Bug#1071101: marked as pending in nxtomo
Control: tag -1 pending Hello, Bug #1071101 in nxtomo reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/debian/nxtomo/-/commit/cc157d8f7ea679afecc8e5a18207cad3afcbb172 Drop /usr/lib/python3/dist-packages/build/lib/doc/conf.py Closes: #1071101 (this message was generated automatically) -- Greetings https://bugs.debian.org/1071101
Bug#1065722: FTBFS: /usr/lib/python3/dist-packages/torch/include/c10/util/C++17.h:27:2: error: #error You need C++17 to compile PyTorch
Control: tags -1 + patch Hi, updating to 0.18 fixes the build issue: see https://salsa.debian.org/deeplearning-team/pytorch-vision/-/merge_requests/2 Best regards, Xavier
Bug#1069888: marked as pending in node-bunyan
Control: tag -1 pending Hello, Bug #1069888 in node-bunyan reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-bunyan/-/commit/67134e3efbb67ddfc7cd9d33a0223b02d3e56893 Drop one unstable test Closes: #1069888 (this message was generated automatically) -- Greetings https://bugs.debian.org/1069888
Bug#1068412: apache2: CVE-2024-27316 CVE-2024-24795 CVE-2023-38709
On 4/5/24 15:58, Moritz Muehlenhoff wrote: On Fri, Apr 05, 2024 at 08:16:43AM +0400, Yadd wrote: On 4/4/24 22:51, Moritz Mühlenhoff wrote: Source: apache2 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for apache2. CVE-2024-27316[0]: https://www.kb.cert.org/vuls/id/421644 https://www.openwall.com/lists/oss-security/2024/04/04/4 CVE-2024-24795[1]: https://www.openwall.com/lists/oss-security/2024/04/04/5 CVE-2023-38709[2]: https://www.openwall.com/lists/oss-security/2024/04/04/3 If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-27316 https://www.cve.org/CVERecord?id=CVE-2024-27316 [1] https://security-tracker.debian.org/tracker/CVE-2024-24795 https://www.cve.org/CVERecord?id=CVE-2024-24795 [2] https://security-tracker.debian.org/tracker/CVE-2023-38709 https://www.cve.org/CVERecord?id=CVE-2023-38709 Please adjust the affected versions in the BTS as needed. Hi, I'm ready to push 2.4.59 into bookworm-security. Note that this includes a test-framework update Target distribution needs to be bookworm-security, with that please upload. Can you also preparea the equivalent change for bullseye-security? The uploads can already happen, but let's keep the update unreleased until next week, then we can look for regressions reported in unstable (and check with Ondrej if we received reports based on his repo) Cheers, Moritz Both Bullseye and Bookworm uploaded. Bullseye version embeds also a copyright fix
Bug#1068064: marked as pending in node-node-sass
Control: tag -1 pending Hello, Bug #1068064 in node-node-sass reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-node-sass/-/commit/6c9e9c0ea92b4555f23df79fd9409677468cac85 Drop build dependency to libuv1-dev Closes: #1068064 (this message was generated automatically) -- Greetings https://bugs.debian.org/1068064
Bug#1067797: marked as pending in node-y-protocols
Control: tag -1 pending Hello, Bug #1067797 in node-y-protocols reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-y-protocols/-/commit/16ec1c32f1db7d55c0767bd2e0a34f9ed5df2e80 Fix build links Closes: #1067797 (this message was generated automatically) -- Greetings https://bugs.debian.org/1067797
Bug#1067797: marked as pending in node-y-protocols
Control: tag -1 pending Hello, Bug #1067797 in node-y-protocols reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-y-protocols/-/commit/5b2390c55f85a1560d55532b0b3bec3856f42873 debian/rules: drop "--with nodejs" whiche makes a double debhelper call Closes: #1067797 (this message was generated automatically) -- Greetings https://bugs.debian.org/1067797
Bug#1058547: marked as pending in node-globby
Control: tag -1 pending Hello, Bug #1058547 in node-globby reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-globby/-/commit/43471846cd9de59186d2c81059acc5fd2e9c3a56 Add patches to build using @types/node 18 and node-get-stream 8 Closes: #1058547 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058547
Bug#1066749: FTBFS: dh_auto_test: error: /bin/sh -ex debian/tests/pkg-js/test returned exit code 1
Control: tags -1 + moreinfo Hi, I'm unable to reproduce this issue. Probably fixed elsewhere during time_t transition
Bug#1065480: marked as pending in node-recast
Control: tag -1 pending Hello, Bug #1065480 in node-recast reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-recast/-/commit/ed9f83c667ea92023a07a207aee5c873af02a925 Fix build links Closes: #1065480 (this message was generated automatically) -- Greetings https://bugs.debian.org/1065480
Bug#1064558: [Pkg-javascript-devel] Bug#1064558: node-leveldown: FTBFS on mips64el: not ok 1397 Error: batch(array) element must be an object and not `null`
On 2/24/24 13:10, Sebastian Ramacher wrote: Source: node-leveldown Version: 5.6.0+dfsg-4 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) X-Debbugs-Cc: sramac...@debian.org https://buildd.debian.org/status/fetch.php?pkg=node-leveldown=mips64el=5.6.0%2Bdfsg-4%2Bb1=1708632735=0 not ok 1397 Error: batch(array) element must be an object and not `null` --- operator: error stack: |- Error: batch(array) element must be an object and not `null` at AbstractLevelDOWN.batch (/usr/share/nodejs/abstract-leveldown/abstract-leveldown.js:163:33) at /<>/test/iterator-recursion-test.js:48:8 at /usr/share/nodejs/abstract-leveldown/abstract-leveldown.js:41:5 ... Cheers Hi Jérémy, when trying to build on mips64el porterbox, i got this: make[1]: Entering directory '/home/yadd/node-leveldown' node-gyp clean node: error while loading shared libraries: libnode.so.108: cannot open shared object file: No such file or directory make[1]: *** [debian/rules:18: override_dh_auto_clean] Error 127 make[1]: Leaving directory '/home/yadd/node-leveldown'
Bug#1064950: marked as pending in apache2
Control: tag -1 pending Hello, Bug #1064950 in apache2 reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/apache-team/apache2/-/commit/90727f3d536eefd53f76cd7194227f8ce1966777 Update apache2 depandency constraints, set binary:Version instead of source:Version Closes: #1064950 (this message was generated automatically) -- Greetings https://bugs.debian.org/1064950
Bug#1063901: marked as pending in node-ipydatagrid
Control: tag -1 pending Hello, Bug #1063901 in node-ipydatagrid reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-ipydatagrid/-/commit/3ef1f03943feb33e162f7c3a6013a10e41c11e64 Drop /usr/bin/dbfcat and usr/bin/shpcat Closes: #1063901 (this message was generated automatically) -- Greetings https://bugs.debian.org/1063901
Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs
I closed this issue because: - I dropped all bad .h files from install - I added ABI flags to build - cyrus-dev has no reverse dependencies If I'm wrong, please reopen this issue Cheers, Yadd
Bug#1063908: [Debian-pan-maintainers] Bug#1063908: node-jupyter-widgets-{base, base-manager, control}: ships files already in python3-widgetsnbextension
On 2/14/24 20:26, Andreas Beckmann via Debian-pan-maintainers wrote: Package: node-jupyter-widgets-base,node-jupyter-widgets-base-manager,node-jupyter-widgets-controls Version: 6.0.7+~cs14.23.94-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces From the attached log (scroll to the bottom...): Preparing to unpack .../node-jupyter-widgets-base_6.0.7+~cs14.23.94-1_all.deb ... Unpacking node-jupyter-widgets-base (6.0.7+~cs14.23.94-1) ... dpkg: error processing archive /var/cache/apt/archives/node-jupyter-widgets-base_6.0.7+~cs14.23.94-1_all.deb (--unpack): trying to overwrite '/usr/share/nodejs/@jupyter-widgets/base/css/index.css', which is also in package python3-widgetsnbextension 8.1.1-2 Errors were encountered while processing: /var/cache/apt/archives/node-jupyter-widgets-base_6.0.7+~cs14.23.94-1_all.deb Hi, why does python3-widgetsnbextension install an unusable node.js module into a nodejs directory ?
