Package: python3-certifi Version: 2019.11.28-1 Severity: minor While the package is patched to return the system location, it still ships /usr/lib/python3/dist-packages/certifi/cacert.pem which causes the .deb to be larger than it must.
Furthermore it might lead people to believe using that bundle is acceptable by hardcoding a path to it. -- System Information: Debian Release: bullseye/sid APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.3.0-3-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_WARN Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8) Shell: /bin/sh linked to /bin/lksh Init: sysvinit (via /sbin/init) Versions of packages python3-certifi depends on: ii ca-bundle [ca-certificates] 20190604tarent1 ii python3 3.7.5-3 python3-certifi recommends no packages. python3-certifi suggests no packages. -- no debconf information
