@jibel > can you point to the Debian Go packaging guidelines you're mentioning? https://go-team.pages.debian.net/packaging.html
It is stated in the bug description: "- This package violates Debian Policy. It vendorizes various Go (in vendor/) and Rust libraries (in vendor_rust/). We are maintaining them up to date with dependabot in our upstream CI. The Go part is covered by the govulncheck security scanning on the Go version we are depending on and its vendored dependency." However there's no TODO wrt to that. Just the translations as a recommendation. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048781 Title: [MIR] authd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2048781/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs