- Package:
- src:zabbix
- Source:
- src:zabbix
- Submitter:
- Bastien Roucaries
- Date:
- 2026-01-24 20:21:02 UTC
- Severity:
- normal
- Tags:
Hi, You vendor about 830kb of go package This should be avoided and you should use packaged go package in order to ease security support rouca
I disagree strongly. It is a necessary tradeoff to allow backporting. If package is not buildable in "stable" due to lack of some (non-backported) Golang dependency, then we may not be able to upload fixes for something much more important than optional Golang agent2 component. I will downgrade severity of this issues.--- Today, all statism is based entirely upon the assumption that people can delegate rights they don't have. -- Larken Rose, The Most Dangerous Superstition
I disagree strongly. It is a necessary tradeoff to allow backporting. If package is not buildable in "stable" due to lack of some (non-backported) Golang dependency, then we may not be able to upload fixes for something much more important than optional Golang agent2 component. I will downgrade severity of this issues.--- Today, all statism is based entirely upon the assumption that people can delegate rights they don't have. -- Larken Rose, The Most Dangerous Superstition
Le vendredi 23 janvier 2026, 08:14:25 heure normale d’Europe centrale Dmitry Smirnov a écrit : Yes but for sid it is not the way to go
Le vendredi 23 janvier 2026, 08:14:25 heure normale d’Europe centrale Dmitry Smirnov a écrit : Yes but for sid it is not the way to go