Date: Wed, 12 Dec 2018 16:36:06 +0100 From: Mathieu Arnold <mat@FreeBSD.org> To: Matthew Seaman <matthew@FreeBSD.org> Cc: Mathieu Arnold <mat@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r487286 - head/security/vuxml Message-ID: <20181212153606.6tqrvu5v275mqysv@ogg.in.absolight.net> In-Reply-To: <3d70d3fe-0c5d-c6aa-c8af-68d3eb1adbc9@FreeBSD.org> References: <201812120916.wBC9G4Y0075539@repo.freebsd.org> <20181212095700.wn4csjwred4gugme@atuin.in.mat.cc> <5db2345e-c8c0-1b2a-0d3f-40af99219cd4@FreeBSD.org> <20181212103051.xpzsfs3s3mvx2fj5@atuin.in.mat.cc> <3d70d3fe-0c5d-c6aa-c8af-68d3eb1adbc9@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--w6qvlpnbzlx7quok Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 12, 2018 at 10:57:12AM +0000, Matthew Seaman wrote: > On 12/12/2018 10:30, Mathieu Arnold wrote: > > On Wed, Dec 12, 2018 at 10:26:29AM +0000, Matthew Seaman wrote: > > > On 12/12/2018 09:57, Mathieu Arnold wrote: > > > > On Wed, Dec 12, 2018 at 09:16:04AM +0000, Matthew Seaman wrote: > > > > > Author: matthew > > > > > Date: Wed Dec 12 09:16:04 2018 > > > > > New Revision: 487286 > > > > > URL: https://svnweb.freebsd.org/changeset/ports/487286 > > > > >=20 > > > > > Log: > > > > > PHP 70 was EoL'd and is no longer in the ports. > > > > > Reported by: joneum > > > >=20 > > > > No longer in trunk, still in the quarterly, please put it back. > > > >=20 > > >=20 > > > It's been put back now. > >=20 > > As a side note, the descriptions in vuxml are not about what currently > > exists, it is about what once existed, so technically, even in two > > years, when recording a flavored php app, one should still mention all > > the previous package names, so that people with old ports tree who have > > not been updated in a while still get a notification that this app is > > vulnerable to something. >=20 > How far back should we take this? >=20 > Is there any limit on how old a ports tree and the packages installed from > it can be and still be expected to be supported by VuXML? Other than the > practical limitation of 'pkg audit' or some equivalent being available? There is technically no limit on how far back this should go, people often only upgrade when really required to. But to stay practical, trying to keep a few months of old package names, so that anything in at least the current quarterly still matches. --=20 Mathieu Arnold --w6qvlpnbzlx7quok Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKTBAABCgB9FiEEOraXidLtEhBkQLpbOkUW81GDzkgFAlwRKuZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNB QjY5Nzg5RDJFRDEyMTA2NDQwQkE1QjNBNDUxNkYzNTE4M0NFNDgACgkQOkUW81GD zkgJng//WzJWWeiZcgNTI1csZEXLkq8PUtN/pgnsW6nzeOKXLDuXhnRixPNzJA2X oHGQpalvPSQJ8RItmzbJOzoPDRogiA/Y8F3NaY9k5UfAr6RiaU+gZUr9R/qmY84n oDzoyKFLnv7HHXfAvndUgcGCIF9ZyEhgAG07L3UcVxM40THWSAzWEMaM7GIqn31Y qTGh7/9GNqhu6YvQHghyhljgUE5y7ds7On1vNoBDSLZ1/a7RWc4PoZV9/6PzAoFC QxafpuXbmjfdMuoWzws7fHh67r2v4pBSAfBgCKKDxf6NfxJIXky4snV77dFA8f6L HirnCGu0GJGsxsCFEMuJHRSNr5m1CT7i6lRAmsdewpz/d4qToA+shq00bnWIsrl1 c1RCCAUKtE5ryVvXHeP2g9XA7ZBkUH1HnRLy1x1ommF5HMmKE/7hbL6FKJePRDkU yVDVnQvYPZUOrDVi9RiRf5uqWPMrbQq8rq60wMrfS+B+/viGNXXYmYjVnmROKRhx +/Sq4OMjVAeqF1wT4eIXIiiJZFPYwC/c63icSew0E/kxIICXaUGREeokiTBER+yh sk/UQTI/WBVINcGdstw/LU9rwWnxpw2g5HW+gdr4bXLUiti8UrFWa2TSgndtneCc BngQtoxcC06lDu5dRDXkj14jFbiF5FYGd4Ve/vPY4s5Bsg4dg/c= =6R1J -----END PGP SIGNATURE----- --w6qvlpnbzlx7quok--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181212153606.6tqrvu5v275mqysv>