Debian Package Tracker - node-yarnpkg

general

source: node-yarnpkg (main)
version: 1.13.0-3
maintainer: Debian Javascript Maintainers (archive) (DMD)
uploaders: Paolo Greppi [DMD] [DM]
arch: all
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

stable: 1.13.0-1
testing: 1.13.0-3
unstable: 1.13.0-3

versioned links

1.13.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.13.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

yarnpkg (4 bugs: 0, 4, 0, 0)

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:00:57
Last run: 2019-10-13 01:35:06 UTC
Previous status: pass

testing: pass (log)
The tests ran in 0:00:59
Last run: 2019-10-12 01:45:01 UTC
Previous status: pass

stable: fail (log)
The tests ran in 0:00:15
Last run: 2019-04-29 14:50:30
Previous status: unknown

Created: 2019-07-07 Last update: 2019-10-13 21:44

A new upstream version is available: 1.19.1 high

A new upstream version 1.19.1 is available, you should consider packaging it.

Created: 2019-03-05 Last update: 2019-10-13 21:03

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.19.0-1~exp1, distribution experimental) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 1aee655a1270234a00a040235be6f3fd54da70f0
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 17:24:15 2019 +0200

    release to experimental

commit eaaf53a07a23a110affc20146e8622a70b8641b0
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 13:58:43 2019 +0200

    Update dependencies
    
    - add new run-time dependency
    - install files for run-time dependency resolve-package-path
    - update d/rules so that all run-time deps are in place
    - add dependency (node-path-root) of new run-time dep resolve-package-path
    - add dependencies of new build-dep string-replace-loader
    
    **NOTE**: we are cheating on the version of loader-utils, string-replace-loader/package.json says:
    
        "loader-utils": "^1.2.3",
    
    but we have 1.1.0 ATM

commit 0dac84dc440ffe02c3e94527cfb5ae7d8901aa39
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 13:55:08 2019 +0200

    Update manpage

commit afd0aba3eef8248c35512035dae65a5266a3562f
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 13:54:14 2019 +0200

    add attribution for resolve-package-path and string-replace-loader, refresh copyright

commit c1ef0c61e8ad62f4c0b11004f03ccc09faadcdde
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 13:45:57 2019 +0200

    refresh patches and remove force-https patch because it is included upstream

commit 729ca474ebb486d06c76f3f2c5396bada1764a5e
Merge: 2cd1a88 17b7f13
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 13:41:08 2019 +0200

    Update upstream source from tag 'upstream/1.19.0'
    
    Update to upstream version '1.19.0'
    with Debian dir 182a22693b829fe31a07e76a1a4ebd5f9cb5815a

commit 17b7f137e3ecbe3c5cbb2d912a26231eef8df2a0
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 13:39:23 2019 +0200

    New upstream version 1.19.0

commit 2cd1a880079cf58b725c13c7cf8ab81faec72366
Author: Paolo Greppi <paolo.greppi@libpf.com>
Date:   Thu Oct 3 13:36:18 2019 +0200

    in preparation for importing new release, embed new build dependency string-replace-loader and new run-time dependency resolve-package-path

Created: 2019-09-29 Last update: 2019-10-12 00:19

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-5448: Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network.

Please fix it.

Created: 2019-09-27 Last update: 2019-10-03 23:06

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.1 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-09-29 23:40

news

[rss feed]

[2019-10-02] node-yarnpkg 1.13.0-3 MIGRATED to testing (Debian testing watch)
[2019-09-29] Accepted node-yarnpkg 1.13.0-3 (source) into unstable (Paolo Greppi)
[2019-09-21] node-yarnpkg 1.13.0-2 MIGRATED to testing (Debian testing watch)
[2019-09-19] Accepted node-yarnpkg 1.13.0-2 (source) into unstable (Paolo Greppi)
[2019-02-04] node-yarnpkg 1.13.0-1 MIGRATED to testing (Debian testing watch)
[2019-01-28] Accepted node-yarnpkg 1.13.0-1 (source all) into unstable, unstable (Paolo Greppi) (signed by: Xavier Guimard)

bugs [bug history graph]

all: 4
RC: 0
I&N: 4
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.13.0-1build1