1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1107931: unblock: golang-github-evanw-esbuild/0.25.5-1

    From =?UTF-8?B?SsOpcsOpbXkgTGFs?=@21:1/5 to All on Sat Jul 5 16:50:01 2025
    XPost: linux.debian.devel.release

    Le sam. 5 juil. 2025 à 15:57, Paul Gevers <[email protected]> a écrit :

    Control: tags -1 moreinfo

    Hi,

    On 26-06-2025 18:16, Paul Gevers wrote:
    Hi,

    On 26-06-2025 17:50, Jérémy Lal wrote:
    This is caused by the automated variables filled by dh-golang, not by
    golang-github-evanw-esbuild source package, of course.
    Static-Built-Using: ${misc:Static-Built-Using}
    Built-Using: ${misc:Built-Using}


    I know, it still prevents migration and needs to be resolved. See also
    my reply to bug #1108331.


    With golang out of the way, let's check again here. Can you go over the questions in our FAQ [1] in the "new upstream" section under "Moreinfo"
    and answer them?


    - Upstream has a long history of high-quality, targeted releases, with a thorough test suite
    - There has been only one upstream commit (adding a new feature) since that release (may 27).
    Knowing upstream, if release 0.25.5 had introduced a regression, it would
    have been already fixed.

    I classify the changelog.md entries like this:
    * BUGFIX: Fix a regression with `browser` in `package.json`
    * BUGFIX: Add support for certain keywords as TypeScript tuple labels
    * Feature, zero side effects, small change: Add CSS prefixes for the
    `stretch` sizing value
    * Feature, zero side effects, small change: Add simple support for CORS to esbuild's development server
    * BUGFIX: Pass through invalid URLs in source maps unmodified
    * Low security fix: Handle exports named `__proto__` in ES modules

    Some changes are not documented in the changelog:
    - Low security fix: Add additional guards for #4114 when using :is() (Fix
    for CSS: out-of-memory/hang target:safari11)
    - js api: simplify comma-separated array validation
    - js api: validate some options as arrays of strings
    (those last two are somewhat less pertinent, but they make sense).

    I hope that helps.

    <div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">Le sam. 5 juil. 2025 à 15:57, Paul Gevers &lt;<a href="mailto:[email protected]">[email protected]</a>&gt; a écrit :<br></
    <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Control: tags -1 moreinfo<br>

    Hi,<br>

    On 26-06-2025 18:16, Paul Gevers wrote:<br>
    &gt; Hi,<br>
    &gt; <br>
    &gt; On 26-06-2025 17:50, Jérémy Lal wrote:<br>
    &gt;&gt; This is caused by the automated variables filled by dh-golang, not by <br>
    &gt;&gt; golang-github-evanw-esbuild source package, of course.<br>
    &gt;&gt; Static-Built-Using: ${misc:Static-Built-Using}<br>
    &gt;&gt; Built-Using: ${misc:Built-Using}<br>
    &gt; <br>
    &gt; <br>
    &gt; I know, it still prevents migration and needs to be resolved. See also <br>
    &gt; my reply to bug #1108331.<br>


    With golang out of the way, let&#39;s check again here. Can you go over the <br>
    questions in our FAQ [1] in the &quot;new upstream&quot; section under &quot;Moreinfo&quot; <br>
    and answer them?</blockquote><div><br></div><div>- Upstream has a long history of high-quality, targeted releases, with a thorough test suite</div><div>- There has been only one upstream commit (adding a new feature) since that release (may 27).</div><
    Knowing upstream, if release 0.25.5 had introduced a regression, it would have been already fixed.</div><div><br></div><div>I classify the changelog.md entries like this:</div><div>* BUGFIX: Fix a regression with `browser` in `package.json`</div><div>
    * BUGFIX: Add support for certain keywords as TypeScript tuple labels</div><div>* Feature, zero side effects, small change: <span style="color:rgb(0,0,0)">Add CSS prefixes for the `stretch` sizing value</span></div><div><span style="color:rgb(0,0,0)">*
    Feature, zero side effects, small change: </span><span style="color:rgb(0,0,0)">Add simple support for CORS to esbuild&#39;s development server</span></div><div><span style="color:rgb(0,0,0)">* BUGFIX: </span><span style="color:rgb(0,0,0)">Pass through
    invalid URLs in source maps unmodified</span></div><div><span style="color:rgb(0,0,0)">* Low security fix: </span><span style="color:rgb(0,0,0)">Handle exports named `__proto__` in ES modules</span><span style="color:rgb(0,0,0)"> </span></div><div><br><
    /div><div>Some changes are not documented in the changelog:</div><div>- Low security fix: Add additional guards for #4114 when using :is() (Fix for CSS: out-of-memory/hang target:safari11)</div><div>- js api: simplify comma-separated array validation</
    <div>- js api: validate some options as arrays of strings</div><div>(those last two are somewhat less pertinent, but they make sense).</div><div><br></div><div>I hope that helps.</div><div><br></div></div></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)