Your message dated Wed, 11 Mar 2026 20:05:46 -0400
with message-id
<CAB4XWXy2Yuh78jq-+=TxpQM_9ezNHDjN7udo7pd8Gq=pkad...@mail.gmail.com>
and subject line Re: Bug#1130418: httpx: upstream status
has caused the Debian Bug report #1130418,
regarding httpx: upstream status
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1130418: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130418
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: httpx
Version: 0.28.1-1
Severity: important
Hey.
IMO it should be checked whether this project is either dead or perhaps
compromised upstream.
The latter has apparently decided to close any issue reporting/discussions
for at best obscure reasons[0], possibly meaning also that there is / can be
no further security reporting and support from upstream.
Doesn't seem to be particularly viable for a library that tries to be a
base library and self proclaimed successor to requests.
Cheers,
Philippe.
[0] https://github.com/encode/httpx/discussions/3784
--- End Message ---
--- Begin Message ---
> IMO it should be checked whether this project is either dead or perhaps
> compromised upstream.
It's unclear what exactly trigger that decision, there is some
speculations at
https://www.reddit.com/r/Python/comments/1rl5kuq/anyone_know_whats_up_with_httpx/
(with reference to a redesign project at
https://github.com/encode/httpnext).
I dont think it raises to the point (yet) where we can call the
project dead or the upstream being compromised.
I'll keep an eye out, while in the meantime closing out this bug report
--
Sandro Tosi - http://sandrotosi.me/
--- End Message ---
