Hi Alan, I am the maintainer (uploader) of quickfix in Debian. Oddly, I somehow missed the bug report about the FTBFS on riscv64.
On Sat, Jul 08, 2023 at 09:52:02AM -0400, Alan Beadle wrote: > Hello, > > The upstream for quickfix contains a very old embedded library copy > [1]. This originally came up in the context of a FTBFS on riscv64. It > doesn't seem to be tracked here yet [2]. > This was also something that I was not aware of. > Debian already has a package for the library in question, called > libdouble-conversion-dev. > > Quickfix upstream recently closed their bug [3] for the FTBFS on which > I had mentioned the embedded copy, but the embedded copy is still > present. > It looks like in recent days/weeks there has been a lot of activity with upstream working to clean up many of the open PRs and other things like that. I got the impression that their strategy is "close everything, and whatever people really think is important they will create new issues/PRs for". In any event, I only saw this email because I subscribed to the security tracker mailing list. It would have been good to (1) ping me directly on the initial FTBFS bug after some time with no response (again, I apologize for not having seen it and responded), and (2) to CC me directly on this particular email, rather then sending it only to the security tracker list. As it is, I am now aware of this issue, and I can see about addressing it soon. Regards, -Roberto -- Roberto C. Sánchez
