit or create a new profile because it detects that an >> older version of thunderbird is trying to open a profile last used by a newer >> version. I believe >> using the same profile should be safe, as the underlying upstream version is >> the same at the moment and should probably never be newer in oldstable than >> stable. >> >> As a workaround it's possible to start thunderbird with the parameter >> "--allow- >> downgrade" or manually delete the line starting with "LastVersion=" in the >> compatibility.ini in the profile but less savy users may use access to the >> data >> in their old profiles (the data is still there but a regular user will >> probably >> not be able to access it without further instructions). > > currently I don't test such upgrade scenarios and until now we don't had > any need to do such testing. > If we would know which variable is used within the build we could use > the same date for all builds of the thunderbird packages and prevent > such situations. > > For now I can only build technically the stretch version before the > buster version to get the older date hard included within the > thunderbird binary. > > @Emilio > Updating from jessie to stretch will of course affected by this issue. > I've no idea how we could solve as in the end the jessie version would > be needed built first of all. We should be able to fix this by setting the build id to the timestamp from the changelog, then making sure we use slightly older timestamps in older releases, so that jessie < stretch < buster < sid. From looking at the code and d/rules, that was already the intention, but it's currently broken. I'm testing a patch to fix it, will send it later after verifying it. Cheers, Emilio
Bug#946588: thunderbird's dowgrade prevention is being triggered after upgrade from stretch
Control: forcemerge -1 946347 Hello Jens, this issue was first submitted by #946347 https://bugs.debian.org/946347 Am 11.12.19 um 12:33 schrieb Jens Holzkämper: > The current package of thunderbird in stretch (68.2.2-1~deb9u1) reports a > bigger version number than the current package in buster (68.2.2-1~deb10u1) > due > to the inclusion of the build timestamp. The version reported by stretch is > 68.2.2_20191116203149/20191116203149 and buster > 68.2.2_20191116193034/20191116193034. > > This information is then used by thunderbird to fill the compatibility.ini in > the profile and after an upgrade from stretch to buster leads to thunderbird > prompting to either quit or create a new profile because it detects that an > older version of thunderbird is trying to open a profile last used by a newer > version. I believe > using the same profile should be safe, as the underlying upstream version is > the same at the moment and should probably never be newer in oldstable than > stable. > > As a workaround it's possible to start thunderbird with the parameter > "--allow- > downgrade" or manually delete the line starting with "LastVersion=" in the > compatibility.ini in the profile but less savy users may use access to the > data > in their old profiles (the data is still there but a regular user will > probably > not be able to access it without further instructions). currently I don't test such upgrade scenarios and until now we don't had any need to do such testing. If we would know which variable is used within the build we could use the same date for all builds of the thunderbird packages and prevent such situations. For now I can only build technically the stretch version before the buster version to get the older date hard included within the thunderbird binary. @Emilio Updating from jessie to stretch will of course affected by this issue. I've no idea how we could solve as in the end the jessie version would be needed built first of all. Do you have contact to Mike or Sylvestre which might know if there is such an variable we could use while building the packages? -- Regards Carsten Schoenert
Bug#946588: thunderbird's dowgrade prevention is being triggered after upgrade from stretch
Package: thunderbird Version: 1:68.2.2-1~deb10u1 Severity: important The current package of thunderbird in stretch (68.2.2-1~deb9u1) reports a bigger version number than the current package in buster (68.2.2-1~deb10u1) due to the inclusion of the build timestamp. The version reported by stretch is 68.2.2_20191116203149/20191116203149 and buster 68.2.2_20191116193034/20191116193034. This information is then used by thunderbird to fill the compatibility.ini in the profile and after an upgrade from stretch to buster leads to thunderbird prompting to either quit or create a new profile because it detects that an older version of thunderbird is trying to open a profile last used by a newer version. I believe using the same profile should be safe, as the underlying upstream version is the same at the moment and should probably never be newer in oldstable than stable. As a workaround it's possible to start thunderbird with the parameter "--allow- downgrade" or manually delete the line starting with "LastVersion=" in the compatibility.ini in the profile but less savy users may use access to the data in their old profiles (the data is still there but a regular user will probably not be able to access it without further instructions). -- System Information: Debian Release: 10.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages thunderbird depends on: ii debianutils 4.8.6.1 ii fontconfig2.13.1-2 ii libatk1.0-0 2.30.0-2 ii libc6 2.28-10 ii libcairo-gobject2 1.16.0-4 ii libcairo2 1.16.0-4 ii libdbus-1-3 1.12.16-1 ii libdbus-glib-1-2 0.110-4 ii libevent-2.1-62.1.8-stable-4 ii libffi6 3.2.1-9 ii libfontconfig12.13.1-2 ii libfreetype6 2.9.1-3+deb10u1 ii libgcc1 1:8.3.0-6 ii libgdk-pixbuf2.0-02.38.1+dfsg-1 ii libglib2.0-0 2.58.3-2+deb10u2 ii libgtk-3-03.24.5-1 ii libgtk2.0-0 2.24.32-3 ii libjsoncpp1 1.7.4-3 ii libpango-1.0-01.42.4-7~deb10u1 ii libstartup-notification0 0.12-6 ii libstdc++68.3.0-6 ii libvpx5 1.7.0-3+deb10u1 ii libx11-6 2:1.6.7-1 ii libx11-xcb1 2:1.6.7-1 ii libxcb-shm0 1.13.1-2 ii libxcb1 1.13.1-2 ii libxext6 2:1.3.3-1+b2 ii libxrender1 1:0.9.10-1 ii libxt61:1.1.5-1+b3 ii psmisc23.2-1 ii x11-utils 7.7+4 ii zlib1g1:1.2.11.dfsg-1 Versions of packages thunderbird recommends: ii hunspell-de-de [hunspell-dictionary] 20161207-7 ii hunspell-en-us [hunspell-dictionary] 1:2018.04.16-1 ii lightning 1:68.2.2-1~deb10u1 Versions of packages thunderbird suggests: ii apparmor 2.13.2-10 ii fonts-lyx 2.3.2-1 ii libgssapi-krb5-2 1.17-3 -- no debconf information