[Debian-med-packaging] Bug#1023401: src:python-biopython: unsatisfied build dependency in testing: python3-rdflib
Paul Gevers
elbrus at debian.org
Thu Nov 3 20:04:50 GMT 2022
Hi,
On 03-11-2022 18:03, Andreas Tille wrote:
> its all about the fact that rdflib is broken and removed from testing.
> We are nagging upstream constantly[1] with no success so far. This
> issue creates noise about testing removals in about 100 packages and
> is extremely annoying.
&&
On 03-11-2022 17:58, Jonas Smedegaard wrote:
> no comment at bug#1012482 which includes a
> suggestion (which I agree with) to lower the severity of that bug to
> simply not be release-critical: Yes, naïve implementations of the RDF
> protocol can be tricked into pulling data from the filesystem, because
> URIs are not necessarily all http-based and failing to care for that
> may lead to surprises - which would be neat if generic RDF processing
> tools were to ensure protection against but in my opinion unreasonable
> to *require*: As I understand it, the equivalent would be to kick out
> libcurl from Debian because it doesn't offer the heavy and complex
> sandboxing mechanisms implemented in (only the biggest) web browsers.
I haven't spent time yet to make up *my* mind about the severity of the
problem, but if people have serious doubts about the severity, the
Release Team is the appropriate body in Debian to make that call. So if
you believe the bug severity is too high, by all means bring it to the RT.
On 03-11-2022 18:03, Andreas Tille wrote:
> I assume if you want to file bugs about missing python3-rdflib manually
> its quite a waste of time for you since the problem is known and more
> bug reports will not make things more visible.
Well, there were only 4 packages due to python3-rdflib; the total amount
of packages flagged by dose (in testing) [1] is rather limited and I
also have automated it by now. *Build* dependencies are unfortunately
not automatically ensured in testing, so it needs a tiny bit of
baby-sitting. That's why I filed these bugs today.
Paul
[1] https://qa.debian.org/dose/debcheck/src_testing_main/latest/amd64.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/debian-med-packaging/attachments/20221103/152bfb62/attachment-0001.sig>
More information about the Debian-med-packaging
mailing list