Re: Embedded copy in quickfix upstream
Hi Alan,
I am the maintainer (uploader) of quickfix in Debian. Oddly, I somehow
missed the bug report about the FTBFS on riscv64.
On Sat, Jul 08, 2023 at 09:52:02AM -0400, Alan Beadle wrote:
> Hello,
>
> The upstream for quickfix contains a very old embedded library copy
> [1]. This originally came up in the context of a FTBFS on riscv64. It
> doesn't seem to be tracked here yet [2].
>
This was also something that I was not aware of.
> Debian already has a package for the library in question, called
> libdouble-conversion-dev.
>
> Quickfix upstream recently closed their bug [3] for the FTBFS on which
> I had mentioned the embedded copy, but the embedded copy is still
> present.
>
It looks like in recent days/weeks there has been a lot of activity with
upstream working to clean up many of the open PRs and other things like
that. I got the impression that their strategy is "close everything, and
whatever people really think is important they will create new
issues/PRs for".
In any event, I only saw this email because I subscribed to the security
tracker mailing list.
It would have been good to (1) ping me directly on the initial FTBFS bug
after some time with no response (again, I apologize for not having seen
it and responded), and (2) to CC me directly on this particular email,
rather then sending it only to the security tracker list.
As it is, I am now aware of this issue, and I can see about addressing
it soon.
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: