Discussion:
Bug#987022: unblock: spamassassin/3.4.5~pre1-4
(too old to reply)
Noah Meyerhans
2021-04-15 19:00:02 UTC
Permalink
Package: release.debian.org
Severity: normal
User: ***@packages.debian.org
Usertags: unblock

(I sent a similar message to debian-release recently, but am opening a
bug under the expectation that the post will get lost in the noise.)

There are a few issues in spamassassin that need to be addressed prior to
the bullseye release, and I'd like to discuss the best path forward.

Bullseye currently contains version 3.4.5~pre1-3, which is based on a
pre-release of the 3.4.5 upstream release. Upstream released 3.4.5 during
the bullseye freeze, and followed up immediately with a 3.4.6 to fix two
regressions [1] [2] that were not caught in testing. The regressions are
already present in 3.4.5~pre-3, so we'll need some form of an update.

I'd also like to include the fix for [3], which breaks installation in some
(uncommon) scenarios. The fix is small and should be low-risk.

These are all pretty clearly issues that need to get fixed. What I'm
specifically interested in discussing, though, is the various upstream
commits between the 3.4.5-pre1 release and 3.4.5-final. There are 37
commits in this set, involved in fixing 10 upstream bugs. As most of these
bugs involve miscategorization of processed email, leaving them unfixed can
potentially lead to data loss.

I've compiled a list of the upstream bugs fixed in their 3.4 branch at [4].

Most of the rest of the changes have to do with release administrivia
and housekeeping (svn branch management, updating the Apache logo,
updating version strings, spelling corrections, etc).

If it was completely up to me, I'd want 3.4.6-1 released with bullseye.
It will be better supported by upstream and contains all the relevant
bug fixes. IMO it's less likely to introduce any new regressions than a
3.4.5-pre1-4 with relevant changes pulled back from upstream's svn.
However, it's late in the freeze and I fully understand the policy wrt
to new upstream releases.

The alternative is that we update to a 3.4.5~pre1-4 that cherry-picks
only the specific commits targeting the bugs I'd like to fix. This
will definitely result in a smaller debdiff, but would still carry a
comparable level of risk due to the cherry-picked changes being most
of the actual code changes introduced upstream.

The debdiff for 3.4.6-1 is at [5]. The debdiff for 3.4.5~pre1-4 is at
[6].

Let me know how you'd like to proceed.

Thanks
noah

1. https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7897
2. https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7892
3. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977957
4. https://people.debian.org/~noahm/sa-bugs.html
5. https://people.debian.org/~noahm/spamassassin_3.4.6-1.debdiff
6. https://people.debian.org/~noahm/spamassassin_3.4.5~pre1-4.debdiff

unblock spamassassin/3.4.5~pre1-4
Debian Bug Tracking System
2021-04-20 19:00:02 UTC
Permalink
tags -1 confirmed moreinfo
Bug #987022 [release.debian.org] unblock: spamassassin/3.4.5~pre1-4
Added tag(s) moreinfo and confirmed.
--
987022: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987022
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Ivo De Decker
2021-04-20 19:00:02 UTC
Permalink
Control: tags -1 confirmed moreinfo

Hi Noah,
Post by Noah Meyerhans
Package: release.debian.org
Severity: normal
Usertags: unblock
(I sent a similar message to debian-release recently, but am opening a
bug under the expectation that the post will get lost in the noise.)
There are a few issues in spamassassin that need to be addressed prior to
the bullseye release, and I'd like to discuss the best path forward.
Bullseye currently contains version 3.4.5~pre1-3, which is based on a
pre-release of the 3.4.5 upstream release. Upstream released 3.4.5 during
the bullseye freeze, and followed up immediately with a 3.4.6 to fix two
regressions [1] [2] that were not caught in testing. The regressions are
already present in 3.4.5~pre-3, so we'll need some form of an update.
I'd also like to include the fix for [3], which breaks installation in some
(uncommon) scenarios. The fix is small and should be low-risk.
These are all pretty clearly issues that need to get fixed. What I'm
specifically interested in discussing, though, is the various upstream
commits between the 3.4.5-pre1 release and 3.4.5-final. There are 37
commits in this set, involved in fixing 10 upstream bugs. As most of these
bugs involve miscategorization of processed email, leaving them unfixed can
potentially lead to data loss.
I've compiled a list of the upstream bugs fixed in their 3.4 branch at [4].
Most of the rest of the changes have to do with release administrivia
and housekeeping (svn branch management, updating the Apache logo,
updating version strings, spelling corrections, etc).
If it was completely up to me, I'd want 3.4.6-1 released with bullseye.
It will be better supported by upstream and contains all the relevant
bug fixes. IMO it's less likely to introduce any new regressions than a
3.4.5-pre1-4 with relevant changes pulled back from upstream's svn.
However, it's late in the freeze and I fully understand the policy wrt
to new upstream releases.
The alternative is that we update to a 3.4.5~pre1-4 that cherry-picks
only the specific commits targeting the bugs I'd like to fix. This
will definitely result in a smaller debdiff, but would still carry a
comparable level of risk due to the cherry-picked changes being most
of the actual code changes introduced upstream.
The debdiff for 3.4.6-1 is at [5]. The debdiff for 3.4.5~pre1-4 is at
[6].
I suggest you upload 3.4.5~pre1-4 to unstable and 3.4.6-1 to experimental. I
haven't looked at 3.4.5~pre1-4 in detail yet, but I suspect it will be fine.
Once it migrates, we can look at 3.4.6-1 again, and by then, the upload to
experimental will at least show us obvious issues in the builds or the ci.

