On Wed, Dec 30, 2020 at 12:47:04PM +0100, Philipp Kern wrote:
>...
> I would have liked to make the ability to binNMU more accessible
> (similar to the give-back self-service), however I'm now somewhat
> convinced that we need no change source-only uploads, preferably
> performed centrally by dak.
On 29.12.20 23:39, Josh Triplett wrote:
> API is not ABI, and in many ecosystems (including but not limited to
> Rust), a library is more than just a set of symbol names pointing to
> compiled machine code. For instance, libraries can include generics,
> compile-time code generation, constant
On Tue, Dec 29, 2020 at 02:39:04PM -0800, Josh Triplett wrote:
>...
> I've seen and experienced multiple times, in Debian, that it's dangerous
> to start implementing solutions before first ensuring that they will be
> accepted by whoever actually makes the call for what to adopt. Once
> there are
On Tue, Dec 29, 2020 at 03:19:30PM +0200, Adrian Bunk wrote:
> [...] Rust [...]
I did not bring up Rust, nor was I referring to Rust specifically, nor
am I speaking for either Rust upstream or the work of the Rust team in
Debian. There are *multiple* ecosystems in which the equivalent of
On Mon, Dec 28, 2020 at 03:51:12PM -0800, Josh Triplett wrote:
>...
> 3) Such a patch would require further analysis to determine if other
>changes need to happen in concert to avoid breakage. If abc exposes
>any types from xyz, it may need a major version bump as well; this
>isn't
On Mon, Dec 28, 2020 at 03:51:12PM -0800, Josh Triplett wrote:
> On Mon, Dec 28, 2020 at 03:20:35PM +0200, Adrian Bunk wrote:
> > On Sat, Dec 26, 2020 at 02:55:17PM -0800, Josh Triplett wrote:
>...
> 2) There's not enough benefit to the patch to carry it downstream. This
>is part of the point
Simon McVittie wrote:
> On Sat, 26 Dec 2020 at 14:55:17 -0800, Josh Triplett wrote:
> > I'm talking about packaging xyz 1.3.1 and 2.0.1, as separate xyz-1 and
> > xyz-2 packages, and allowing the use of both in build dependencies.
>
> This is not all that rare even for C/C++ code, as exemplified
On Mon, Dec 28, 2020 at 03:20:35PM +0200, Adrian Bunk wrote:
> On Sat, Dec 26, 2020 at 02:55:17PM -0800, Josh Triplett wrote:
> >...
> > If you want to package abc version 1.2.3, and among many other things,
> > abc depends on xyz version 2.1.4, and xyz has a new version 3.0.1 now,
> > it makes
On Sat, Dec 26, 2020 at 02:55:17PM -0800, Josh Triplett wrote:
>...
> If you want to package abc version 1.2.3, and among many other things,
> abc depends on xyz version 2.1.4, and xyz has a new version 3.0.1 now,
> it makes sense to work with the upstream of abc, sending them a patch to
> migrate
On Sat, 26 Dec 2020 at 14:55:17 -0800, Josh Triplett wrote:
> I'm talking about packaging xyz 1.3.1 and 2.0.1, as separate xyz-1 and
> xyz-2 packages, and allowing the use of both in build dependencies.
This is not all that rare even for C/C++ code, as exemplified by
GTK and other libraries that
Adrian Bunk wrote:
> On Fri, Dec 18, 2020 at 04:25:19PM -0800, Josh Triplett wrote:
> >...
> > I'm not suggesting there should be 50 versions of a given
> > library in the archive, but allowing 2-4 versions would greatly simplify
> > packaging, and would allow such unification efforts to take
On Tue, Dec 22, 2020 at 10:24 PM Adrian Bunk wrote:
> To me it always feels as if these ecosystems are not interested in
> providing any support for that.
NPM at least provides security advisories. I used to try syncing those
to the Debian sectracker but don't bother now as it is too much work
On Fri, Dec 18, 2020 at 04:25:19PM -0800, Josh Triplett wrote:
>...
> I'm not suggesting there should be 50 versions of a given
> library in the archive, but allowing 2-4 versions would greatly simplify
> packaging, and would allow such unification efforts to take place
> incrementally, via
Hi,
On 19-12-2020 01:25, Josh Triplett wrote:
> Given all of the above improvements, it'd be much more feasible for
> tooling to help systematically unbundle and package dependencies, and to
> help manage and transition those dependencies in the archive.
Especially in the JavaScript arena, I
On 19.12.20 01:25, Josh Triplett wrote:
Jonas Smedegaard wrote:
Quoting Raphael Hertzog (2020-12-17 13:16:14)
Even if you package everything, you will never ever have the right
combination of version of the various packages.
What is possible to auto-compute is a coarse view of the work
Jonas Smedegaard wrote:
> Quoting Raphael Hertzog (2020-12-17 13:16:14)
> > Even if you package everything, you will never ever have the right
> > combination of version of the various packages.
>
> What is possible to auto-compute is a coarse view of the work needed.
>
> In reality, most Nodejs
16 matches
Mail list logo
