Date: Wed, 12 Mar 2014 09:32:47 +0100 From: John Marino <freebsd.contact@marino.st> To: Dmitry Sivachenko <demon@FreeBSD.org> Cc: svn-ports-head <svn-ports-head@freebsd.org>, svn-ports-all <svn-ports-all@freebsd.org>, "Timur I. Bakeyev" <timur@FreeBSD.org>, Xin LI <delphij@freebsd.org>, "ports-committers@freebsd.org" <ports-committers@freebsd.org> Subject: Re: svn commit: r347949 - in head/net: samba36 samba4 samba41 Message-ID: <53201BAF.2020300@marino.st> In-Reply-To: <716B2664-E940-4B24-8D11-71325127A1E0@FreeBSD.org> References: <201403120107.s2C17UgI088987@svn.freebsd.org> <CALdFvJGqKbQcJB4axBBaGZE=WrnC%2BdA4dBq9oEE6S%2Bh_zVb7hw@mail.gmail.com> <53201627.8060100@marino.st> <716B2664-E940-4B24-8D11-71325127A1E0@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/12/2014 09:27, Dmitry Sivachenko wrote: > > On 12 марта 2014 г., at 12:09, John Marino <freebsd.contact@marino.st> wrote: > >> On 3/12/2014 07:19, Timur I. Bakeyev wrote: >>> The practice of certain commiters just randomly picking up ports and >>> making changes there without contacting maintainer beforehand becomes >>> more and more annoying and abusive recently. >>> >>> I've spent all night, trying to put all the stacked changes all together >>> and test Samba ports when at a commit attempt suddenly learn, that >>> someone felt the urge to interfere and bump port versions just cause he >>> was in a mood. Well, thanks a lot. >>> >>> And yes, I hate to change PORTREVISION. >>> >>> Have a nice day. >> >> Er, what? >> It was a security update. >> All the dependent ports had to be bumped in order to force incremental >> builders to pick up the security fix. >> As a bystander, I see nothing wrong with what happened, nor do I >> categorize that as abuse. >> >> My quick judgement of the day: He's right, you are wrong. >> >> I hope your day is nice too. >> > > > Actually updating vuln.xml is enough to warn people about vulnerability. > So the actual update of the port could be easily postponed for some time, provided maintainer is responsive and update could be easily coordinated. > > Your attitude does not encourage people to participate you know. > What's my attitude have to do with things? I'm a third party, this is the first I've heard of it. Why would somebody "not participate" based on my opining on who is correct after that aggressive email? Dmitry, you obviously don't understand why ports are bumped. It is not to "warn people", it is to notify package builders (machines). If the version number doesn't change (of which PORTREVISION is a part) then the package might not be rebuilt if it is an incremental run. Bumping it guarantees the security fix is in place. Additionally, policy is to fix binary packages ASAP so that vulnerabilities are not distributed after they are fixed. John
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53201BAF.2020300>