Source: golang-raven-go Version: 0.2.0+ds1-2 Severity: serious Tags: security X-Debbugs-Cc: z...@debian.org, prav...@debian.org
Hi Pirate Praveen, In 2018, you said we should not package golang-github-certifi-gocertifi[1], as we should use the system CA bundles. But why you include that in the vendor dir[2] in golang-raven-go? [1] https://lists.debian.org/debian-go/2018/12/msg00065.html [2] https://salsa.debian.org/go-team/packages/golang-raven-go/-/tree/debian/0.2.0+ds1-1/vendor/github.com/certifi/gocertifi