Bug#1061341: Fwd: Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs
On 2/7/24 06:31, ellie timoney wrote: Hi Xavier, On Mon, 29 Jan 2024, at 9:59 AM, ellie timoney wrote: On Thu, 25 Jan 2024, at 3:53 PM, Yadd wrote: yes there are other errors because some .h require unavailable .h like config.h Ooh interesting, I'll have a look I'm still working on this, but the more I work on it, the more of it turns out to need fixing... I think for now, it makes sense for you to proceed with the packaging changes assuming that 32 bit Cyrus will _not_ be ABI compatible when recompiled with 64 bit time_t. From the original email, I think that means you'll need to set up strict version dependencies between the cyrus-common, cyrus-admin and cyrus-clients packages, so that people can't partially upgrade and wind up with conflicts. Cheers, ellie Hi, dependencies are already strict (= ${binary:Version}). To be able to render cyrus-dev headers compatible with ABI test, I'll have to remove the following (missing config.h,...): /usr/include/cyrus/bufarray.h /usr/include/cyrus/charset.h /usr/include/cyrus/command.h /usr/include/cyrus/crc32.h /usr/include/cyrus/cyr_qsort_r.h /usr/include/cyrus/glob.h /usr/include/cyrus/imapurl.h /usr/include/cyrus/mappedfile.h /usr/include/cyrus/procinfo.h /usr/include/cyrus/rfc822tok.h /usr/include/cyrus/sieve/sieve_err.h /usr/include/cyrus/sieve/sieve_interface.h /usr/include/cyrus/sqldb.h /usr/include/cyrus/tok.h /usr/include/cyrus/vparse.h /usr/include/cyrus/wildmat.h
Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs
On 1/28/24 20:21, Steve Langasek wrote: On Tue, Jan 23, 2024 at 08:32:18AM +0400, Yadd wrote: Control: tags -1 + moreinfo On 1/23/24 00:43, Steve Langasek wrote: Package: cyrus-common Version: 3.8.1-1 Severity: serious User: debian-...@lists.debian.org Usertags: time-t Dear maintainers, Analysis of the archive for the 64-bit time_t transition[0][1] identifies cyrus-common as an affected package, on the basis that the headers could not be compiled and analyzed out of the box using abi-compliance-checker[2], so we have to assume it's affected. However, cyrus-commons's shlibs file declares a dependency on a library package name that contains no ABI information: according to https://adrien.dcln.fr/misc/armhf-time_t/2024-01-17/logs/cyrus-dev/base/log.txt , this issue looks like a false-positive: test failed because of C error, not bad report Am I right here ? We do not *know* that it's a false positive; we only know that we were unable to analyze the header files under a-c-c to prove that the ABI is not affected. Patches to the check-armhf-time_t script at https://salsa.debian.org/vorlon/armhf-time_t/-/blob/main/check-armhf-time_t?ref_type=heads to quirk this package and allow its headers to be analyzed, or changes to the source package to not ship uncompilable headers ("apt-file search lib/strarray.h" returns no results), would both be welcome. Thanks, Hi, is it possible to build a salsa-ci job to test this on i386 ? Best regards, Yadd
Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs
Control: tags -1 + moreinfo On 1/23/24 00:43, Steve Langasek wrote: Package: cyrus-common Version: 3.8.1-1 Severity: serious User: debian-...@lists.debian.org Usertags: time-t Dear maintainers, Analysis of the archive for the 64-bit time_t transition[0][1] identifies cyrus-common as an affected package, on the basis that the headers could not be compiled and analyzed out of the box using abi-compliance-checker[2], so we have to assume it's affected. However, cyrus-commons's shlibs file declares a dependency on a library package name that contains no ABI information: Hi, according to https://adrien.dcln.fr/misc/armhf-time_t/2024-01-17/logs/cyrus-dev/base/log.txt , this issue looks like a false-positive: test failed because of C error, not bad report Am I right here ? Best regards, Xavier
Bug#1059829: Thank you
On 1/16/24 20:36, Georges Khaznadar wrote: Hello, Javascript/Npm are not my cup of tea; so, please receive many thanks about the help you provided to my poor packaging efforts. If node-html5-qrcode happens to be dfsg-free, which should be the right umbrella to host it on salsa.d.o? https://salsa.debian.org/js-team or https://salsa.debian.org/georgesk ? Hi, yes I already push it on js-team/node-html5-qrcode. It is fixed now in it and ready to be pushed. Do you want I push it ? I saw that you managed to let salsa's automaton pass 53 of the upstream tests, and I would like to learn such magics. Please have you some useful links about them? Most of JS Team packages uses dh-sequence-nodejs. To start with it: https://wiki.debian.org/Javascript/Tutorial and then pkg-js-tools(7) However, the changes I did here need a minimum knowledge of npm because the package doesn't follow exactly the common way (see dh_auto_install hook) Best regards, Georges. Cheers, Yadd
Bug#1059829: node-html5-qrcode: Build using libraries downloaded from Internet during build
On 1/2/24 09:50, Yadd wrote: Package: node-html5-qrcode Version: 2.3.8+repack-3 Severity: serious Justification: not-dfsg X-Debbugs-Cc: y...@debian.org node-html5-qrcode is built using "npm install" which downloads libraries from Internet. This is totally out of DFSG. For now, the --omit-dev avoid downloading anything until this package will have dependencies but npm still access to Internet for "audit". Easy to fix: use "pkgjs-run build" instead of npm (and drop build dependency to npm) second bug: package is unusable because not installed correctly (that's probably why autopkgtest was disabled...), also third_party/ is missing in install A fixed version of this package is available at https://salsa.debian.org/js-team/node-html5-qrcode
Bug#1059829: node-html5-qrcode: Build using libraries downloaded from Internet during build
Package: node-html5-qrcode Version: 2.3.8+repack-3 Severity: serious Justification: not-dfsg X-Debbugs-Cc: y...@debian.org node-html5-qrcode is built using "npm install" which downloads libraries from Internet. This is totally out of DFSG.
Bug#1059565: marked as pending in pkg-js-tools
Control: tag -1 pending Hello, Bug #1059565 in pkg-js-tools reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/pkg-js-tools/-/commit/d2518ba16b3d87582c25cafc8a8a52c179310e06 Update test dependencies: replace devscripts by fakeroot Closes: #1059565 (this message was generated automatically) -- Greetings https://bugs.debian.org/1059565
Bug#1058784: esbuild: [armel] install @esbuild/arm
Package: esbuild Version: 0.19.8-1 Severity: serious Tags: ftbfs patch Justification: node-esbuild-unusable-on-armel X-Debbugs-Cc: y...@debian.org Hi, my armel patch was wrong: armel build uses @esbuild/arm, not @esbuild/armel. I fixed this in a merge request [MR4] [MR4]: https://salsa.debian.org/go-team/packages/golang-github-evanw-esbuild/-/merge_requests/4
Bug#1058596: [Pkg-javascript-devel] Bug#1058596: yarnpkg broken on bookworm - yarnpkg --help fails with TypeError: commander.on is not a function
On 12/13/23 19:17, Praveen Arimbrathodiyil wrote: Control: fixed -1 1.22.19+~cs24.27.18-4 On Wed, 13 Dec 2023 20:39:39 +0530 Pirate Praveen wrote: We should backport the patches in unstable to bookworm as well. Updating the fixed info. Hi, since severity is grave, please prepare an update for stable also Cheers, Yadd
Bug#1058519: marked as pending in node-mdn-browser-compat-data
Control: tag -1 pending Hello, Bug #1058519 in node-mdn-browser-compat-data reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-mdn-browser-compat-data/-/commit/2ee6168764bb245a6c43b9d40ad58b9b28c1ae25 Workaround ts-node bug Closes: #1058519 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058519
Bug#1058513: [Pkg-javascript-devel] Bug#1058513: node-signal-exit: FTBFS: SyntaxError: Cannot use import statement outside a module
Control: tags -1 + moreinfo On 12/13/23 00:52, Lucas Nussbaum wrote: Source: node-signal-exit Version: 4.1.0-6 Severity: serious Justification: FTBFS Tags: trixie sid ftbfs User: lu...@debian.org Usertags: ftbfs-20231212 ftbfs-trixie Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): make[1]: Entering directory '/<>' tsc -p tsconfig.json tsc -p tsconfig-esm.json sh ./scripts/fixup.sh #cp debian/index.cjs dist/cjs/ make[1]: Leaving directory '/<>' dh_auto_test --buildsystem=nodejs ln -s ../. node_modules/signal-exit /bin/sh -ex debian/tests/pkg-js/test + tap -T -R spec test/all-integration-test.ts test/signal-exit-test.ts /<>/test/all-integration-test.ts:1 import assert from 'assert' ^^ Hi, I'm unable to reproduce this issue.