Please remove the moreinfo tag from this bug when 3.4.5~pre1-4 (or something
similar) is ready to migrate.

Thanks,

Ivo
Noah Meyerhans
2021-04-20 21:30:01 UTC
Permalink
Post by Ivo De Decker
Post by Noah Meyerhans
The debdiff for 3.4.6-1 is at [5]. The debdiff for 3.4.5~pre1-4 is at
[6].
I suggest you upload 3.4.5~pre1-4 to unstable and 3.4.6-1 to experimental. I
haven't looked at 3.4.5~pre1-4 in detail yet, but I suspect it will be fine.
Once it migrates, we can look at 3.4.6-1 again, and by then, the upload to
experimental will at least show us obvious issues in the builds or the ci.
Please remove the moreinfo tag from this bug when 3.4.5~pre1-4 (or something
similar) is ready to migrate.
So, naturally, it's not that simple. Experimental contains a 4.0.0
prerelease version, so getting 3.4.6-1 available there won't work.

In any case, I just uploaded 3.4.5~pre1-4 to unstable, and we can
consider 3.4.6-1 in unstable after it migrates. I think that's the next
best plan, if we're to consider 3.4.6 at all.

Thanks
noah
Noah Meyerhans
2021-05-11 15:30:02 UTC
Permalink
Control: tags -1 - moreinfo
Post by Noah Meyerhans
Post by Ivo De Decker
Post by Noah Meyerhans
The debdiff for 3.4.6-1 is at [5]. The debdiff for 3.4.5~pre1-4 is at
[6].
I suggest you upload 3.4.5~pre1-4 to unstable and 3.4.6-1 to experimental. I
haven't looked at 3.4.5~pre1-4 in detail yet, but I suspect it will be fine.
Once it migrates, we can look at 3.4.6-1 again, and by then, the upload to
experimental will at least show us obvious issues in the builds or the ci.
Please remove the moreinfo tag from this bug when 3.4.5~pre1-4 (or something
similar) is ready to migrate.
So, naturally, it's not that simple. Experimental contains a 4.0.0
prerelease version, so getting 3.4.6-1 available there won't work.
In any case, I just uploaded 3.4.5~pre1-4 to unstable, and we can
consider 3.4.6-1 in unstable after it migrates. I think that's the next
best plan, if we're to consider 3.4.6 at all.
OK, 3.4.5~pre1-4 is in unstable for 20 days and ready to migrate. I'd
still like to try to get 3.4.6-1 into bullseye if the timing permits,
but for now, please unblock 3.4.5~pre1-4. Thanks.

noah
Debian Bug Tracking System
2021-05-11 15:30:02 UTC
Permalink
tags -1 - moreinfo
Bug #987022 [release.debian.org] unblock: spamassassin/3.4.5~pre1-4
Removed tag(s) moreinfo.
--
987022: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987022
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Debian Bug Tracking System
2021-05-14 19:00:02 UTC
Permalink
Your message dated Fri, 14 May 2021 20:54:04 +0200
with message-id <887b66be-3287-44d2-c3a4-***@debian.org>
and subject line Re: Bug#987022: unblock: spamassassin/3.4.5~pre1-4
has caused the Debian Bug report #987022,
regarding unblock: spamassassin/3.4.5~pre1-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ***@bugs.debian.org
immediately.)
--
987022: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987022
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Loading...