#1141069 privoxy: Use of badssl.com in autopkgtests is flaky

Package:
src:privoxy
Source:
src:privoxy
Submitter:
Mark Hindley
Date:
2026-06-29 09:13:01 UTC
Severity:
normal
#1141069#3
Date:
2026-06-29 08:49:05 UTC
From:
To:
Dear Maintainer,

The privoxy check-ssl autopkgtest is flaky and unreliable. It utilises
badssl.com which regularly returns 503 or other error instead of the expected
403.

  62s 2026-06-26 09:08:52: Requesting https://expired.badssl.com/
  62s 2026-06-26 09:08:52: Ooops. We expected status code 403, but received: 503.

This breaks privoxy's autopkgests and (perhaps more importantly) introduces
apparent regressions in other packages.

The Github source for badssl.com[1] makes it clear that baddssl.com is not
suitable for automated CI testing.

Please remove the test, or at least mark it flaky until it can provide the
necessary reliability and coverage.

Thanks.

Mark

[1]  https://github.com/chromium/badssl.com#disclaimer
#1141069#6
Date:
2026-06-29 09:12:00 UTC
From:
To:
Re: Mark Hindley

pgsql-http had a similar problem with https://httpbun.org/. We managed
to get it working using gunicorn:

https://salsa.debian.org/postgresql/pgsql-http/-/blob/master/debian/tests/installcheck?ref_type=heads#L6-9

Christoph