Bug#1058539: marked as pending in node-openpgp-asmcrypto.js
Control: tag -1 pending Hello, Bug #1058539 in node-openpgp-asmcrypto.js reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-openpgp-asmcrypto.js/-/commit/e6345aaea554ec77068d71927d4b3005c2f22009 Update tsc config Closes: #1058539 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058539
Bug#1058547: marked as pending in node-globby
Control: tag -1 pending Hello, Bug #1058547 in node-globby reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-globby/-/commit/579c4942c926587b6c703f20ed7382bb713b89a0 Fix build links Closes: #1058547 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058547
Bug#1058529: marked as pending in node-csstype
Control: tag -1 pending Hello, Bug #1058529 in node-csstype reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-csstype/-/commit/9a6c0a75f3ea271fe7c40a5cafd17ffd2691451d Add tsc patch CLoses: #1058529 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058529
Bug#1058507: marked as pending in node-regexpp
Control: tag -1 pending Hello, Bug #1058507 in node-regexpp reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-regexpp/-/commit/7f74a551ad90394228e9058780011c90e05d05e4 Add missing link to undici-types Closes: #1058507 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058507
Bug#1058518: marked as pending in node-es-module-lexer
Control: tag -1 pending Hello, Bug #1058518 in node-es-module-lexer reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-es-module-lexer/-/commit/e99127d3937586b5b43bf2f63df44f83e99806c2 Update build command Closes: #1058518 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058518
Bug#1058537: marked as pending in node-node-pty
Control: tag -1 pending Hello, Bug #1058537 in node-node-pty reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-node-pty/-/commit/4ad978b488ae4201ecc1746332cf261df35144a9 Update tsc patch Closes: #1058537 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058537
Bug#1058541: marked as pending in node-redis
Control: tag -1 pending Hello, Bug #1058541 in node-redis reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-redis/-/commit/95175b798368daf1c57690a4d3ceacc53de6abcd Update tsc patch Closes: #1058541 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058541
Bug#1058534: marked as pending in node-rollup-plugin-node-polyfills
Control: tag -1 pending Hello, Bug #1058534 in node-rollup-plugin-node-polyfills reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-rollup-plugin-node-polyfills/-/commit/b3121dc29d5fc7e7a69763b08e2f88fdc9221c63 Update build Closes: #1058534 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058534
Bug#1058542: marked as pending in node-ytdl-core
Control: tag -1 pending Hello, Bug #1058542 in node-ytdl-core reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-ytdl-core/-/commit/737662559833d74271c842624692a2d7689e4ab1 Add tsc patch Closes: #1058542 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058542
Bug#1058282: marked as pending in node-y-websocket
Control: tag -1 pending Hello, Bug #1058282 in node-y-websocket reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-y-websocket/-/commit/3bb8fdc05727a89d58b140ed0bda99c69cfd6242 Fix build links Closes: #1058282 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058282
Bug#1058279: marked as pending in perlnavigator
Control: tag -1 pending Hello, Bug #1058279 in perlnavigator reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/perlnavigator/-/commit/cc14570a29753e13d85a0abd9c352d6cca05a9a9 Add undici-types in modules to copy Closes: #1058279 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058279
Bug#1058280: marked as pending in node-y-protocols
Control: tag -1 pending Hello, Bug #1058280 in node-y-protocols reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-y-protocols/-/commit/baf1264d458ff4f1b70bc8c31d870454d0885371 Fix build copies Closes: #1058280 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058280
Bug#1058285: marked as pending in node-jschardet
Control: tag -1 pending Hello, Bug #1058285 in node-jschardet reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-jschardet/-/commit/c1ba4558470cbfa6e67ce7da9a351fb3b4c43b43 Fix build links Closes: #1058285 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058285
Bug#1058283: marked as pending in node-lib0
Control: tag -1 pending Hello, Bug #1058283 in node-lib0 reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-lib0/-/commit/3d8f4e40f88fbcd582e3cf10b027dc36c8f2ef87 Fix build links Closes: #1058283 (this message was generated automatically) -- Greetings https://bugs.debian.org/1058283
Bug#1058078: [Pkg-javascript-devel] Bug#1058078: FTBFS: ESLint couldn't find the config "not-an-aardvark/node" to extend from
Control: tags -1 + patch On 12/12/23 09:59, Yadd wrote: Package: node-eslint-plugin-eslint-plugin Version: 2.3.0+~0.3.0-4 Severity: serious Tags: ftbfs Justification: ftbfs Hi, when trying to reproduce node-eslint-plugin-eslint-plugin build, sbuild fails. Below relevant logs: eslint --format tap Xcomposer TAP version 13 1..2 ok 1 - /<>/Xcomposer/lib/rule-composer.js ok 2 - /<>/Xcomposer/tests/lib/rule-composer.js eslint --format tap . --ignore-pattern '!.*' Oops! Something went wrong! :( ESLint: 6.4.0. ESLint couldn't find the config "not-an-aardvark/node" to extend from. Please check that the name of the config is correct. The config "not-an-aardvark/node" was referenced from the config file in "/<>/.pc/2002_avoid_eslint-plugin-self.patch/.eslintrc.yml". If you still have problems, please stop by https://gitter.im/eslint/eslint to chat with the team. make[1]: *** [debian/rules:38: override_dh_auto_test] Error 2 Hi Jonas, this patch seems to fix the problem: --- a/debian/rules +++ b/debian/rules @@ -35,7 +35,7 @@ override_dh_auto_build: $(DOCS) $(CHANGELOGS) override_dh_auto_test: $(ESLINT) Xcomposer - $(ESLINT) . --ignore-pattern '!.*' + $(ESLINT) . --ignore-pattern .pc $(MOCHA) --recursive Xcomposer/tests $(MOCHA) --recursive tests
Bug#1058078: FTBFS: ESLint couldn't find the config "not-an-aardvark/node" to extend from
Package: node-eslint-plugin-eslint-plugin Version: 2.3.0+~0.3.0-4 Severity: serious Tags: ftbfs Justification: ftbfs Hi, when trying to reproduce node-eslint-plugin-eslint-plugin build, sbuild fails. Below relevant logs: eslint --format tap Xcomposer TAP version 13 1..2 ok 1 - /<>/Xcomposer/lib/rule-composer.js ok 2 - /<>/Xcomposer/tests/lib/rule-composer.js eslint --format tap . --ignore-pattern '!.*' Oops! Something went wrong! :( ESLint: 6.4.0. ESLint couldn't find the config "not-an-aardvark/node" to extend from. Please check that the name of the config is correct. The config "not-an-aardvark/node" was referenced from the config file in "/<>/.pc/2002_avoid_eslint-plugin-self.patch/.eslintrc.yml". If you still have problems, please stop by https://gitter.im/eslint/eslint to chat with the team. make[1]: *** [debian/rules:38: override_dh_auto_test] Error 2
Bug#1056709: marked as pending in node-nodemailer
Control: tag -1 pending Hello, Bug #1056709 in node-nodemailer reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-nodemailer/-/commit/44fa0d175c173df515426a3a2149076bc8bf58da Drop proxy test Closes: #1056709 (this message was generated automatically) -- Greetings https://bugs.debian.org/1056709
Bug#1057583: marked as pending in node-gulp-changed
Control: tag -1 pending Hello, Bug #1057583 in node-gulp-changed reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-gulp-changed/-/commit/5fb85e2fbd0efee84f5bb931298eecda4b26fd0e Add patch for node-get-stream >= 8 Closes: #1057583 (this message was generated automatically) -- Greetings https://bugs.debian.org/1057583
