Hi Jochen, Am Donnerstag, dem 24.02.2022 um 11:26 +0100 schrieb Jochen Sprickerhof: > > > - Keep the current (old) version of h2 in Debian till jameica is > updated, given that jameica is the only user. > > - Upload the old version of h2 as jameica-h2database and move the jar to > /usr/share/jameica. That would basically mark the package as jameica > only and would free up the h2database package to move to a newer > version. > > What do you think?
I would rather tend to option two in order to move forward and to provide the latest version of h2 which is supported by upstream and easier to maintain in the future. You could also try to import the h2 1.4.x source code into jameica or hibiscus for the time being and then use it to build both packages. That would allow us to simply upgrade the existing h2 source package and you could do whatever you want with the old h2 version. We just have to keep track of potential security vulnerabilities but the attack surface should be much smaller. I leave the decision to you because your packages are the only real consumers of h2 in Debian. Cheers, Markus
signature.asc
Description: This is a digitally signed message part
__ This is the maintainer address of Debian's Java team <https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.
