Daniel Shahaf wrote on Thu, 29 Aug 2019 00:44 +00:00: > I do concede that if we had just a single release format, tarballs, > that'd be easier on downstreams, but I do not accept that releasing > patches would place an unreasonable burden on downstreams.
Forgot one thing: the releases have generated parts (configure and swig), so vulnerabilities that affect these can't easily be released as patches. That's another reason to continue to release tarballs — for which we should, as Julian said, streamline the patch release process.