Bug#1057584: marked as pending in node-qs
Control: tag -1 pending Hello, Bug #1057584 in node-qs reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-qs/-/commit/d674e719bd69897cf78c19323183e6a597a7cd36 Fix build links Closes: #1057584 (this message was generated automatically) -- Greetings https://bugs.debian.org/1057584
Bug#1057582: marked as pending in node-get-stream
Control: tag -1 pending Hello, Bug #1057582 in node-get-stream reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-get-stream/-/commit/83dc26f3021df4a4cadd1ed18e041059090b6f1b Fix commonjs build Closes: #1057582 (this message was generated automatically) -- Greetings https://bugs.debian.org/1057582
Bug#1056705: marked as pending in node-mqtt
Control: tag -1 pending Hello, Bug #1056705 in node-mqtt reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-mqtt/-/commit/c07f088318dcd26fd7a8c320d92a5ed442f77954 Add missing dependency to node-lru-cache Closes: #1056705 (this message was generated automatically) -- Greetings https://bugs.debian.org/1056705
Bug#1056705: node-mqtt: Missing dependency to node-lru-cache
Package: node-mqtt Version: 4.3.7-2 Severity: serious Tags: patch Justification: Failure X-Debbugs-Cc: y...@debian.org Hi, node-mqtt autopkgtest shows that this package requires node-lru-cache, however it is not listed in debian/control and then start to fail when one of its dependencies no more depend on node-lru-cache. Best regards, Yadd Ref: https://ci.debian.net/data/autopkgtest/testing/amd64/n/node-mqtt/40126282/log.gz
Bug#1056599: marked as pending in node-proxy-agents
Control: tag -1 pending Hello, Bug #1056599 in node-proxy-agents reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-proxy-agents/-/commit/0c04315db7e332a47986831e17b35b4fd4cda8dc Drop tests that needs Internet Closes: #1056599 (this message was generated automatically) -- Greetings https://bugs.debian.org/1056599
Bug#1055862: marked as pending in node-proxy-agents
Control: tag -1 pending Hello, Bug #1055862 in node-proxy-agents reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-proxy-agents/-/commit/4c7081cebe776c994e6a97e5b604faa5b01ff973 Add missing Breaks+Replaces node-https-proxy-agent < 7 in node-http-proxy-agent Closes: #1055862 (this message was generated automatically) -- Greetings https://bugs.debian.org/1055862
Bug#1056334: marked as pending in node-ast-types
Control: tag -1 pending Hello, Bug #1056334 in node-ast-types reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-ast-types/-/commit/732f7a8b52206371c2840c750a6d565a9371f887 Clean debian/tests/pkg-js/files Closes: #1056334 (this message was generated automatically) -- Greetings https://bugs.debian.org/1056334
Bug#1056334: [Pkg-javascript-devel] Bug#1056334: node-ast-types: autopkgtest failure
Control: tags -1 + moreinfo On 11/21/23 12:28, Gianfranco Costamagna wrote: Source: node-ast-types Version: 0.16.1-2 Severity: serious Hello, according to ci, the package autopkgtests looks failing. https://ci.debian.net/packages/n/node-ast-types/unstable/amd64/39617621/ 66s autopkgtest [20:34:26]: test pkg-js-autopkgtest: [--- 66s # Using ./package.(json|yaml) 66s # Node module name is ast-types 66s # Build files found: tsconfig.json 66s # Test files found: 66s # Found debian/tests/pkg-js/files, let's use it 66s # Files/dir to be installed from source: src 66s test 66s tsconfig* 66s ls: cannot access 'test': No such file or directory This is strange: it seems that the test isn't launched from source directory (which has a test subdir) 66s # Copy debian/tests/pkg-js content 66s 'debian/tests/pkg-js' -> '/tmp/autopkgtest-lxc.2rswz7np/downtmp/autopkgtest_tmp/smokeXkrxbl/debian/tests/pkg-js' 66s 'debian/tests/pkg-js/test' -> '/tmp/autopkgtest-lxc.2rswz7np/downtmp/autopkgtest_tmp/smokeXkrxbl/debian/tests/pkg-js/test' 66s 'debian/tests/pkg-js/files' -> '/tmp/autopkgtest-lxc.2rswz7np/downtmp/autopkgtest_tmp/smokeXkrxbl/debian/tests/pkg-js/files' 66s Found debian/tests/test_modules 66s # let's copy it 66s Found debian/nodejs/extlinks 67s @babel/parser linked into node_modules 67s @babel/types linked into node_modules 68s tslib linked into node_modules 68s @types/esprima linked into node_modules 69s @types/estree linked into node_modules 69s @types/glob linked into node_modules 70s @types/mocha linked into node_modules 70s # Searching module in /usr/lib/nodejs/ast-types 70s # Searching module in /usr/lib/*/nodejs/ast-types 70s # Searching module in /usr/share/nodejs/ast-types 70s # Found /usr/share/nodejs/ast-types 70s # Searching files to link in /usr/share/nodejs/ast-types 70s # Launch debian/tests/pkg-js/test with sh -ex 70s + test /tmp/autopkgtest-lxc.2rswz7np/downtmp/autopkgtest_tmp != 70s + rm -rf lib 70s + tsc 70s Version 4.8.4 70s tsc: The TypeScript Compiler - Version 4.8.4 70s 70s COMMON COMMANDS The "copy" part of pkg-js-autopkgtest failed, then "tsconfig.json" is missing then tsc display this.
Bug#1056286: marked as pending in node-get-stream
Control: tag -1 pending Hello, Bug #1056286 in node-get-stream reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-get-stream/-/commit/13e93e0f85787ef76a4f89c0bc802fb896b86945 Drop Internet test Closes: #1056286 (this message was generated automatically) -- Greetings https://bugs.debian.org/1056286
Bug#1055525: cryptojs: CVE-2023-46233
Hi, this bug is still unfixed even if patch is trivial. Here is a template for an updatediff --git a/debian/changelog b/debian/changelog index 558cbac..849d0f4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +cryptojs (3.1.2+dfsg-3+deb12u1) bookworm-security; urgency=medium + + * Change default hash algorithm and iteration's for PBKDF2 +(Closes: #1055525) + + -- Yadd Thu, 16 Nov 2023 10:53:45 +0400 + cryptojs (3.1.2+dfsg-3) unstable; urgency=medium * Add upstream metadata. diff --git a/debian/patches/CVE-2023-46233.patch b/debian/patches/CVE-2023-46233.patch new file mode 100644 index 000..c321f49 --- /dev/null +++ b/debian/patches/CVE-2023-46233.patch @@ -0,0 +1,38 @@ +Description: Change default hash algorithm and iteration's for PBKDF2 + to prevent weak security by using the default configuration +Author: evanvosberg +Origin: upstream, https://github.com/brix/crypto-js/commit/421dd538 +Bug: https://github.com/brix/crypto-js/security/advisories/GHSA-xwcq-pm8m-c4vf +Bug-Debian: https://bugs.debian.org/1055525 +Forwarded: not-needed +Reviewed-By: Yadd +Last-Update: 2023-11-16 + +--- a/components/pbkdf2.js b/components/pbkdf2.js +@@ -11,7 +11,7 @@ + var Base = C_lib.Base; + var WordArray = C_lib.WordArray; + var C_algo = C.algo; +-var SHA1 = C_algo.SHA1; ++var SHA256 = C_algo.SHA256; + var HMAC = C_algo.HMAC; + + /** +@@ -22,13 +22,13 @@ + * Configuration options. + * + * @property {number} keySize The key size in words to generate. Default: 4 (128 bits) +- * @property {Hasher} hasher The hasher to use. Default: SHA1 ++ * @property {Hasher} hasher The hasher to use. Default: SHA256 + * @property {number} iterations The number of iterations to perform. Default: 1 + */ + cfg: Base.extend({ + keySize: 128/32, +-hasher: SHA1, +-iterations: 1 ++hasher: SHA256, ++iterations: 25 + }), + + /** diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000..4fdeacb --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +CVE-2023-46233.patch
Bug#1056014: cryptojs: Library no more maintained, please keep out of next Debian stable
Source: cryptojs Severity: serious Tags: security upstream Justification: security X-Debbugs-Cc: y...@debian.org, Debian Security Team Hi, according to https://github.com/brix/crypto-js#readme it seems that cryptojs is no more maintained. I just dropped the only one reverse dependency so cryptojs can be safely removed from Debian.
