Michael Gilbert writes ("Re: Dealing with embedded javascript libraries"): > There isn't any real technical factor limiting the number of versions > to one. Theoretically, there could both jquery1.4 and jquery1.6 > source packages coexisting (as long as the binary files are > appropriately versioned as well). Thus if wordpress only works with > 1.4, then it can use that temporarily until it gets updated to support > 1.6 (or whatever the problem it was that started this discussion).
The difficulty is that if we end up with ten different versions of some random javascript library, when it turns out to have a security vulnerability we need to somehow backport the patch to each of those ten versions. And here "we" means the security team, not the people who uploaded the ten versions in the first place. So this is rather unpalatable. Ian. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20136.38836.832796.412...@chiark.greenend.org.uk