Package: node-rollup-plugin-terser
Version: 7.0.2-4
Severity: serious
Tags: ftbfs
Justification: Policy 2.1
https://ci.debian.net/packages/n/node-rollup-plugin-terser/testing/amd64/
shows that node-rollup-plugin-terser test randomly fails
Package: lintian
Version: 2.104.0
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
Hi,
lintian looks enable to understand `packages/*/test` expression when
trying to verify that files declared in debian/tests/pkg-js/files exist.
Package: dpkg
Version: 1.20.7.1
Severity: normal
Hi,
I made an error using master alternatives to install some manpages, but
I can't change this because update-alternatives refuse to replace a
master alternative into a slave one during upgrade. Could you provide a
way to do this in
Package: ftp.debian.org
Severity: normal
Hi,
node-express-generator isn't compatible with current node-commander and
node-mkdirp. It has no reverse dependencies, so I thinks it should be
removed from Debian.
)
[ Changes ]
Regex fix
Cheers,
Xavier
diff --git a/debian/changelog b/debian/changelog
index c96adf9c..240d1f4d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+cyrus-imapd (3.0.8-6+deb10u5) buster; urgency=medium
+
+ * Fix cron script (Closes: #980240)
+
+ -- Xavier Guimard Sat
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
Hi,
node-request is deprecated (#956423) and won't be part of Bullseye. I'd
like to see it removed from testing after node-jsdom
Package: coffeescript
Version: 1.12.8~dfsg-4
Severity: serious
coffeescript build seems broken. Logs:
dpkg-source -b .
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: info: building coffeescript using existing
./coffeescript_1.12.8~dfsg.orig.tar.gz
dpkg-source: info: using
Package: node-cross-spawn-async
Version: 2.2.5-4
Severity: serious
As node-cross-spawn, node-cross-spawn-async shoul d be kept out of
Bullseye
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-javascript-de...@lists.alioth.debian.org
* Package name: ts-jest
Version : 26.4.4
Upstream Author : Kulshekhar Kabra <https://github.com/kulshekhar>
* URL :
Package: node-vinyl-fs
Version: 3.0.3-5
Severity: normal
Please embed typescript definitions
Package: node-gyp-build
Severity: serious
Justification: Policy 2.1
node-gyp-rebuild replaces `node-gyp rebuild` using pre-compiled
binaries. This is useless in Debian.
I did an error when packaging it, this package should be removed from
Debian archive, shouldn't it?
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
Hi,
all reverse dependencies to node-babel-preset-env have been updated to
use node-babel7 (or virtual "node-babel-preset-env ≥ 7"), so this
package can now be safely removed from Debian archive.
Package: node-express-generator
Version: 4.0.0-2
Severity: grave
Tags: sid, ftbfs
Justification: renders package unusable
node-express-generator isn't compatible with current node-commander,
neither node-mkdirp. As it has no reverse dependency, I suggest to
remove it from Debian
Package: ftp.debian.org
Severity: normal
Hi,
like node-cross-spawn (already removed), node-cross-spawn-async is
useless in Debian ad should be removed. It has no reverse dependencies.
Cheers,
Xavier
Package: node-consolidate
Version: 0.15.1+repack-1
Severity: serious
Enabling test proves that node-consolidate depends on node-babel-core 6:
```
function requireReact(module, filename) {
var babel = requires.babel || (requires.babel = require('babel-core'));
var compiled =
Package: node-terser
Version: 4.1.2-7
Severity: important
Tags: patch
With commander 6, uglifyjs.terser displays:
Usage: uglifyjs [options]...
instead of:
Usage: uglifyjs.terser [options]...
The simple attached patch fixes test check with a more tolerant regex.
Please apply this patch if
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
Hi,
node-samsam is deprecated. It is now @sinonjs/samsam
(node-sinonjs-samsam) which is part of node-sinon.
node-samsam has no reverse dependencies, it should be removed from
Debian archive.
Package: libjs-bootstrap4
Version: 4.5.2+dfsg1-3
Severity: serious
Version 4.5.2+dfsg1-2 transform /usr/share/javascript/bootstrap4 from
symlink to dir without any maintscript. This break updates.
