Hi Anton, thanks for your feedback.
Am Dienstag, dem 14.03.2023 um 06:11 +0100 schrieb Anton Gladky: > Hi Daniel, > > congratulations on your first update! > > Some notes: > > 1) to be consistent with all other updates please do not add the suffix > in the version number I'm not quite sure what you mean by that. "gbp dch -S" adds the ~1.[gitrev] ... to snapshots. That will be removed when doing the finalization and the final version number will be: 2.2.3-1+deb10u2 which I think is exactly what it should be. > 2) t is not quite a team upload. Better use "dch --lts" which > converts to "* Non-maintainer upload by the LTS Security Team." That's a good idea. > 3) Please check, why piuparts is failing on CI. I have already yesterday, and I wasn't able to reproduce that (the log is also not clear about the "what is actually happening"). But I check once more in the evening. > 4) Regarding behavioral change... I cannot evaluate without the context. > Maybe someone else from LTS team or the original maintainer can help. Well, the context is that uploads to stable (or oldstable for that matter) should usually not change the behavior. The behavior of version 2.2.3-1+deb10u1 is that it will scrub nested <script> elements completely, while 2.2.3-1+deb10u2 will basically escape the <script> HTML elements and treat them as if they were in a CDATA section. It's not a "big" change, but still. Regards, Daniel
