Restoring debhelper dh5 compat for the LTS?

Wed Mar 23 23:03:48 UTC 2022

Hey Steve,

Thanks for the reply.

Le 23/03/2022 à 20:16, Steve Langasek a écrit :
> - Any package using compat level 5 does not, for example, get automatic
>    support for default build flags from dpkg-buildflags.  This means any
>    binaries built with compat level 5 should be considered insecure and
>    dangerous in their own right at this point, due to the lack of compiler
>    security flags.
I agree it's an issue but I don't find the position we have coherent so 
far. It seems also bogus to me that we hadn't been actively engaged or 
communicating about the issue if we believe it's of the higher importance.

Should we start reporting rls-...-incoming bugs for package built with 
dh5 in every supported Ubuntu series? That would seems proportionate 
step in regard of what you and Dimitri seems to consider the severity of 
the issue?
> - The merge of the debhelper version from Debian that included this change
>    (which was decided upstream) happened on February 14.  This was well
>    before Feature Freeze on February 24.  While in an ideal world someone
>    making this change would have communicated proactively to the Ubuntu
>    developers that it was coming and what impact it would have had, the lack
>    of such communication does not, in my view, invalidate the decision to do
>    the merge from Debian.

I didn't mean to imply that the merge was technically wrong or not 
respect our processes. Still it is late, has an non trivial impact on 
our workload and seemed a change the we got by luck rather than being 
actively seeking to bring it so I felt it was fair to asking the 
question of whether we wanted to consider reverting.

It's especially suboptimal than we basically stopped syncing from Debian 
around the time we included the change that made packages stop to build, 
which means we aren't autoimporting the fixes for those issues.

>  From my perspective, it is the responsibility of teams to factor time
> post-FF for the fixing of build failures into their capacity planning, and
> furthermore, the impact of this *particular* change on archive buildability
> should be rather small.  I see no reason to revert the change in question.
Speaking for desktop I'm not worried about being able to fix the build 
of the packages in our set, I simply believe it would benefit our users 
more if we were focusing on fixing rls targeted and user visible 
problems at this point of the cycle.

I'm also thinking about the impact it will have on universe and the 
number of ftbfsing package we will have in the archive for the LTS.

Cheers,
Sebastien Bacher