Dear Shengjing, On 11-01-2023 09:32, Shengjing Zhu wrote:
This is a point release for golang 1.19 which happens today.
Where can I find the upstream policy on point release updates? Or, if not documented in one place, can you describe it? Is 1.19 a bug-fix only branch already, or are new feature appearing in point release updates too? In other words, help us assess the risk.
[ Impact ] If we can be closer to upstream latest release, it will be easier to backport security patch for bookworm.
That holds for every package, but we're now frozen, so we need to balance.
The history record for golang point release doesn't show regressions.
That's good, are you talking about point release in general, or releases to stable? For security updates in Debian stable releases, have you also been uploading new point releases, or did you pick patches every time?
Just for confidence, I'm currently leaning to accept this. Paul
OpenPGP_signature
Description: OpenPGP digital signature
