Le jeu. 21 déc. 2023 à 10:54, Moritz Muehlenhoff <j...@inutil.org> a écrit :
> On Thu, Dec 21, 2023 at 06:43:35AM +0100, Salvatore Bonaccorso wrote: > > Hi, > > > > [CC'ing node-undici uploader] > [CC-ing the good email address for node-undici uploader] > > > >> Ack, let's do that. Could you prepare bookworm-security updates > > > >> based on 18.17.0 (after it has landed in unstable)? > > > > > > > nodejs 18.19.0 has landed in testing. > > > It rebuilds fine in bookworm, and test-suite-during-build pass on > amd64. > > > > > > It also requires "node-undici", precisely for that change: > > > > > > node-undici (5.28.2+dfsg1+~cs23.11.12.3-2) unstable; urgency=medium > > > > > > * Build and publish undici-types, needed by new @types/node > > > > > > Is there a way to deal with this ? > > > > Then I guess we need this as pre-requisite upload to bookworm as well. > > > > Maybe Moritz has a better idea, but one option is to propose this > > update regularly as bookworm-pu and once it's in proposed update ask > > DSA to make the security chroots pick as well updates from > > prpopsoed-updates if we plan to release nodejs via a DSA (or otherwise > > via bookworm-pu as well). > > > > One other alternative is to make a non-security upload for > > node-unidici containing that change to the security archive, which the > > nodejs update can pick. > > I think we can handle it similar to what we recently did when OpenJDK > bumped > it's requirement for jtreg: When we have a suitable update for node-undici > Attached is a debdiff for a node-undici update (which backports what has been done in testing). > we upload it to security-master and the security buildds will be able to > use it to build the new nodejs. And then it simply gets released along with > the nodejs update. > > Cheers, > Moritz >
node-undici-deb12u2-to-deb12u3.debdiff
Description: Binary data
-- Pkg-javascript-devel mailing list Pkg-javascript-devel@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-javascript-devel