@@ -1,3 +1,11 @@
+node-ini (1.3.5-1+deb10u1) buster; urgency=medium
+
+ * Team upload
+ * Do not allow invalid hazardous string as section name
+(Closes: #977718, CVE-2020-7788)
+
+ -- Xavier Guimard Sat, 19 Dec 2020 20:48:36 +0100
+
node-ini (1.3.5-1) unstable; urgency=medium
* Team Upload
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
node-jsv isn't maintained upstream for 8 years, useless and unmaintained
in Debian. It has no reverse dependencies and could be safely removed.
Package: libjs-milligram
Severity: serious
Tags: security
libjs-milligram is marked as maintained by JS Team, howeber uploader is
not member of this team and repository isn't under /js-team/ tree.
Package: node-regenerator-transform
Version: 0.14.5-2
Severity: serious
Tags: ftbfs
Since 0.14.5-2, dependency to node-babel7 was replaced by a dependency to
node-babel-runtime (>= 7) which is provided by:
* node-babel-runtime (src node-babel 6)
* virtual node-babel-runtime provided by
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-javascript-de...@lists.alioth.debian.org
* Package name: node-gyp-build
Version : 4.2.3
Upstream Author : Mathias Buus
* URL : https://github.com/prebuild/node
Package: node-rollup-plugin-terser
Version: 7.0.2-2
Severity: grave
Justification: renders package unusable
When trying current rollup-plugin-terser (7.0.2) with current
node-terser (4.1.2), package is unuseable:
$ rollup -c
index.js → dist/pako.js, dist/pako.min.js...
[!] (plugin terser)
Package: ts-node
Version: 9.0.0-1
Severity: serious
Tags: ftbfs
Here is the relevant part of build log:
make[1]: Entering directory '/<>'
tsc
src/index.spec.ts(4,25): error TS2307: Cannot find module 'semver' or its
corresponding type declarations.
make[1]: *** [debian/rules:7:
Package: node-istanbul
Version: 0.4.5+ds+~cs53.14.45-1
Severity: important
babel-types should be replaced by @babel/types
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
Hi,
node-formatio isn't maintained upstream [1]: it has been replaced by
@sinonjs/formatio which is included in node-sinon. No package depend on
it, so I think it should be removed from Debian
+
+ * Team upload.
+ * Fix prototype pollution (Closes: #976390, CVE-2020-7774)
+
+ -- Xavier Guimard Fri, 04 Dec 2020 15:41:08 +0100
+
node-y18n (3.2.1-2) unstable; urgency=medium
* Enable tests
diff --git a/debian/patches/CVE-2020-7774.patch
b/debian/patches/CVE-2020-7774.patch
new file
Package: ftp.debian.org
Severity: normal
Hi,
node-htmlparser has been deprecated in favor of node-htmlparser2. It is
no more maintained upstream and here and has no reverse dependencies.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
node-databank is unmaintained in Debian for a while and useless: no
reverse dependency, popcon ~0,...
I think it should be removed from Debian.
Cheers,
Xavier
Package: node-backbone
Version: 1.3.3~dfsg-5
Severity: important
node-typescript-types is deprecated, please embed @types/backbone in
node-backbone.
Package: ftp.debian.org
Severity: normal
Hi,
npx is provided by npm, this old library is:
* no more used in Debian
* orphaned upstream (npm integrated it directly)
I thinks it should be removed from Debian.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
following #958403, node-cross-spawn does risky path mangling and should
be rremoved from Debian.
Cheers,
Xavier
Package: libjs-sizzle
Version: 1.10.18-1
Severity: important
Tags: patch ftbfs
Hi,
following #974218 discussion, node-typescript-types no more embeds
@types/sizzle, please embed it in libjs-sizzle.
A proposal package is ready in https://salsa.debian/org/js-team/sizzle,
it fixes this and the 2
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: node-yaml
Version : 1.10.0
Upstream Author : Eemeli Aro
* URL : https://github.com/eemeli/yaml
* License : ISC
Programming Lang: JavaScript
Package: wabt
Version: 1.0.20-1
Severity: important
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
Hi,
wabt.js upstream repository is a minified file built from wabt. This
package is a reverse dependency of many packages in Debian (via webpack,
webassembly, jest,...). Without it,
Package: node-schema-utils
Version: 2.6.6-1
Severity: serious
node-schema-utils API changed: `require("schema-utils")` becomes
`require("schema-utils").validate`
Package: ftp.debian.org
Severity: normal
Hi ftpmasters,
node-minimalistic-assert is a very small package, unused in Debian and
never migrates to testing (#860483: too small package).
