After we make a stable release, there is usually a constant flow
of packages which start to FTBFS due to "time bombs", i.e. expired
SSL certificates used in tests and other similar reasons.
This is not fun for anybody trying to keep stable free of FTBFS bugs,
but fortunately we can do better than that.
According to Paul Gevers, who allowed me to quote him on this, if we
know for sure that a package will FTBFS during the support time of
the release, then it's RC.
So, if we aim at releasing stable every two years, and we released bookworm >at 2023-06-10, then the estimated support timeframe for trixie will be >approximately from 2025-06-10 to 2028-06-10 (two years as stable plus one >year as oldstable).
Therefore, I set my clock at 2028-06-10 and built trixie/sid on such date, >and found around 50 packages with time bomb issues of all kinds. A preliminary >list of build logs is available here:
https://people.debian.org/~sanvila/build-logs/trixie-time-bomb/
My plan is to file bug reports for the causing packages, initially
as severity:important bugs as a "grace period". (Paul asked me not to
report this as RC yet, because the t64 transition has not finished yet.
On the other hand, he also pointed out that now is the appropriate
time to report those bugs).
On May 26, 2024 5:35:27 PM UTC, Santiago Vila <sanvila@debian.org> wrote: >https://people.debian.org/~sanvila/build-logs/trixie-time-bomb/
The clamav issue looks like a false positive. The distro-info data will get updated between now and then.
The clamav issue looks like a false positive. The distro-info data
will get updated between now and then.
On Sun, May 26, 2024 at 05:43:54PM +0000, Scott Kitterman wrote:
On May 26, 2024 5:35:27 PM UTC, Santiago Vila <sanvila@debian.org> wrote:
https://people.debian.org/~sanvila/build-logs/trixie-time-bomb/The clamav issue looks like a false positive. The distro-info data will get updated between now and then.
I see this failure:
| Test that clam can trust an EXE based on an authenticode certificate check.
This clearly sounds like an expiration date somewhere, esp as this looks
like a shipped binary.
So, you where talking about developers-reference. However I don't see
how a probable update of distro-info would make this a false positive.
In fact, it is an explicit time bomb.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 360 |
Nodes: | 16 (2 / 14) |
Uptime: | 128:39:27 |
Calls: | 7,686 |
Files: | 12,828 |
Messages: | 5,711,092 |