On 07/12/2017 12:15 AM, Kristian Fiskerstrand wrote: > On 07/11/2017 04:13 PM, Kristian Fiskerstrand wrote: >> On 07/11/2017 03:47 PM, Michael Palimaka wrote: >>> The main risk of breakage of a package moving from testing to >>> stable is always at build time anyway. >> >> citation needed >> > > Anecdotal evidence against, currently gnupg 2.1.21 scdaemon bug will > happily sign a third party public keyblock's UID using signature subkey > on smartcard, which results in useless signature that doesn't have any > effect, but the application builds fine. > > This means gnupg 2.1.21 is not a candidate for stabilization, but it > certainly builds fine. >
Stop trolling - you know perfectly well that this sort of issue would never ever be caught during arch testing. Nor should it be - it's called *arch* testing for a reason. Ensuring that a package's functionality is of merchantable quality is the maintainer's responsibility (that's you!).
