Date: Wed, 27 Apr 2011 23:54:52 +0200 From: Erik Trulsson <ertr1013@student.uu.se> To: Eitan Adler <lists@eitanadler.com> Cc: "Mikhail T." <mi+thun@aldan.algebra.com>, Robert Huff <roberthuff@rcn.com>, Wesley Shields <wxs@freebsd.org>, freebsd-ports@freebsd.org, Chip Camden <sterling@camdensoftware.com> Subject: Re: saving a few ports from death Message-ID: <20110427215452.GA32138@owl.midgard.homeip.net> In-Reply-To: <BANLkTin4XSY3CBi%2BXnDjb-Nzu-mJk=yU5w@mail.gmail.com> References: <20110426163424.GB38579@comcast.net> <20110426141209.0d07bccf@seibercom.net> <20110426184315.GA2320@libertas.local.camdensoftware.com> <19895.13977.553973.609431@jerusalem.litteratus.org> <4DB83D6E.9000800@aldan.algebra.com> <BANLkTik_65bxMgiQMyy1aojDuDjb6BX%2BgQ@mail.gmail.com> <4DB876AE.9050906@aldan.algebra.com> <20110427204723.GA74591@atarininja.org> <4DB882C8.8090604@aldan.algebra.com> <BANLkTin4XSY3CBi%2BXnDjb-Nzu-mJk=yU5w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 27, 2011 at 05:05:57PM -0400, Eitan Adler wrote: > >> apache13 is EOL upstream. We should not have ports for EOL software. > > > > Why not, exactly?.. > > What happens if a security hole or a bug is found? Are we the ones to > fix it? If yes are we to host the patches? Where should the bug > reports go to - our bug tracker? What if our implementation ceases to > match established documentation? Should we host the docs too? "We"? Who is this "we" you keep talking about here? If a port has a security hole then it is up to the maintainer to find a fix for it - if this fix is a patch he/she comes up with or a switch to a newer upstream version is irrelevant. If there is no maintainer and nobody else provides a fix either, it is time to mark the port as FORBIDDEN and DEPRECATED and remove it after the deprecation period expires, just like how other broken ports are handled. > > The ports collection is one of *third party* software (with a couple > of small exceptions). If the third party says "this program is done, > has bugs which won't be fixed, etc" we should no longer support it. Depends on what you mean by "support", but removing a port just because upstream development has ceased is just plain silly. -- <Insert your favourite quote here.> Erik Trulsson ertr1013@student.uu.se
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110427215452.GA32138>