Bug#1054853: marked as pending in node-postcss-loader
Control: tag -1 pending Hello, Bug #1054853 in node-postcss-loader reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-postcss-loader/-/commit/cc70989581f22e6ada291473a9992aede786348e Revert update to 7.3.3 (Closes: #1054853) (this message was generated automatically) -- Greetings https://bugs.debian.org/1054853
Bug#1054853: marked as pending in node-postcss-loader
Control: tag -1 pending Hello, Bug #1054853 in node-postcss-loader reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-postcss-loader/-/commit/cc70989581f22e6ada291473a9992aede786348e Revert update to 7.3.3 (Closes: #1054853) (this message was generated automatically) -- Greetings https://bugs.debian.org/1054853
Bug#1054853: node-katex: FTBFS: TypeError: Cannot read properties of undefined (reading '.cjs')
Control: reassign -1 node-postcss-loader Control: affects -1 node-katex Control: found -1 7.3.3-1 It seems that node-postcss-loader 7.3.3 needs node-cosmiconfig 8 and "jiti".
Bug#1054756: marked as pending in node-recast
Control: tag -1 pending Hello, Bug #1054756 in node-recast reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-recast/-/commit/92312903ab3d7aa4bea55627f41dd124ffb56035 Require node-ast-types >= 0.16.1~ Closes: #1054756 (this message was generated automatically) -- Greetings https://bugs.debian.org/1054756
Bug#1054432: Not a bug
Control: severity -1 wishlist Files are readable
Bug#1055017: marked as pending in node-html-webpack-plugin
Control: tag -1 pending Hello, Bug #1055017 in node-html-webpack-plugin reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-html-webpack-plugin/-/commit/a4479104364aed52971c11db02545c809ac664b8 Drop component html-minifier-terser Closes: #1055017 (this message was generated automatically) -- Greetings https://bugs.debian.org/1055017
Bug#1054667: marked as pending in node-browserify-sign
Control: tag -1 pending Hello, Bug #1054667 in node-browserify-sign reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-browserify-sign/-/commit/2f7f94f526da65ae64ae4f47fd930e340a4a93ed Properly check the upper bound for DSA signatures (Closes: #1054667, CVE-2023-46234) (this message was generated automatically) -- Greetings https://bugs.debian.org/1054667
Bug#1054667: marked as pending in node-browserify-sign
Control: tag -1 pending Hello, Bug #1054667 in node-browserify-sign reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-browserify-sign/-/commit/4d2c381c69ccc4dacfb6f4ef41a9f3d2ec510217 Properly check the upper bound for DSA signatures (Closes: #1054667, CVE-2023-46234) (this message was generated automatically) -- Greetings https://bugs.debian.org/1054667
Bug#1054667: [Pkg-javascript-devel] Bug#1054667: node-browserify-sign: CVE-2023-46234
On 10/27/23 20:20, Moritz Mühlenhoff wrote: Source: node-browserify-sign X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for node-browserify-sign. CVE-2023-46234[0]: | browserify-sign is a package to duplicate the functionality of | node's crypto public key functions, much of this is based on Fedor | Indutny's work on indutny/tls.js. An upper bound check issue in | `dsaVerify` function allows an attacker to construct signatures that | can be successfully verified by any public key, thus leading to a | signature forgery attack. All places in this project that involve | DSA verification of user-input signatures will be affected by this | vulnerability. This issue has been patched in version 4.2.2. https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-46234 https://www.cve.org/CVERecord?id=CVE-2023-46234 Please adjust the affected versions in the BTS as needed. Hi, please find attached the debdiff for Bookworm Kind regards, Yadddiff --git a/debian/changelog b/debian/changelog index 5e3404f..c421503 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +node-browserify-sign (4.2.1-3+deb12u1) bookworm-security; urgency=high + + * Team upload + * Properly check the upper bound for DSA signatures (Closes: #1054667, CVE-2023-46234) + + -- Yadd Sat, 28 Oct 2023 12:03:04 +0400 + node-browserify-sign (4.2.1-3) unstable; urgency=medium * Team upload diff --git a/debian/patches/CVE-2023-46234.patch b/debian/patches/CVE-2023-46234.patch new file mode 100644 index 000..152fd72 --- /dev/null +++ b/debian/patches/CVE-2023-46234.patch @@ -0,0 +1,68 @@ +Description: properly check the upper bound for DSA signatures +Author: roadicing +Origin: upstream, https://github.com/browserify/browserify-sign/commit/85994cd6 +Bug: https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw +Bug-Debian: https://bugs.debian.org/1054667 +Forwarded: not-needed +Applied-Upstream: 4.2.2, commit: 85994cd6 +Reviewed-By: Yadd +Last-Update: 2023-10-28 + +--- a/browser/verify.js b/browser/verify.js +@@ -78,7 +78,7 @@ + + function checkValue (b, q) { + if (b.cmpn(0) <= 0) throw new Error('invalid sig') +- if (b.cmp(q) >= q) throw new Error('invalid sig') ++ if (b.cmp(q) >= 0) throw new Error('invalid sig') + } + + module.exports = verify +--- a/test/index.js b/test/index.js +@@ -4,6 +4,8 @@ + var nCrypto = require('crypto') + var bCrypto = require('../browser') + var fixtures = require('./fixtures') ++var BN = require('bn.js') ++var parseKeys = require('parse-asn1') + + function isNode10 () { + return parseInt(process.version.split('.')[1], 10) <= 10 +@@ -100,6 +102,35 @@ + t.end() + }) + } ++ ++ var s = parseKeys(pub).data.q; ++ test( ++f.message + ' against a fake signature', ++{ skip: !s || '(this test only applies to DSA signatures and not EC signatures, this is ' + f.scheme + ')' }, ++function (t) { ++ var messageBase64 = Buffer.from(f.message, 'base64'); ++ ++ // forge a fake signature ++ var r = new BN('1'); ++ ++ try { ++var fakeSig = asn1.signature.encode({ r: r, s: s }, 'der'); ++ } catch (e) { ++t.ifError(e); ++t.end(); ++return; ++ } ++ ++ var bVer = bCrypto.createVerify(f.scheme); ++ t['throws']( ++function () { bVer.update(messageBase64).verify(pub, fakeSig); }, ++Error, ++'fake signature is invalid' ++ ); ++ ++ t.end(); ++} ++ ); + }) + + fixtures.valid.kvectors.forEach(function (f) { diff --git a/debian/patches/series b/debian/patches/series index 8aafdeb..86ff972 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ drop-rmd160-support.patch +CVE-2023-46234.patch
Bug#1054667: marked as pending in node-browserify-sign
Control: tag -1 pending Hello, Bug #1054667 in node-browserify-sign reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-browserify-sign/-/commit/37c465825e522fd3757e3c52045413f8b0b1f56a New upstream version (Closes: #1054667, CVE-2023-46234) (this message was generated automatically) -- Greetings https://bugs.debian.org/1054667
Bug#1054667: marked as pending in node-browserify-sign
Control: tag -1 pending Hello, Bug #1054667 in node-browserify-sign reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-browserify-sign/-/commit/37c465825e522fd3757e3c52045413f8b0b1f56a New upstream version (Closes: #1054667, CVE-2023-46234) (this message was generated automatically) -- Greetings https://bugs.debian.org/1054667
Bug#1054766: marked as pending in node-signal-exit
Control: tag -1 pending Hello, Bug #1054766 in node-signal-exit reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-signal-exit/-/commit/18ede477f69e5419df0a09bd2a4f3eda5dc16c22 Fix test Closes: #1054766 (this message was generated automatically) -- Greetings https://bugs.debian.org/1054766
Bug#1054175: Closing: not a bug
Control: close -1 Control: notfound -1 2.0.0-2 Closing: unable to reproduce
Bug#1054443: node-graphql: website is build with Docusaurus not packaged for debian
