On 10/03/20 8:08 pm, Mason James wrote:
Hi Koha devs
We have a dependency problem with the release of debian-10 and the following packages. (debian-11 is ok)
libmojolicious-perl libmojolicious-plugin-openapi-perl libyaml-libyaml-perl
Two other options... 1/ use kc.org debian packages, with cpanminus (or similar) providing the distro specific packages (extra installation steps and complexity) 2/ ignore the problem for now, and accept that older koha/distro combinations will be forced to break
some other points i didnt mention... koha on buster has a security bug. the solution requires some packages to be updated i can push the packages to the koha repo to fix this problem, but... (there's always a but) the new packages will break jessie :/ when jessie-lts support officially finishes on 30th june 2020, i can happily push these packages - but between now and 30th june we need to decide on a fix for the security bug on buster https://wiki.debian.org/LTS some other options... 3/ do nothing and tell people to not use buster, until june 4/ provide buster packages in an separate repo, until june 5/ provide instructions to add buster packages using cpanm, until june 6/ update koha repo to fix buster, and provide jessie packages in an separate repo 7/ update koha repo to fix buster, and provide instructions to add jessie packages using cpanm 8/ submit required buster packages to debian buster-backports repo (not sure how difficult this is) i prefer option 4/, as its the least disruptive for users, and only requires an extra sources.list line to implement also... i think we should hold off on redesigning the koha apt repository until *after* this buster security issue is fixed cheers, Mason