I think this package should be removed from Debian.
Cheers,
Xavier
Package: lintian-brush
Version: 0.86
Severity: normal
Hi,
when launching lintian-brush in apache2 source directories, it says that
upstream signing key were optimized but I still have:
public-upstream-key-not-minimal upstream/signing-key.asc has 2 extra
signature(s) for keyid
Package: node-uuid
Version: 8.2.0-1
Severity: important
Hi,
node-uuid breaks dependent package with error like:
Package subpath './v1' is not defined by "exports" in
/usr/share/nodejs/uuid/package.json
(same error with any of v{1,2,3,4}.js)
Cheers,
Xavier
Package: node-requirejs
Version: 2.3.6-2
Severity: important
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
Hi,
to avoid version conflicts, JS team decided to remove typescript
definitions (node-typescript-types) and embed them directly in the
relevant packages.
node-requirejs isn't
Package: ftp.debian.org
Severity: normal
Hi,
node-crypto-cacerts is:
* very small (should be embedded)
* unmaintained upstream (only one commit 5 years ago)
* useless in Debian
So I think it should be removed from Debian.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
node-capture-stream is:
* very small (should be embedded)
* unmaintained upstream (no commit for 5 years)
* useless in Debian
So I think it should be removed from Debian.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
node-array-series is:
* very small (should be embedded)
* unmaintained upstream (no commit for 7 years
* useless in Debian
So I think it should be removed from Debian.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
node-array-parallel is:
* very small (should be embedded)
* unmaintained upstream (no changes for 6 years)
* useless in Debian
So I think it should be removed from Debian.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
node-absolute-path is:
* very small (should be embedded)
* unmaintained upstream (only one commit 7 years ago)
* useless in Debian
So I think it should be removed from Debian.
Cheers,
Xavier
Package: node-client-sessions
Version: 0.8.0-2
Severity: serious
Tags: ftbfs upstream
Hi,
node-request won't be part of bullseye, please patch
node-client-sessions to replace node-request by another library
(node-got, node-fetch, node-axios,...).
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: node-prompts
Version : 2.4.0
Upstream Author : Terkel Gjervig Nielsen
* URL : https://github.com/terkelg/prompts
* License : Expat
Programming
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: node-sane
Version : 4.1.0
Upstream Author : Amjad Masad
* URL : https://github.com/amasad/sane
* License : Expat
Programming Lang: JavaScript
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: node-emittery
Version : 0.7.2
Upstream Author : Sindre Sorhus
* URL : https://github.com/sindresorhus/emittery
* License : Expat
Programming
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@alioth-lists.debian.net
Hi,
eyes.js is no longer maintained upstream. I patched its reverse
dependency (vows) to remove this link. No eyes.js can be safely removed
from Debian.
This removal has been discussed in RC-bug
Package: devscripts
Version: 2.20.4
Severity: wishlist
Control: user -1 devscri...@packages.debian.org
Control: usertags -1 uscan
uscan offers some target for components: ignore, same,... "same" is
strict and matches only the exact same version, while "ignore" doesn't
check anything.
It could be
Package: licensecheck
Version: 3.0.47-1
Severity: minor
Hi,
when launching licensecheck in a nodejs module, I'd like to see
licensecheck reveals which license is used in package.json
Cheers,
Xavier
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-javascript-de...@lists.alioth.debian.org
* Package name: node-source-map-resolve
Version : 0.6.0
Upstream Author : Simon Lydell
* URL : https://github.com/lydell
Package: ftp.debian.org
Severity: grave
Justification: renders package unusable
User: ftp.debian@packages.debian.org
Usertags: dak
Today dak rejected 4 of my uploads with:
Processing raised an exception: a bytes-like object is required, not 'str'.
