From owner-freebsd-ports@FreeBSD.ORG  Tue May 28 06:04:04 2013
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 5074CD9E;
 Tue, 28 May 2013 06:04:04 +0000 (UTC)
 (envelope-from freebsdml@marino.st)
Received: from shepard.synsport.net (mail.synsport.com [208.69.230.148])
 by mx1.freebsd.org (Postfix) with ESMTP id 29948AB5;
 Tue, 28 May 2013 06:04:03 +0000 (UTC)
Received: from [192.168.0.21] (unknown [130.255.16.8])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by shepard.synsport.net (Postfix) with ESMTP id 25B6D43B51;
 Tue, 28 May 2013 01:03:55 -0500 (CDT)
Message-ID: <51A448C3.90808@marino.st>
Date: Tue, 28 May 2013 08:03:47 +0200
From: John Marino <freebsdml@marino.st>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:10.0) Gecko/20120129 Thunderbird/10.0
MIME-Version: 1.0
To: Martin Wilke <miwi@FreeBSD.org>
Subject: Re: The vim port needs a refresh
References: <20130524212318.B967FE6739@smtp.hushmail.com>
 <20130527140609.3d3b9d23@gumby.homeunix.com> <444ndofstn.fsf@lowell-desk.lan>
 <20130527153440.020ab20e@gumby.homeunix.com> <51A3798C.9000004@marino.st>
 <20130527173633.0e196a08@gumby.homeunix.com> <51A38D87.8070102@marino.st>
 <20130527183620.5ff9d8b0@gumby.homeunix.com> <51A3A813.1060908@marino.st>
 <20130527210924.36432f32@gumby.homeunix.com> <51A3C331.901@marino.st>
 <20130528000505.6c506b1a@gumby.homeunix.com> <51A3E8A7.7030106@marino.st>
 <20130528004823.71bd739a@gumby.homeunix.com> <51A3F3F8.4030505@marino.st>
 <E0E4B885-A7C4-4FF7-80D6-CE6CA25D89FC@FreeBSD.org>
In-Reply-To: <E0E4B885-A7C4-4FF7-80D6-CE6CA25D89FC@FreeBSD.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "ports@FreeBSD.org Ports" <ports@FreeBSD.org>
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 May 2013 06:04:04 -0000

On 5/28/2013 02:44, Martin Wilke wrote:
>
> On the first note, complain about the patches to the upstream, not to us. This patches problem has been around since forever and so long the upstream
> is not changing anything about it, nor do we.

Hi Martin,
This statement is hand-waives the entire discussion, which took as a 
*given* that upstream is the problem who crazy policies will not change. 
  I already said that "95%" of the blame (probably more) should get 
allocated there.

The whole discussion started because upstream will clearly not change.

About rolling your own distfile, I completely disagree because we do not 
know what the maintaner has changed,
> and seeing it from the security view, I prefer to get all my patches from the original mirrors.

1. Yes, some amount of trust is necessary but hopefully we don't have 
maintainers that aren't trusted.

2. A trivial script can verify the roll-up contains only official 
patches, which could be executed by the committer prior to committing 
changes to distfile.  That's a pretty easy "security" issue to address.

I get your point but that issue could be solved.
John