Date: Sat, 10 Aug 2019 11:18:52 -0700 From: Patrick Powell <papowell@astart.com> To: freebsd-ports@freebsd.org Subject: Re: PHP version retirement Message-ID: <64faf143-bae3-378c-3ee2-b196c2ea4111@astart.com> In-Reply-To: <CF1F28D6-1072-4BE6-B124-A97DE43FA4E6@waschbuesch.de> References: <CF1F28D6-1072-4BE6-B124-A97DE43FA4E6@waschbuesch.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2019-08-10 01:17, Martin Waschbüsch wrote: > Hi all, > > At least the last two versions of PHP, 5.6 & 7.0, were removed from ports as soon as (or even shortly before) they were no longer actively maintained upstream. > I am unsure what the exact reasoning behind this was, but I do not think it is a good idea moving forward: > > I suppose it is true that outdated & no longer supported versions of PHP could be seen as a security risk. So far so good. > > However, if, for whatever reason (and I think there are legitimate ones), I still need to use a now obsolete version of PHP, having them removed from ports effectively makes it harder for me to keep everything else up-to-date. > I might have to stick with an old ports revision so I cannot update other packages. > If I just keep PHP as is, and update other packages, I cannot easily switch to a new version of FreeBSD itself, because I'd have to go back to an old revision of ports (hopefully working with the OS version I updated to) to compile PHP and then do other packages. > Libraries / dependencies may change and break my PHP, etc. > So, on top of possible security concerns for the outdated software I use, I basically get an overall less secure / stable system to boot. > > Now, I am not suggesting we leave every old and outdated PHP version in ports, but why remove a port just days after it received its last security update upstream? (With PHP 5.6 it was actually removed from ports before it got its last update upstream). > > Would it not be better to have, say, the last two versions before current stable still in ports but with a huge disclaimer saying: use at your own risk, etc.? > > What do y'all think? > > Martin > _______________________________________________ > freebsd-ports@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-port Umm this was just the kick in the pants that I needed to switch to PHP 7. See https://www.glaver.org/blog/?p=1109 for a desperation 'I need PHP5.6' hack which I used during this update. I must say that the update to PHP 7 was relatively painless - there is PHP6 to PHP7 update support and lots of help/suggestions. I also found an embarassing amount of bad PHP code during the update process, something I should have suspected I would find. Note that the changes suggested by Mr. Glaver seem to be applicable to new versions of the Ports tree UPDATING and .../.mk files so you can use the latest Ports tree with the appropriate minor modifications. You can even generate a script to apply these updates/mods each time you run 'portsnap'. But I digress... -- Patrick Powell Astart Technologies papowell@astart.com 1509 Hollow Ct., Network and System San Diego, CA 92019 Consulting Cell 858-518-7581 FAX 858-751-2435 Web: papowell at astart dot com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?64faf143-bae3-378c-3ee2-b196c2ea4111>