On Thu, Dec 21, 2023 at 06:43:35AM +0100, Salvatore Bonaccorso wrote: > Hi, > > [CC'ing node-undici uploader] > > >> Ack, let's do that. Could you prepare bookworm-security updates > > >> based on 18.17.0 (after it has landed in unstable)? > > > > > nodejs 18.19.0 has landed in testing. > > It rebuilds fine in bookworm, and test-suite-during-build pass on amd64. > > > > It also requires "node-undici", precisely for that change: > > > > node-undici (5.28.2+dfsg1+~cs23.11.12.3-2) unstable; urgency=medium > > > > * Build and publish undici-types, needed by new @types/node > > > > Is there a way to deal with this ? > > Then I guess we need this as pre-requisite upload to bookworm as well. > > Maybe Moritz has a better idea, but one option is to propose this > update regularly as bookworm-pu and once it's in proposed update ask > DSA to make the security chroots pick as well updates from > prpopsoed-updates if we plan to release nodejs via a DSA (or otherwise > via bookworm-pu as well). > > One other alternative is to make a non-security upload for > node-unidici containing that change to the security archive, which the > nodejs update can pick.
I think we can handle it similar to what we recently did when OpenJDK bumped it's requirement for jtreg: When we have a suitable update for node-undici we upload it to security-master and the security buildds will be able to use it to build the new nodejs. And then it simply gets released along with the nodejs update. Cheers, Moritz