exiftool 12.25 #77174
exiftool 12.25 #77174
Conversation
BrewTestBot
added
the
bump-formula-pr
There was a problem hiding this comment.
This isn't marked as the production release yet: https://exiftool.org/history.html
|
Thanks for the PR anyway, @edspiner. We only update |
|
yeah I know (which is weird that ExifTool authors didn't mark new releases as stable) but version 12.24 introduced an important security fix to |
|
Reviewing the CVE report, this sounds serious. Let's skip our normal policy for this one version and switch back to stable versions when the next one comes out. |
|
Can we ask the exiftools authors to mark it stable in the meantime? We can't be the only ones who don't want to use unstable software. |
OS vendors have distributed via security patches repositories as their own patches. Is there such an option within homebrew? |
|
We can apply patches in the formula ( |
|
Agreed, at this point I think using this release is the simplest way to ensure we're shipping a fix. |
|
How are production releases for this tagged? Is that some future new release is cut, and then tagged as a production release, or is an older tag labelled as a production release after some time? If it's the former, switching back to the stable release is easy (it just involves a version bump). If it's the latter, then that could possibly involve a version downgrade, which I'd like to avoid. |
It's this, which makes things quite convenient for us. We can simply switch over to a new production release when it comes out. |
|
🤖 A scheduled task has triggered a merge. |
chenrui333
added
superseded
Created with
brew bump-formula-pr.