On 10/03/20 8:08 pm, Mason James wrote: > Hi Koha devs > > We have a dependency problem with the release of debian-10 and the following > packages. (debian-11 is ok) > > libmojolicious-perl > libmojolicious-plugin-openapi-perl > libyaml-libyaml-perl
> Two other options... > 1/ use kc.org debian packages, with cpanminus (or similar) providing the > distro specific packages (extra installation steps and complexity) > 2/ ignore the problem for now, and accept that older koha/distro > combinations will be forced to break some other points i didnt mention... koha on buster has a security bug. the solution requires some packages to be updated i can push the packages to the koha repo to fix this problem, but... (there's always a but) the new packages will break jessie :/ when jessie-lts support officially finishes on 30th june 2020, i can happily push these packages - but between now and 30th june we need to decide on a fix for the security bug on buster https://wiki.debian.org/LTS some other options... 3/ do nothing and tell people to not use buster, until june 4/ provide buster packages in an separate repo, until june 5/ provide instructions to add buster packages using cpanm, until june 6/ update koha repo to fix buster, and provide jessie packages in an separate repo 7/ update koha repo to fix buster, and provide instructions to add jessie packages using cpanm 8/ submit required buster packages to debian buster-backports repo (not sure how difficult this is) i prefer option 4/, as its the least disruptive for users, and only requires an extra sources.list line to implement also... i think we should hold off on redesigning the koha apt repository until *after* this buster security issue is fixed cheers, Mason _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