Control: severity -1 wishlist On 10/23/23 23:21, Bastien Roucariès wrote: Source: node-graphql Version: 16.8.1-1 Severity: serious Tags: ftbfs Justification: FTBFS Control: block -1 by 1054426 Dear Maintainer, The documentation is build with docusaurus. See website directory https://sources.debian.org/src/node-graphql/16.8.1-1/website/src/pages/index.jsx/?hl=2#L2 You should repack or package docusaurus and rebuild Bastien No unreadable files here
Bug#1054435: [Pkg-javascript-devel] Bug#1054435: node-react-redux: website is build with Docusaurus not packaged for debian
Control: severity -1 wishlist On 10/23/23 23:08, Bastien Roucariès wrote: Source: node-react-redux Version: 8.1.2+dfsg1+~cs1.2.3-1 Severity: serious Tags: ftbfs Justification: FTBFS Control: block -1 by 1054426 Dear Maintainer, The documentation is build with docusaurus. See website directory You should repack or package docusaurus and rebuild Bastien No unreadable file here
Bug#1054439: [Pkg-javascript-devel] Bug#1054439: node-rjsf: website is build with Docusaurus not packaged for debian
Control: severity -1 wishlist On 10/23/23 23:15, Bastien Roucariès wrote: Source: node-rjsf Version: 5.6.2+~5.0.1-1 Severity: serious Tags: ftbfs Justification: FTBFS Control: block -1 by 1054426 Dear Maintainer, The documentation is build with docusaurus. See website directory https://sources.debian.org/src/node-rjsf/5.6.2+~5.0.1-1/packages/docs/docusaurus.config.js/?hl=54#L54 You should repack or package docusaurus and rebuild Bastien No unreadable files here
Bug#1054441: node-ts-jest: website is build with Docusaurus not packaged for debian
Control: severity -1 wishlist On 10/23/23 23:18, Bastien Roucariès wrote: Source: node-ts-jest Version: 29.1.1+~cs0.2.6-2 Severity: serious Tags: ftbfs Justification: FTBFS Control: block -1 by 1054426 Dear Maintainer, The documentation is build with docusaurus. See website directory https://sources.debian.org/data/main/n/node-ts-jest/29.1.1%2B~cs0.2.6-2/website/ You should repack or package docusaurus and rebuild Bastien No unreadable file here
Bug#1054434: [Pkg-javascript-devel] Bug#1054434: Bug#1054434: node-redux: website is build with Docusaurus not packaged for debian
On 10/24/23 06:25, Yadd wrote: Control: tags -1 + moreinfo On 10/23/23 23:07, Bastien Roucariès wrote: Source: node-redux Version: 4.2.1-1 Severity: serious Tags: ftbfs Justification: FTBFS Control: block -1 by 1054426 Dear Maintainer, The documentation is build with docusaurus. See website directory You should repack or package docusaurus and rebuild Bastien Hello, directory docs contains only .md files, totally readable. What is the serious bug here ? Also website/ directory, no unreadable file, no serialized files,... Do we have to consider html files as no source because they were written with a non free tool ?
Bug#1054434: [Pkg-javascript-devel] Bug#1054434: node-redux: website is build with Docusaurus not packaged for debian
Control: tags -1 + moreinfo On 10/23/23 23:07, Bastien Roucariès wrote: Source: node-redux Version: 4.2.1-1 Severity: serious Tags: ftbfs Justification: FTBFS Control: block -1 by 1054426 Dear Maintainer, The documentation is build with docusaurus. See website directory You should repack or package docusaurus and rebuild Bastien Hello, directory docs contains only .md files, totally readable. What is the serious bug here ?
Bug#1054167: [Pkg-javascript-devel] Bug#1054167: ftbfs: AssertionError in tests
Control: severity -1 important Hi, not really a serious-bug since it exists only when using a color term. Fixed anyway in version 2.0.0-4 Cheers, Yadd
Bug#1054167: marked as pending in node-grunt-legacy-log
Control: tag -1 pending Hello, Bug #1054167 in node-grunt-legacy-log reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-grunt-legacy-log/-/commit/a99a6dcef30cdff218135b42f672c34f3bd7c768 Disable colors during test Closes: #1054167 (this message was generated automatically) -- Greetings https://bugs.debian.org/1054167
Bug#1054174: marked as pending in node-clean-css
Control: tag -1 pending Hello, Bug #1054174 in node-clean-css reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-clean-css/-/commit/c8dc3ca049bd8edfc8560f37e03a2979b2aa92b0 Fix test using an older node-nock Closes: #1054174 (this message was generated automatically) -- Greetings https://bugs.debian.org/1054174
Bug#1054176: marked as pending in node-rollup-plugin-typescript
Control: tag -1 pending Hello, Bug #1054176 in node-rollup-plugin-typescript reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-rollup-plugin-typescript/-/commit/a075c1e7fae34b6c2583b0d0620548b53838d6c1 Update build Closes: #1054176 (this message was generated automatically) -- Greetings https://bugs.debian.org/1054176
Bug#1054175: [Pkg-javascript-devel] Bug#1054175: node-require-main-filename: failing dh_auto_test
Control: tags -1 + moreinfo On 10/18/23 20:27, Tianyu Chen wrote: Source: node-require-main-filename Version: 2.0.0-2 Severity: serious Tags: ftbfs Justification: fails to build from source X-Debbugs-Cc: sweetyf...@deepin.org Hi, During a rebuild of your package in unstable, your package fails to build from source. Full log can be accessed at: https://build.opensuse.org/package/live_build_log/home:utsweetyfish:node-202309/node-require-main-filename/Debian_Unstable/aarch64 Tail of log for your package: # Subtest: should default to process.cwd() if require.main is undefined not ok 1 - expected '/usr/src/packages/BUILD' to match /(?:.*autopkgtest.*|require-main-filename)/ --- [...] 1..1 # failed 1 test # time=95.325ms not ok 1 - test.js # time=95.325ms --- env: {} file: test.js timeout: 3 command: /usr/bin/node args: - test.js stdio: - 0 - pipe - 2 cwd: /usr/src/packages/BUILD exitCode: 1 ... 1..1 # failed 1 test # time=1113.041ms --|-|--|-|-|--- File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s --|-|--|-|-|--- All files | 100 | 100 | 100 | 100 | index.js | 100 | 100 | 100 | 100 | --|-|--|-|-|--- dh_auto_test: error: /bin/sh -ex debian/tests/pkg-js/test returned exit code 1 make: *** [debian/rules:8: binary] Error 25 dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2 Thanks! Tianyu Chen @ deepin Hi, I'm not able to reproduce this issue
Bug#1053010: marked as pending in node-jss
Control: tag -1 pending Hello, Bug #1053010 in node-jss reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-jss/-/commit/42393b0849d0ec9a603365387cd34f633536c75f Drop component css-initials Closes: #1053010 (this message was generated automatically) -- Greetings https://bugs.debian.org/1053010
Bug#1053880: marked as pending in node-babel
Control: tag -1 pending Hello, Bug #1053880 in node-babel reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-babel/-/commit/ab1563acf5657fad72235f0cd90f8a709fddc4f4 Only evaluate own String/Number/Math methods (Closes: #1053880, CVE-2023-45133) (this message was generated automatically) -- Greetings https://bugs.debian.org/1053880
Bug#1053880: marked as pending in node-babel
Control: tag -1 pending Hello, Bug #1053880 in node-babel reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-babel/-/commit/b77c2b9b7cdc2a5201bf0f7d258348e5ee5312c3 Only evaluate own String/Number/Math methods (Closes: #1053880, CVE-2023-45133) (this message was generated automatically) -- Greetings https://bugs.debian.org/1053880
Bug#1053880: marked as pending in node-babel
Control: tag -1 pending Hello, Bug #1053880 in node-babel reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-babel/-/commit/ff932dfe976deb4b61b26ffb8f7bd8535df95c4b Only evaluate own String/Number/Math methods (Closes: #1053880, CVE-2023-45133) (this message was generated automatically) -- Greetings https://bugs.debian.org/1053880
