On Thu, 03 Dec 2015 17:42:22 +0200 Chris Lamb <la...@debian.org> wrote:
> What, exactly, are we worried about? My experience of investigating > and handling of security issues in very old versions of Django are > that they are usually trivially backportable anyway. > > (Just my quick thoughts, apologies for any incoherence.) My primary concern is exactly what has just happened in unstable. I went to the extent of installing and testing lava-server with django1.9 from experimental and fixed the issues. Yet when I actually install django1.9 from unstable, I get a completely unanticipated error from the removal of an item that was *not* declared as deprecated in the django tests but which, nonetheless, crippled localhost with a HTTP 500. http://paste.debian.net/341382/ I'm fed up with this. 1.9 is unfit for upload, even to experimental. It should not have gone into unstable in this state. I spent a month upgrading to 1.8. I installed and tested 1.9 from experimental and fixed some minor issues. When 1.9 actually arrives in unstable, I get completely unrelated, undocumented, undeclared, massive, system-critical breakage. No-one can be expected to get their packages in line with 1.9 if the version for testing in experimental is not the version that actually gets into unstable! -- Neil Williams ============= http://www.linux.codehelp.co.uk/
pgp3VJVBUq4iT.pgp
Description: OpenPGP digital signature
_______________________________________________ Python-modules-team mailing list Python-modules-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team