Le dimanche, 2 décembre 2018, 23.18:38 h CET Sebastian Andrzej Siewior a écrit : > On 2018-12-02 13:06:04 [+0000], Debian Bug Tracking System wrote: > > #900160: ruby-eventmachine: FTBFS against openssl 1.1.1 > > > > ruby-eventmachine (1.0.7-4.1) unstable; urgency=medium > > . > > > > * Non-maintainer upload. > > * Build-Depend against libssl1.0-dev; aka OpenSSL << 1.1 > > > > (Closes: #900160) > > Please revert that one. We don't want more dependencies on > libssl1.0-dev. We want it actually out of testing and are down to one > package.
Which one? > I wouldn't care much but since ruby-eventmachine is a key package it > might migrate to testing… That's exactly the point: porting ruby-eventmachine to work with OpenSSL 1.1 is not easy and not done upstream. An apparently it is not easily removable from Debian testing either. Sure, removing OpenSSL 1.0 is important, but specifically for ruby-eventmachine, it's better to have one that builds (and works) instead of one that doesn't, especially as it's a dependency for lots of other software. With these updated Build-Dependencies, at some point, the Release Team could "just" remove libssl1.0-dev (and all the reverse dependencies tree) from testing, thereby forcing the update of the concerned packages to depend (and work) on OpenSSL 1.1. (Also, I can't revert the NMU, the package would not build :-) ) Cheers, OdyX