GNU bug report logs -
#61583
[PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946].
Previous Next
Reported by: Greg Hogan <code <at> greghogan.com>
Date: Fri, 17 Feb 2023 18:05:01 UTC
Severity: normal
Tags: patch
Done: Leo Famulari <leo <at> famulari.name>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Hi,
On Fri, 3 Mar 2023 at 22:57, Leo Famulari <leo <at> famulari.name> wrote:
> Overall, git and git-minimal will cause more than 300 rebuilds, but not
> too many for the current state of the build farm.
I get 546 dependent packages for git + git-minimal which need to be
re-built. And some are really expensive -- that what I meant by "a
lot of rebuilds". :-)
Well, I do not know if there is an issue with QA or it is just really
expensive but the process is still pending, if I read correctly
<https://qa.guix.gnu.org/issue/61583>.
> Concretely, why can't we push this to master immediately?
Somehow the guarantee that none of these 546 would not be broken by
the update. ;-)
Anyway, I had locally built them -- it took 3-4 days on my machine,
IIRC -- and I do not remember any "big" breakage, maybe a couple of
packages -- even maybe not since some are already broken. However, I
did not carefully tracked my process thinking to come back later --
well, I ran "guix gc" in the mean for checking stuff with SWH coverage
thinking that QA would have finished.
I do not have an opinion where or whether to push.
Cheers,
simon
This bug report was last modified 2 years and 77 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.