Traceback (most recent call last):
Package: autopkgtest
Version: 5.15
Severity: wishlist
Hi,
thanks for the new "Architecture" field. I'd like to propose an
improvment. node-millstone test randomly fails on i386 arch (it's a
arch=all package). For now, I disabled i386 autopkgtest, but I'd like to
have a autopkgtest feature that
@@ -1,3 +1,11 @@
+libdbi-perl (1.642-1+deb10u2) buster; urgency=medium
+
+ [ Salvatore Bonaccorso ]
+ * t/51dbm_file.t: add test from RT#99508
+ * lib/DBD/File.pm: fix CVE-2014-10401 (Closes: #972180)
+
+ -- Xavier Guimard Thu, 29 Oct 2020 07:35:08 +0100
+
libdbi-perl (1.642-1+deb10u1) buster
Package: node-eslint-scope
Version: 5.0.0-2
Severity: important
Hi,
@types/eslint-scope is required at least to upgrade webpak. Please embed
it.
Cheers,
Xavier
Package: eslint
Version: 5.16.0~dfsg-7
Severity: important
Hi,
@types/eslint is required at least to update webpack. Please embed it.
Cheers,
Xavier
-7751)
+
+ -- Xavier Guimard Mon, 26 Oct 2020 04:44:16 +0100
+
node-pathval (1.1.0-3) unstable; urgency=medium
* Point d/watch to /releases instead of /tags.
diff --git a/debian/patches/CVE-2020-7751.diff
b/debian/patches/CVE-2020-7751.diff
new file mode 100644
index 000..7d1ed9a
pollution in set() (Closes: CVE-2020-15256)
+
+ -- Xavier Guimard Thu, 22 Oct 2020 18:38:10 +0200
+
node-object-path (0.11.4-2) unstable; urgency=medium
* Update Vcs fields for migration to https://salsa.debian.org/
diff --git a/debian/patches/CVE-2020-15256.diff
b/debian/patches/CVE-2020
Package: lintian
Version: 2.98.0
Severity: normal
Hi all,
last lintian shows a strange false positive info:
package-does-not-install-examples debian/examples
Cheers,
Xavier
Package: npm2deb
Version: 0.3.0-5
Severity: important
npm2deb currently uses salsa repository to know if a package already
exists or not. This is a bad way because:
* some node packages are not under pkg-js umbrella (node-almond,...)
* lintian warns when a package does not declare its modules
Package: node-lightgallery
Version: 1.6.11+dfsg-1
Severity: serious
Justification: 4
Hi,
debian/source/lintian-overrides overwrites some real problems: the
"concat" part of Gulpfile uses modules/* files which are all obfuscated
using minification (downloaded from distinct sources).
A possible
Package: node-pruddy-error
Version: 2.0.2-1
Severity: important
Tags: patch
Hi,
test is not enabled in this package, while it is easy to enable it:
* `echo mocha >debian/tests/pkg-js/test`
* install "assume" and "fn.name" in debian/tests/test_modules
and update debian/copyright
* update
Package: node-babel7
Version: 7.11.6+~cs65.71.39-1
Severity: normal
This is required by @babel/runtime/regenerator/index.js
Package: libconfig-model-dpkg-perl
Version: 2.139
Severity: normal
All is in the subject ;-)
Cheers,
Xavier
Package: libconfig-model-dpkg-perl
Version: 2.139
Severity: minor
Hi,
Since all dh-sequence-* build dependencies are virtual packages, cme
should ignore related warnings.
