On Fri, Sep 16, 2016 at 09:57:43AM +0100, Santiago Vila wrote: > On Fri, Sep 16, 2016 at 09:40:54AM +0100, Simon McVittie wrote: > > On Thu, 15 Sep 2016 at 23:50:33 +0200, Thomas Goirand wrote: > > > Recently, the upload python-cryptography broke pyopenssl, and pyopenssl > > > had to be upgraded to support the new python-cryptography (I don't have > > > the exact details, but it doesn't mater much here...). > > > > The situation here is that pyopenssl (Build-)Depends on -cryptography and > > zigos-package Depends on pyopenssl (and possibly -cryptography), right? > > More precisely, zigos-package *Build-Depends* on python-openssl, so a > more appropriate subject for this would have been "Making build-depends > versioned to avoid *FTBFS* bugs". > > I consider this distinction important, as this is not just an "ordinary bug", > it's a bug which breaks our promise that a source package will build > from source provided its build-dependencies are fulfilled.
To the contrary, unlike regular bugs, I'd say BUILD-dependencies have any reason to be considered only at most for package versions in: * stable * stable-backports * frozen testing (ie, to-become-stable, not in the middle of the cycle) * unstable * when you have a reason to care: experimental * perhaps some major derivatives without any heed for mixes of the above. On the other hand, regular bugs may be meaningful for any version that was in unstable even for a single dinstall, so it'd be nice to consider having Breaks at least for data-loss bugs. On the third hand, _upgrade_ bugs need to have Breaks for any combination of package versions since last stable, in every case. -- Second "wet cat laying down on a powered-on box-less SoC on the desk" close shave in a week. Protect your ARMs, folks!
