Bug#883107: octicons: Ships binaries without building them

On Thu, 30 Nov 2017 06:41:05 +1100 Ben Finney wrote: > So, this bug should be resolved by: > > * Removing the package until its true build dependencies (including > the build dependency to compile the fonts from source) are all in > Debian. > > * Working with others to

Bug#883107: octicons: Ships binaries without building them

On 29-Nov-2017, Johannes Schauer wrote: > Source: octicons > Version: 4.4.0-1 > Severity: serious The justification for this bug severity as “serious” is, IMO, that it constitutes a violation of Policy §2.2.1: […] the packages in ‘main’ […] must not require or recommend a package outside

Bug#883107: octicons: Ships binaries without building them

Source: octicons Version: 4.4.0-1 Severity: serious Hi, the octicons package ships font binary files directly copied from the upstream tarball without building them from source. This is problematic for two reasons: 1. it is not trivial to verify that the source code upstream supplies is