Cheers,
Xavier
Package: lintian
Version: 2.97.0
Severity: normal
X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org
When building nodejs packages, using dh-sequence-nodejs, lintian
reports:
E: node-rollup-plugin-typescript source:
missing-build-dependency-for-dh-addon nodejs => pkg-js-tools
This is
Package: node-locate-character
Version: 2.0.5-1
Severity: serious
Justification: source-is-missing
2.0.5 is packaged from npm registry temporarily to be able to build
rollup 2. Upstream didn't push 2.0.5 source in git repo (last github
release/HEAD is 2.0.1), then 2.0.5 was packaged from npm
Package: rollup
Version: 1.12.0-2
Severity: serious
Tags: ftbfs
Justification: Policy 7.7.7
node-rollup 1.12.0 can't be build with current typescript (4.0.2). It
requires tsc 3.4.5 (tested with success). Output:
$ tsc --esModuleInterop
src/ModuleLoader.ts:59:3 - error TS2322: Type '(id: string)
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-javascript-de...@lists.alioth.debian.org
* Package name: node-deepmerge
Version : 4.2.2
Upstream Author : Josh Duff
* URL : https://github.com/TehShrike/deepmerge
+ * Team upload
+ * Add localInfile option to control LOAD DATA LOCAL INFILE
+(Closes: #934712, CVE-2019-14939)
+
+ -- Xavier Guimard Mon, 14 Sep 2020 15:57:57 +0200
+
node-mysql (2.16.0-1) unstable; urgency=medium
* Team upload
diff --git a/debian/patches/CVE-2019-14939.patch
b/debi
when Perl stack is reallocated
+(Closes: CVE-2020-14392)
+
+ -- Xavier Guimard Thu, 10 Sep 2020 10:04:13 +0200
+
libdbi-perl (1.642-1) unstable; urgency=medium
[ Xavier Guimard ]
diff --git a/debian/patches/CVE-2020-14392.patch
b/debian/patches/CVE-2020-14392.patch
new file mode 100644
Package: lintian
Version: 2.93.0
Severity: normal
Hi,
I'm unable to override team/pkg-perl/testsuite/no-team-tests. When
adding
source: team/pkg-perl/testsuite/no-team-tests autopkgtest
lintian report a `bad override` and when adding
package source: team/pkg-perl/testsuite/no-team-tests
: #969668, CVE-2020-7729)
+
+ -- Xavier Guimard Sun, 06 Sep 2020 23:41:10 +0200
+
grunt (1.0.1-8) unstable; urgency=medium
[ Harish K ]
diff --git a/debian/patches/CVE-2020-7729.patch
b/debian/patches/CVE-2020-7729.patch
new file mode 100644
index 000..64bed12
--- /dev/null
+++ b/debian
..3bc7a59 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+node-elliptic (6.4.1~dfsg-1+deb10u1) buster; urgency=medium
+
+ * Prevent malleability and overflows (Closes: CVE-2020-13822)
+
+ -- Xavier Guimard Tue, 01 Sep 2020 13:24:44 +0200
+
node-elliptic (6.4.1~dfsg-1) unstable
d missing test dependency: mocha
+ * Fix insufficient validation and sanitization of user input
+(Closes: CVE-2020-8124)
+
+ -- Xavier Guimard Tue, 01 Sep 2020 12:55:09 +0200
+
node-url-parse (1.2.0-2) unstable; urgency=medium
* Team upload
diff --git a/debian/control b/debian/control
+1,10 @@
+node-bl (1.1.2-1+deb10u1) buster; urgency=medium
+
+ * Team upload
+ * Add patch to fix over-read vulnerability (Closes: #969309, CVE-2020-8244)
+
+ -- Xavier Guimard Mon, 31 Aug 2020 10:35:09 +0200
+
node-bl (1.1.2-1) unstable; urgency=low
* Team upload.
diff --git a/debian
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-p...@lists.debian.org
* Package name: liburi-normalize-perl
Version : 0.002
Upstream Author : Andrew Sterling Hanenkamp
* URL : https://metacpan.org/pod/URI
+ * Team upload
+ * Don't show password in logs (Closes: CVE-2020-15095)
+
+ -- Xavier Guimard Fri, 28 Aug 2020 13:36:33 +0200
+
npm (5.8.0+ds6-4+deb10u1) buster; urgency=medium
* Add patches to fix arbitrary path access
diff --git a/debian/patches/CVE-2020-15095.diff
b/debian/patches/CVE-
Package: gyp
Version: 0.1+20200513gitcaa6002-1
Severity: normal
Hi,
gyp is currently maintain under pkg-js umbrella. This package is a cross
platform tool written in Python and stored in salsa.d.o/debian/ area.
Then I don't understand the link with pkg-js team.
Cheers,
Xavier
Package: autodep8
Version: 0.23
Severity: important
Hi,
when trying to use new debian/tests/autopkgtest-pkg-${type}.conf, it
seems to be unread. Example with pkg-js-tools (after removing current
debian/tests/control and adding Testsuite):
$ cat debian/tests/autopkgtest-pkg-perl.conf
Source: loggerhead
Severity: serious
Hi,
as explained one year ago ([1] without any response), yui3 is going to
be removed (#962167). Please remove dependency to this library
(libjs-yui3-min).
