Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 22 Apr 2009 14:30:49 +0100
From:      Shaun Amott <shaun@FreeBSD.org>
To:        Mark Foster <mark@foster.cc>
Cc:        freebsd-ports@FreeBSD.org
Subject:   Re: ports/132800: vuxml submission for net-im/ejabberd
Message-ID:  <20090422133048.GA85102@charon.picobyte.net>
In-Reply-To: <49E8A264.7000001@foster.cc>
References:  <49E8A264.7000001@foster.cc>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 17, 2009 at 08:38:12AM -0700, Mark Foster wrote:
> 
> I'm following up regarding this apparent maintainer timeout. It's not my 
> intention to place blame, but to me it is unacceptable that important 
> security (vuxml) updates are sometimes blocked by unresponsive 
> maintainers. It is not in the best interest of the users or FreeBSD to 
> let these things slip.
> 
> The vuxml updates should be reviewed & committed without waiting on the 
> maintainer of the port. Perhaps a simple non-blocking heads-up (Cc:) to 
> the maintainer is more appropriate. Once publicized, the security 
> notifications (via portaudit) become known to a wider, targetted 
> audience. This establishes an important feedback loop as opposed to 
> keeping the problem a "secret", since the users are more likely to 
> either nudge the maintainer for an update to the port or submit one (via 
> send-pr) themselves.
> 

Sorry about this - I forgot about this particular PR. VuXML entries
often do get fast-tracked if they are particularly serious. In fact, I'm
not sure the usual maintainer timeout even applies.

However, I do think maintainers should be consulted, as it is not always
clear if a bug affects the FreeBSD build of a given piece of software;
sometimes the issue may even have been patched already in a port.

-- 
Shaun Amott // PGP: 0x6B387A9A
"A foolish consistency is the hobgoblin
of little minds." - Ralph Waldo Emerson



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090422133048.GA85102>