Bug#1042282: marked as pending in node-rollup-plugin-buble
Control: tag -1 pending Hello, Bug #1042282 in node-rollup-plugin-buble reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-rollup-plugin-buble/-/commit/084b820632bc21d8e362506ff5a9869833326bfd Add typescript workaround Closes: #1042282 (this message was generated automatically) -- Greetings https://bugs.debian.org/1042282
Bug#1042309: marked as pending in node-buble
Control: tag -1 pending Hello, Bug #1042309 in node-buble reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-buble/-/commit/9d0191904173cee876b2f686e5acf74668aa6649 Add fix for node-magic-string >= 0.30 Closes: #1042309 (this message was generated automatically) -- Greetings https://bugs.debian.org/1042309
Bug#1032552: marked as pending in libjs-img.srcset
Control: tag -1 pending Hello, Bug #1032552 in libjs-img.srcset reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/libjs-img.srcset/-/commit/eba3c765eb078cde1c3d2b47610c98c45836c181 Replace node-uglify by uglifyjs Closes: #1032552 (this message was generated automatically) -- Greetings https://bugs.debian.org/1032552
Bug#1041217: marked as pending in node-chart.js
Control: tag -1 pending Hello, Bug #1041217 in node-chart.js reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-chart.js/-/commit/f49158cca0323e1d16aa69708e9747d9597b2ee5 Fix install and then autopkgtest (Closes: #1039918, #1041217) (this message was generated automatically) -- Greetings https://bugs.debian.org/1041217
Bug#1043519: marked as pending in node-fast-json-stable-stringify
Control: tag -1 pending Hello, Bug #1043519 in node-fast-json-stable-stringify reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-fast-json-stable-stringify/-/commit/95c69450080850c4f2a392bb20e1f9aeed1e9ada Add Breaks+Replaces node-json-stable-stringify < 1.0.2+repack1 Closes: #1043519 (this message was generated automatically) -- Greetings https://bugs.debian.org/1043519
Bug#1038486: marked as pending in devscripts
Control: tag -1 pending Hello, Bug #1038486 in devscripts reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/debian/devscripts/-/commit/27510296e4159b8b9f2369054e8322bcce80c158 Update changelog Closes: #1038486 (this message was generated automatically) -- Greetings https://bugs.debian.org/1038486
Bug#1041220: src:libgitlab-api-v4-perl: fails to migrate to testing for too long: triggers autopkgtest regression in devscripts
On 7/15/23 22:46, Paul Gevers wrote: Source: libgitlab-api-v4-perl Version: 0.26-3 Severity: serious Control: close -1 0.27-1 Tags: sid trixie User: release.debian@packages.debian.org Usertags: out-of-sync Control: block -1 by 1038486 Dear maintainer(s), The Release Team considers packages that are out-of-sync between testing and unstable for more than 30 days as having a Release Critical bug in testing [1]. Your package src:libgitlab-api-v4-perl has been trying to migrate for 32 days [2]. Hence, I am filing this bug. The package in unstable triggers an autopkgtest issue in devscripts, which is reported in bug 1038486. If a package is out of sync between unstable and testing for a longer period, this usually means that bugs in the package in testing cannot be fixed via unstable. Additionally, blocked packages can have impact on other packages, which makes preparing for the release more difficult. Finally, it often exposes issues with the package and/or its (reverse-)dependencies. We expect maintainers to fix issues that hamper the migration of their package in a timely manner. This bug will trigger auto-removal when appropriate. As with all new bugs, there will be at least 30 days before the package is auto-removed. I have immediately closed this bug with the version in unstable, so if that version or a later version migrates, this bug will no longer affect testing. I have also tagged this bug to only affect sid and trixie, so it doesn't affect (old-)stable. If you believe your package is unable to migrate to testing due to issues beyond your control, don't hesitate to contact the Release Team. Paul Hi, the error looks to be: 55s t/salsa-config.t .. ok 56s Undefined subroutine ::to_json called at ./t/salsa.pm line 49. 56s # Tests were run but no plan was declared and done_testing() was not seen. 56s # Looks like your test exited with 255 just after 1. 56s t/salsa.t . Gitlab::API::v4 uses JSON::MaybeXS which may use a different JSON stack. I just added a "use JSON" in t/salsa.pm. Maybe this is enough to fix this issue https://salsa.debian.org/debian/devscripts/-/commit/5bbc8778 Regards, Yadd
Bug#1037234: marked as pending in node-babel
Control: tag -1 pending Hello, Bug #1037234 in node-babel reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-babel/-/commit/3da48e6ad82bbad879b7c75084e57ca30c25f38d Add missing Breaks+Replaces against all node-babel-* that were in Debian 10 Closes: #1037234 (this message was generated automatically) -- Greetings https://bugs.debian.org/1037234
Bug#1036259: [Pkg-javascript-devel] Bug#1036259: moment-timezone.js: FTBFS in testing: make[1]: *** [debian/rules:28: execute_before_dh_auto_configure] Error 1
On 5/28/23 19:56, gregor herrmann wrote: On Thu, 18 May 2023 09:00:03 +0200, Lucas Nussbaum wrote: During a rebuild of all packages in testing (bookworm), your package failed to build on amd64. Relevant part (hopefully): debian/rules binary dh binary dh_update_autotools_config dh_autoreconf debian/rules execute_before_dh_auto_configure make[1]: Entering directory '/<>' # Fail the build if the tzdata package does not match TZVER. grep -q '^# version 2022g$' /usr/share/zoneinfo/tzdata.zi make[1]: *** [debian/rules:28: execute_before_dh_auto_configure] Error 1 This looked reasonably easy to fix (cf. attached patch), but the tests fail as follows: Hi, I fixed it in salsa (needs an update to import 2023 data). I'm waiting for Martina review who maintains it. Cheers, Yadd #v+ Running "nodeunit:countries" (nodeunit) task Testing countries.jsFF countries - zone_countries Error: [] deepEqual [ 'CA' ] at Object.deepEqual (/usr/share/nodejs/nodeunit/lib/types.js:83:39) at Object.zone_countries (tests/countries/countries.js:230:8) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at /usr/share/nodejs/nodeunit/lib/core.js:236:16 at Object.exports.runTest (/usr/share/nodejs/nodeunit/lib/core.js:70:9) at /usr/share/nodejs/nodeunit/lib/core.js:118:25 at /usr/share/javascript/async/async.js:665:13 at iterate (/usr/share/javascript/async/async.js:149:13) at async.eachSeries (/usr/share/javascript/async/async.js:165:9) countries - zone_countries Error: [ 'US' ] deepEqual [ 'UM', 'US' ] at Object.deepEqual (/usr/share/nodejs/nodeunit/lib/types.js:83:39) at Object.zone_countries (tests/countries/countries.js:552:8) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at /usr/share/nodejs/nodeunit/lib/core.js:236:16 at Object.exports.runTest (/usr/share/nodejs/nodeunit/lib/core.js:70:9) at /usr/share/nodejs/nodeunit/lib/core.js:118:25 at /usr/share/javascript/async/async.js:665:13 at iterate (/usr/share/javascript/async/async.js:149:13) at async.eachSeries (/usr/share/javascript/async/async.js:165:9) countries - country_zones Actual: [ 'America/Atikokan', 'America/Blanc-Sablon', 'America/Cambridge_Bay', 'America/Creston', 'America/Dawson','America/Dawson_Creek', 'America/Edmonton', 'America/Fort_Nelson', 'America/Glace_Bay', 'America/Goose_Bay', 'America/Halifax', 'America/Inuvik', 'America/Iqaluit', 'America/Moncton', 