2017-04-03 16:45 GMT+02:00 Niels Thykier <ni...@thykier.net>: > Thomas Goirand: >> Hi, >> >> [...] >> > >> Also, removing such a non-leaf package at this point of the release is a >> way too late. IMO, a bug should have been opened a long time ago asking >> for an upgrade of the package. >> > > > Hi, > > I would (also) strongly prefer, if we got better at finding and dealing > with things like outside the freeze. That said... > > In the concrete case, the removal does not look too bad at a metadata > level. Assuming qtwebchannel5-examples can drop its dependency, the > rest can be removed from testing without affecting any other package > than those listed below. > > """ > $ dak rm -nR -s testing npm > [...] > Checking reverse dependencies... > # Broken Depends: > npm2deb: npm2deb > qtwebchannel-opensource-src: qtwebchannel5-examples [...] > > # Broken Build-Depends: > ruby-license-finder: npm > """ > >> Last, at this point in time, I believe we should discuss the issue with >> the release team. They may agree, for example, that we upgrade the >> package to a newer version (this is unlikely, but it is up to them to >> tell). They may don't agree that we "fix" so many source package to >> remove the build-dependency. Anyway, the solution should be discuss with >> them. Therefore, I'm CC-ing the release team. >> > > From my PoV; upgrade is unlikely to be accepted. Removal appears to be > doable, so the real question is: > > * Is npm so out of date that it is release critical? > > If yes, fix qtwebchannel-opensource-src (etc.) and remove the rest from > stretch. If no, tag it -ignore and move on. To be honest, I know next > to nothing about npm and its state, so I will apply "Do-cracy" to this > decision. > AFAICT, Jérémy Lal have done all of the uploads since 2013 and is the > sole committer to the packaging between 2013-08 to 2014-08[1], which > pretty much makes Jérémy the closest person to an "active do'er" in this > case. > > @Jérémy Lal: Your call: > > * Are you willing to support npm for 3-5 years in stretch given its > current state? > - If yes, then tag the npm bug stretch-ignore or downgrade it > - If no, then we will effectuate the removal before the release.
I agree completely with the above analysis, and I'm not willing to support the current npm version that is in testing. To others, preoccupied that npm won't be available in debian: - please help with npm maintenance - hopefully we'll make an updated version installable through debian backports, Jérémy.
