Hi Andrew, On 07/04/2026 14:46, Andrew Lee wrote:
Hello team,I am fixing CVE-2026-33186 in golang-google-grpc by updating it to the fixed upstream new version. However, the package builds but I noticed some old code under `debian/missing-sources/`. To avoid any protencial issues, I would like to ensure these are up to date as well. But I foud no document for how to update files under `debian/missing-sources/`, anyone who may give me any example or hints?
As a reminder, I did update some of them in https://salsa.debian.org/go-team/packages/golang-google-grpc/-/merge_requests/4
What I did was downloading the .zip from Github and then copying the needed files to missing-source. I agree that this is not ideal and that it would be good to at least document this in debian/README.sources, and if possible, make a simple script to update them (also documented in README.sources.
-- Nicolas Peugnet
OpenPGP_signature.asc
Description: OpenPGP digital signature