As yui3 never entered in testing due to DFSG problems, I chose to set
severity to serious here.
Package: ftp.debian.org
Severity: normal
Hi,
yui3 was uploaded in 2012 and never maintained since except one NMU by
security team. I wrote a mail 1 year ago o the bazaar team which has the
only one reverse dep (loggerhead), without any response [4].
yui3 has DFSG problem and should not stay as
Package: ftp.debian.org
Severity: normal
Hi,
node-diffie-hellman never entered in testing due to security issue [1].
Upstream did not fix it for 3 years.
node-diffie-hellman was introduced to be able to package
node-browserify, but this package no more needs it. Then I think
node-diffie-hellman
Package: node-deep-for-each
Version: 3.0.0-1
Severity: serious
Control: affects -1 node-grunt-webpack
Version 3.0.0 breaks node-grunt-webpack. Probably due to this change:
> This library is no longer built with Babel, you must compile it
> yourself within your app
Revert to a version 2.x may
Package: node-code
Version: 6.0.0-3
Severity: important
Hi,
node-code is useless and has a name that could be ambiguous. Upstream
name is now @hapi/code.
I think we should remove this package. If a package needs @hapi/code,
we could package it later.
Package: node-babel7
Version: 7.4.5+~cs6.2.2-2
Severity: important
Control: affects -1 twitter-boostrap4
Please upgrade to last published version (7.9.6). This is required at
least to upgrade twitter-bootstrap to 4.5.0
Package: ftp.debian.org
Severity: normal
Hi,
node-babel-plugin-transform-builtin-extend is deprecated with
node-babel7. It should be removed from Debian archive
Package: src:cyrus-imapd
Version: 3.2.0-3
Severity: serious
Control: forwarded -1 https://github.com/cyrusimap/cyrus-imapd/issues/3040
Test fails on all big endian arch
Package: libdpkg-perl
Version: 1.19.7
Severity: normal
Hi,
while trying to use pkg.$sourcepackage.$anything in DEB_BUILD_OPTIONS,
dkg-buildpackage reports:
dpkg-buildpackage: warning: invalid flag in DEB_BUILD_OPTIONS:
pkg.node-yarnpkg.test
However it seems that
f7509b9..9b6d599 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+node-dot-prop (4.1.1-1+deb10u2) buster; urgency=medium
+
+ * Fix regression introduced in CVE-2020-8116 fix (Closes: #960283)
+
+ -- Xavier Guimard Thu, 14 May 2020 09:42:34 +0200
+
node-dot-prop (4.1.1-1
Package: eslint
Version: 5.16.0~dfsg-5
Severity: serious
Justification: unknwon
Hi,
node-babel7 seems required by autopkgtest test:
not ok 344 -
/tmp/autopkgtest-lxc.9p09fhxf/downtmp/build.w0w/src/lib/formatters/codeframe.js
---
message: '"@babel/code-frame" is not found.'
severity:
Package: ftp.debian.org
Severity: normal
Hi all,
node-babel-plugin-precompile-charcodes is deprecated with node-babel7 and
depends on node-babel 6 which is going to be removed. It should be
removed from Debian archive.
Package: ftp.debian.org
Severity: normal
Hi all,
node-babel-preset-es2015-loose is deprecated with node-babel7 and
depends on node-babel 6 which is going to be removed. It should be
removed from Debian archive.
Package: rainloop
Version: 1.12.1-2
Severity: important
Hi,
rainloop build-depends on node-babel* 6 which are going to be removed.
Please fix this.
Package: ftp.debian.org
Severity: normal
Hi,
node-babel-plugin-transform-async-to-bluebird is deprecated by
node-babel7. It should be removed from Debian.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
node-babel-preset-flow-vue is deprecated with node-babel7 and not used. It
should be removed.
Cheers,
Xavier
Package: ftp.debian.org
Severity: normal
Hi,
Useless with node-babel7 is deprecated with node-babel7 and not used. It
should be removed.
Cheers,
Xavier
1 - 100 of 418 matches
Mail list logo
