Greetings Security Team and Go Team members,
(Note that I am not subscribed to the debian-go mailing list and I
appreciated to be kept in the CC of replies.)
Last month I updated golang-yaml.v2 in buster LTS (DLA-3479-1). This was
work that I took over from another LTS contributor, and since I am
On Mon, Aug 14, 2023 at 11:54 PM Roberto C. Sánchez wrote:
>
> Greetings Security Team and Go Team members,
>
> (Note that I am not subscribed to the debian-go mailing list and I
> appreciated to be kept in the CC of replies.)
>
> Last month I updated golang-yaml.v2 in buster LTS (DLA-3479-1). Thi
On Tue, Aug 15, 2023 at 12:03:00AM +0800, Shengjing Zhu wrote:
>
> This is not right, you should check the Built-Using field. For example
> grep-dctrl -F Built-Using golang-yaml.v2 -sPackage
>
> This will drop some packages that only use golang-yaml.v2 for tests,
> which don't need to be rebuilt.
On Tue, Aug 15, 2023 at 12:11 AM Roberto C. Sánchez wrote:
>
> On Tue, Aug 15, 2023 at 12:03:00AM +0800, Shengjing Zhu wrote:
> >
> > This is not right, you should check the Built-Using field. For example
> > grep-dctrl -F Built-Using golang-yaml.v2 -sPackage
> >
> > This will drop some packages t
