From owner-svn-ports-all@FreeBSD.ORG Wed Mar 12 08:33:22 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 43DFEF43; Wed, 12 Mar 2014 08:33:22 +0000 (UTC) Received: from shepard.synsport.net (mail.synsport.com [208.69.230.148]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 16AB5B39; Wed, 12 Mar 2014 08:33:21 +0000 (UTC) Received: from [192.168.0.20] (unknown [130.255.19.191]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by shepard.synsport.net (Postfix) with ESMTP id CA6B943B99; Wed, 12 Mar 2014 03:33:02 -0500 (CDT) Message-ID: <53201BAF.2020300@marino.st> Date: Wed, 12 Mar 2014 09:32:47 +0100 From: John Marino User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: Dmitry Sivachenko Subject: Re: svn commit: r347949 - in head/net: samba36 samba4 samba41 References: <201403120107.s2C17UgI088987@svn.freebsd.org> <53201627.8060100@marino.st> <716B2664-E940-4B24-8D11-71325127A1E0@FreeBSD.org> In-Reply-To: <716B2664-E940-4B24-8D11-71325127A1E0@FreeBSD.org> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: svn-ports-head , svn-ports-all , "Timur I. Bakeyev" , Xin LI , "ports-committers@freebsd.org" X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: marino@freebsd.org List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Mar 2014 08:33:22 -0000 On 3/12/2014 09:27, Dmitry Sivachenko wrote: > > On 12 марта 2014 г., at 12:09, John Marino wrote: > >> On 3/12/2014 07:19, Timur I. Bakeyev wrote: >>> The practice of certain commiters just randomly picking up ports and >>> making changes there without contacting maintainer beforehand becomes >>> more and more annoying and abusive recently. >>> >>> I've spent all night, trying to put all the stacked changes all together >>> and test Samba ports when at a commit attempt suddenly learn, that >>> someone felt the urge to interfere and bump port versions just cause he >>> was in a mood. Well, thanks a lot. >>> >>> And yes, I hate to change PORTREVISION. >>> >>> Have a nice day. >> >> Er, what? >> It was a security update. >> All the dependent ports had to be bumped in order to force incremental >> builders to pick up the security fix. >> As a bystander, I see nothing wrong with what happened, nor do I >> categorize that as abuse. >> >> My quick judgement of the day: He's right, you are wrong. >> >> I hope your day is nice too. >> > > > Actually updating vuln.xml is enough to warn people about vulnerability. > So the actual update of the port could be easily postponed for some time, provided maintainer is responsive and update could be easily coordinated. > > Your attitude does not encourage people to participate you know. > What's my attitude have to do with things? I'm a third party, this is the first I've heard of it. Why would somebody "not participate" based on my opining on who is correct after that aggressive email? Dmitry, you obviously don't understand why ports are bumped. It is not to "warn people", it is to notify package builders (machines). If the version number doesn't change (of which PORTREVISION is a part) then the package might not be rebuilt if it is an incremental run. Bumping it guarantees the security fix is in place. Additionally, policy is to fix binary packages ASAP so that vulnerabilities are not distributed after they are fixed. John