Bug#782344: marked as done (unblock: python-django/1.8-1)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Mon, 20 Apr 2015 19:57:01 +0100
with message-id <20150420185701.GB7346@lupin.home.powdarrmonkey.net>
and subject line Re: Bug#782344: unblock: python-django/1.8-1
has caused the Debian Bug report #782344,
regarding unblock: python-django/1.8-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
782344: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782344
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: python-django/1.8-1
• From: Luke Faraone <lfaraone@debian.org>
• Date: Fri, 10 Apr 2015 11:54:49 -0400
• Message-id: <[🔎] 20150410155449.15203.6172.reportbug@luke-microkernel.zulip.net>

Package: release.debian.org
Severity: normal
Tags: security
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package python-django

I have not yet uploaded python-django 1.8 to unstable, but would like to do so.

== Justification ==

We are currently slated to ship the 1.7 series. Upstream's security and support
policy[1] indicates that they generally only support the current stable release
and the one prior, with the exception of releases designated as "long-term
support" releases.

As Django 1.8 is out, we will lose upstream security support for 1.7 as soon as
1.9 is released. However, 1.8 is a "long-term support" release, which will
receive support until at least April 2018[2].

It would improve the security of our users to ship a version in the next stable
release of Debian that will be supported by upstream for the duration of our
release. Django is a mature project with sound release-engineering practices,
and it would be useful to leverage the work they are doing to the maximum
extent. To quote[2]:

> Minor releases (A.B.C, etc.) will be issued as needed, often to fix security
issues. These releases will be 100% compatible with the associated major
release, unless this is impossible for security reasons or to prevent data
loss. So the answer to “should I upgrade to the latest minor release?” will
always be “yes.”


[1]: https://docs.djangoproject.com/en/1.8/internals/release-process
/#supported-versions
[2]: https://www.djangoproject.com/download/

== Discussion of changes ==

>From a careful reading of the changelog[3], comparing against the dependencies
we currently provide in testing:

  - The supported Python versions has not changed between versions.
  - Support for MySQL <5.5 has been dropped. We only ship 5.5 in testing.
  - Support for PostgreSQL <9.0 has been dropped. We only ship 9.4 in testing.
  - Support for GEOS 3.1 has been dropped. We only ship 3.4.2 in testing.
  - Support for SpatiaLite <2.4 has been dropped. We only ship 4.1.1

Various features have been deprecated, this will not impact end-users other
than the raising of a DeprecationWarning.

I am committed to testing all of the reverse-depends currently shipped by
Debian to identify any possible breakage, but a cursory review did not indicate
any obvious candidates. I anticipate to be done with this review by 14 April
2015.

[3]: https://docs.djangoproject.com/en/1.8/releases/1.8/

unblock python-django/1.8-1

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

--- End Message ---

--- Begin Message ---

• To: Vladimir Macek <macek@sandbox.cz>, 782344-done@bugs.debian.org
• Cc: Neil Williams <codehelp@debian.org>
• Subject: Re: Bug#782344: unblock: python-django/1.8-1
• From: Jonathan Wiltshire <jmw@debian.org>
• Date: Mon, 20 Apr 2015 19:57:01 +0100
• Message-id: <20150420185701.GB7346@lupin.home.powdarrmonkey.net>
• In-reply-to: <[🔎] 20150420144041.2826fa33@sylvester.codehelp>
• References: <[🔎] 5534FBEA.807@sandbox.cz> <[🔎] 20150420144041.2826fa33@sylvester.codehelp>

Control: tag -1 wontfix

On Mon, Apr 20, 2015 at 02:40:41PM +0100, Neil Williams wrote:
> On Mon, 20 Apr 2015 15:15:22 +0200
> Vladimir Macek <macek@sandbox.cz> wrote:
> 
> > Hi, I'm an avid user of both Debian and Django. I'd like to say
> > thanks Luke for trying to get the 1.8 LTS to the new stable Debian.
> > 
> > It would certainly be awesome for many Django-based apps to not
> > require it's own copy of Django in their environments. And 1.8 looks
> > like an exceptionally well-baked release.
> > 
> > >From what I see it's unfortunately not the case and we'll stick to
> > >1.7.7.
> 
> When 1.8 isn't even in experimental so that packages using django can
> even test with the new major release, it is not a good idea to cause
> the possible removal of reverse dependencies or trigger bugs in reverse
> dependencies. Those reverse dependencies have not had time to get any
> changes for django1.8 into testing. This would be particularly
> difficult when those upstreams are also trying to retain support for
> 1.6 in Trusty.
> 
> Please do not unblock python-django - 1.8 can always go in via
> backports.

Agree.

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Attachment: signature.asc
Description: Digital signature

--- End Message ---