'America/Panama','America/Phoenix', 'America/Puerto_Rico', 'America/Rankin_Inlet', 'America/Regina','America/Resolute', 'America/St_Johns', 'America/Swift_Current', 'America/Toronto', 'America/Vancouver', 'America/Whitehorse','America/Winnipeg' ] Operator: deepEqual Expected: [ 'America/Atikokan', 'America/Blanc-Sablon', 'America/Cambridge_Bay', 'America/Creston', 'America/Dawson','America/Dawson_Creek', 'America/Edmonton', 'America/Fort_Nelson', 'America/Glace_Bay', 'America/Goose_Bay', 'America/Halifax', 'America/Inuvik', 'America/Iqaluit', 'America/Moncton', 'America/Panama','America/Phoenix', 'America/Puerto_Rico', 'America/Rankin_Inlet', 'America/Regina','America/Resolute', 'America/St_Johns', 'America/Swift_Current', 'America/Toronto', 'America/Vancouver', 'America/Whitehorse','America/Winnipeg', 'America/Yellowknife' ] at Object.deepEqual (/usr/share/nodejs/nodeunit/lib/types.js:83:39) at Object.country_zones (tests/countries/countries.js:646:8) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at /usr/share/nodejs/nodeunit/lib/core.js:236:16 at Object.exports.runTest (/usr/share/nodejs/nodeunit/lib/core.js:70:9) at /usr/share/nodejs/nodeunit/lib/core.js:118:25 at /usr/share/javascript/async/async.js:665:13 at iterate (/usr/share/javascript/async/async.js:149:13) at /usr/share/javascript/async/async.js:160:25 countries - country_zones Actual: [ 'Pacific/Midway', 'Pacific/Pago_Pago', 'Pacific/Tarawa', 'Pacific/Wake' ] Operator: deepEqual Expected: [ 'Pacific/Honolulu', 'Pacific/Midway', 'Pacific/Pago_Pago', 'Pacific/Tarawa', 'Pacific/Wake' ] at Object.deepEqual (/usr/share/nodejs/nodeunit/lib/types.js:83:39) at Object.country_zones (tests/countries/countries.js:839:8) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at Object. (/usr/share/nodejs/nodeunit/lib/core.js:236:16) at /usr/share/nodejs/nodeunit/lib/core.js:236:16 at Object.exports.runTest (/usr/share/nodejs/nodeunit/lib/core.js:70:9) at /usr/share/nodejs/nodeunit/lib/core.js:118:25 at /usr/share/javascript/async/async.js:665:13 at iterate (/usr/
Bug#1036690: marked as pending in node-emotion
Control: tag -1 pending Hello, Bug #1036690 in node-emotion reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-emotion/-/commit/deb2717ca5e84e545197951722f01c78d9d4ab74 Add Breaks+Replaces against node-mermaid Closes: #1036690 (this message was generated automatically) -- Greetings https://bugs.debian.org/1036690
Bug#1036688: marked as pending in node-mermaid
Control: tag -1 pending Hello, Bug #1036688 in node-mermaid reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-mermaid/-/commit/f6149e09a4830459f94cfbf24d6b7e058c83d2a1 Drop component stylis Closes: #1036688 (this message was generated automatically) -- Greetings https://bugs.debian.org/1036688
Bug#1036610: marked as pending in node-isomorphic-fetch
Control: tag -1 pending Hello, Bug #1036610 in node-isomorphic-fetch reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-isomorphic-fetch/-/commit/a7a89da794133ec648e8d14cfe1d5e63b92d8026 Update fetch-npm-browserify.js link Closes: #1036610 (this message was generated automatically) -- Greetings https://bugs.debian.org/1036610
Bug#1036579: marked as pending in node-is-docker
Control: tag -1 pending Hello, Bug #1036579 in node-is-docker reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-is-docker/-/commit/3e122f4eca062235bdab9f8209656971ecc28673 Fix /usr/bin/is-docker link Closes: #1036579 (this message was generated automatically) -- Greetings https://bugs.debian.org/1036579
Bug#1036052: marked as pending in node-react-hot-loader
Control: tag -1 pending Hello, Bug #1036052 in node-react-hot-loader reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-react-hot-loader/-/commit/6f7fbc2894d51a3fc10e03901c206902fc7d4cea Fix binary packages versions Closes: #1036052 (this message was generated automatically) -- Greetings https://bugs.debian.org/1036052
Bug#1035805: node-source-map: copyright file missing after upgrade (policy 12.5)
On 5/10/23 20:25, Andreas Beckmann wrote: Control: tag -1 - moreinfo On 10/05/2023 17.54, Yadd wrote: node-source-map depends on libjs-source-map, so the link isn't broken in normal installation. After a fresh installation in bookworm, the link is /usr/share/doc/node-source-map -> libjs-source-map and everything is fine, but after an upgrade from bullseye the link is /usr/share/doc/node-source-map -> ../libjs-source-map which does not work. node-source-map.maintscript has the corresponding error: dir_to_symlink /usr/share/doc/node-source-map ../libjs-source-map 0.7.0++dfsg2+really.0.6.1-9~ Simply reinstalling the package fixes the link (the package already ships the correct link and dpkg-maintscript-helper does not touch it again in this case. So there is no need for a manual cleanup of this mess. All that needs to be done is an upload with the fixed path (removing '../') in node-source-map.maintscript. Done thanks !
Bug#1035805: node-source-map: copyright file missing after upgrade (policy 12.5)
Control: tags -1 + moreinfo On 5/9/23 16:13, Andreas Beckmann wrote: Package: node-source-map Version: 0.7.0++dfsg2+really.0.6.1-13 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, a test with piuparts revealed that your package misses the copyright file after an upgrade, which is a violation of Policy 12.5: https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information After the upgrade /usr/share/doc/$PACKAGE/ is just an empty directory. This was observed on the following upgrade paths: bullseye -> bookworm From the attached log (scroll to the bottom...): 0m39.3s ERROR: WARN: Inadequate results from running adequate! node-source-map: broken-symlink /usr/share/doc/node-source-map -> ../libjs-source-map node-source-map: missing-copyright-file /usr/share/doc/node-source-map/copyright Hi, node-source-map depends on libjs-source-map, so the link isn't broken in normal installation. Regards, Yadd MISSING COPYRIGHT FILE: /usr/share/doc/node-source-map/copyright # ls -lad /usr/share/doc/node-source-map lrwxrwxrwx 1 root root 19 May 3 22:16 /usr/share/doc/node-source-map -> ../libjs-source-map # ls -la /usr/share/doc/node-source-map/ ls: cannot access '/usr/share/doc/node-source-map/': No such file or directory Additional info may be available here: https://wiki.debian.org/MissingCopyrightFile Note that dpkg intentionally does not replace directories with symlinks and vice versa, you need the maintainer scripts to do this. See in particular the end of point 4 in https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-unpack-phase-of-installation-or-upgrade It is recommended to use the dpkg-maintscript-helper commands 'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14) to perform the conversion, ideally using d/$PACKAGE.maintscript. See dpkg-maintscript-helper(1) and dh_installdeb(1) for details. cheers, Andreas
Bug#1034969: Fwd: Bug#1034969: terser: missing Breaks+Replaces for uglifyjs.terser when upgrading from bullseye
On 5/2/23 08:25, Jonas Smedegaard wrote: Quoting Yadd (2023-05-02 04:58:47) a previous "unblock" was missing here: unstable version is 5.16.5-1 while testing version is 5.16.4-1. What do you want to do, fix only this bug with a 5.16.5-really-5.16.4-1 or a full update ? It is a bugfix release, and as such I would consider it relevant for stable, but I get exhausted just thinking about the need for "defending" changes against the release team: If you do it, you can desice if you want to try get all of it in or only a (arguably too) minimal patch. Thanks! - Jonas For the record, unblock issue is #1035368