Package: sopel Version: 6.6.2-1 Severity: serious Tags: upstream In bug #927481, I was bit by a bug that wasn't solved upstream in a simple patch release. It would force me to maintain a fork of the project for every supported debian release to fix any bug, because upstream doesn't follow the semver.org convention of using "patch" releases for critical bugfixes and security issues.
Instead, Sopel upstream releases x.y.z release with major changes in "z" patch releases. An example from #927481 is: > For example right now there is 6.6.4 release that fixes this bug: > > https://sopel.chat/changelog/6.6.4/ > > ... but it also includes changes like: > > * Cleaned up code in instagram and unicode modules > * Core modules now use bot.channels instead of deprecated bot.privileges > > Which couldn't be eligible for a stable update. So I even though the original bug was fixed in the latest upload, I don't think sopel should be shipped with bullseye until this situation changes, especially since the package is orphaned. Next step in this bug would be to open the discussion with upstream about this, maybe this is something they could work on. -- System Information: Debian Release: 10.1 APT prefers stable-debug APT policy: (500, 'stable-debug'), (500, 'stable'), (1, 'experimental'), (1, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages sopel depends on: ii adduser 3.118 ii lsb-base 10.2019051400 ii python3 3.7.3-1 ii python3-dnspython 1.16.0-1 pn python3-geoip2 <none> pn python3-praw <none> ii python3-requests 2.21.0-1 ii python3-tz 2019.1-1 ii python3-xmltodict 0.11.0-2 Versions of packages sopel recommends: ii ipython3 5.8.0-1 ii python3-enchant 2.0.0-1 ii python3-feedparser 5.2.1-1 ii python3-lxml 4.3.2-1 sopel suggests no packages.
