Quoting Paul Gevers (2022-11-03 13:30:20) > Dose [1] is reporting a build issue with your package, it's missing a > build dependency. Obviously your build dependencies shouldn't be > removed from testing, but unfortunately there are multiple scenarios > where that can happen nevertheless. To uphold our social contract, > Debian requires that packages can be rebuild from source in the suite > we are shipping them, so currently this is a serious issue with your > package in testing. > > Can you please investigate the situation and figure out how to resolve > it? Regularly, if the build dependency is available in unstable, > helping the maintainer of your Build-Depends to enable migration to > testing is a great way to solve the issue. If your build dependency is > gone from unstable and testing, you'll have to fix the build process > in some other way.
I don't know how python3-rdflib managed to get kicked from testing without its reverse build-dependencies getting kicked as well. That looks like the real (meta)bug here to me. Reason python3-rdflib got kicked seems to be that its maintainer (the Python team) has spent *zero* time on the one RC bug filed against the package: They have made no comment at bug#1012482 which includes a suggestion (which I agree with) to lower the severity of that bug to simply not be release-critical: Yes, naïve implementations of the RDF protocol can be tricked into pulling data from the filesystem, because URIs are not necessarily all http-based and failing to care for that may lead to surprises - which would be neat if generic RDF processing tools were to ensure protection against but in my opinion unreasonable to *require*: As I understand it, the equivalent would be to kick out libcurl from Debian because it doesn't offer the heavy and complex sandboxing mechanisms implemented in (only the biggest) web browsers. If bug#1012482 should continue to be treated as RC then I see no other approach for zeitgeist than to kick that as well. Which I find sad and unfair, but oh well - solving the upstream bug seems pretty challenging (and seems to attract little effort due to being relatively academic). - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ * Sponsorship: https://ko-fi.com/drjones [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
