Date: Sat, 30 Mar 2024 17:00:08 +0100 From: =?UTF-8?Q?Fernando_Apestegu=C3=ADa?= <fernando.apesteguia@gmail.com> To: Daniel Engberg <daniel.engberg.lists@pyret.net> Cc: Gleb Popov <arrowd@freebsd.org>, Alexey Dokuchaev <danfe@freebsd.org>, "ports-committers@FreeBSD.org" <ports-committers@freebsd.org>, dev-commits-ports-all@freebsd.org, dev-commits-ports-main@freebsd.org Subject: Re: git: 020281bef16d - main - archivers/fastjar: remove undue deprecation of maintained port Message-ID: <CAGwOe2azznY5jtMdL4uuupMi3SgCd5Pj7O7wWT7qtcV_zDNUNA@mail.gmail.com> In-Reply-To: <03cc3443b1bbb8ec3ff881e73483b2cb@mail.infomaniak.com> References: <202403300538.42U5c9Fc039162@gitrepo.freebsd.org> <CALH631ns%2Bwp5gmR8c0mahc5JOVDJ2KRPgqmkbxbwhbjNKR5LYQ@mail.gmail.com> <03cc3443b1bbb8ec3ff881e73483b2cb@mail.infomaniak.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] El sáb, 30 mar 2024, 14:21, Daniel Engberg <daniel.engberg.lists@pyret.net> escribió: > On 2024-03-30T09:06:51.000+01:00, Gleb Popov <arrowd@freebsd.org> wrote: > > On Sat, Mar 30, 2024 at 8:38 AM Alexey Dokuchaev <danfe@freebsd.org> > wrote: > > > > > > > > The branch main has been updated by danfe: > > > > > > URL: > https://cgit.FreeBSD.org/ports/commit/?id=020281bef16d866a64bac35850f21ae27f956b5c > > > > > > commit 020281bef16d866a64bac35850f21ae27f956b5c > > > Author: Alexey Dokuchaev <danfe@FreeBSD.org> > > > AuthorDate: 2024-03-30 05:36:18 +0000 > > > Commit: Alexey Dokuchaev <danfe@FreeBSD.org> > > > CommitDate: 2024-03-30 05:36:18 +0000 > > > > > > archivers/fastjar: remove undue deprecation of maintained port > > > > It is my personal opinion, but I think that one should assume > > maintainership when undeprecating a port (especially maintained by a > group) > > I also found an old CVE which I don't know if it's fixed or not. > https://www.opencve.io/cve/CVE-2006-3619 If you don't know, then it is not an argument to keep the port deprecated. If you are, then it might be. Even in that case, as per the handbook, ports with security issues are marked as FORBIDDEN, not DEPRECATED: https://docs.freebsd.org/en/books/porters-handbook/book/#security-fix > > There's also a fork here from what I can tell: > http://download.savannah.nongnu.org/releases/fastjar/ > > I don't know if it's worth keeping for less than a sec of processing and > newer version of openjdk might have improved performance too (openjdk8 is > pretty old). > *might*? I think arguments for or against deprecating should not be guesses. Don't get me wrong, I'm all for keeping the ports tree clean, but these "a posteriori" (non) arguments sound a bit weak :-) > Best regards, > Daniel > [-- Attachment #2 --] <div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">El sáb, 30 mar 2024, 14:21, Daniel Engberg <<a href="mailto:daniel.engberg.lists@pyret.net" target="_blank" rel="noreferrer">daniel.engberg.lists@pyret.net</a>> escribió:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 2024-03-30T09:06:51.000+01:00, Gleb Popov <<a href="mailto:arrowd@freebsd.org" rel="noreferrer noreferrer" target="_blank">arrowd@freebsd.org</a>> wrote:<br> > On Sat, Mar 30, 2024 at 8:38 AM Alexey Dokuchaev <<a href="mailto:danfe@freebsd.org" rel="noreferrer noreferrer" target="_blank">danfe@freebsd.org</a>> wrote:<br> > <br> > > <br> > > The branch main has been updated by danfe:<br> > > <br> > > URL: <a href="https://cgit.FreeBSD.org/ports/commit/?id=020281bef16d866a64bac35850f21ae27f956b5c" rel="noreferrer noreferrer noreferrer" target="_blank">https://cgit.FreeBSD.org/ports/commit/?id=020281bef16d866a64bac35850f21ae27f956b5c</a><br>; > > <br> > > commit 020281bef16d866a64bac35850f21ae27f956b5c<br> > > Author: Alexey Dokuchaev <danfe@FreeBSD.org><br> > > AuthorDate: 2024-03-30 05:36:18 +0000<br> > > Commit: Alexey Dokuchaev <danfe@FreeBSD.org><br> > > CommitDate: 2024-03-30 05:36:18 +0000<br> > > <br> > > archivers/fastjar: remove undue deprecation of maintained port<br> > <br> > It is my personal opinion, but I think that one should assume<br> > maintainership when undeprecating a port (especially maintained by a<br> group)<br> <br> I also found an old CVE which I don't know if it's fixed or not. <br> <a href="https://www.opencve.io/cve/CVE-2006-3619" rel="noreferrer noreferrer noreferrer" target="_blank">https://www.opencve.io/cve/CVE-2006-3619</a></blockquote></div></div><div dir="auto"><br></div><div dir="auto">If you don't know, then it is not an argument to keep the port deprecated. If you are, then it might be. Even in that case, as per the handbook, ports with security issues are marked as FORBIDDEN, not DEPRECATED:</div><div dir="auto"><br></div><div dir="auto"><a href="https://docs.freebsd.org/en/books/porters-handbook/book/#security-fix">https://docs.freebsd.org/en/books/porters-handbook/book/#security-fix</a></div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br> <br> There's also a fork here from what I can tell: <a href="http://download.savannah.nongnu.org/releases/fastjar/" rel="noreferrer noreferrer noreferrer" target="_blank">http://download.savannah.nongnu.org/releases/fastjar/</a><br>; <br> I don't know if it's worth keeping for less than a sec of processing and newer version of openjdk might have improved performance too (openjdk8 is pretty old).<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">*might*? I think arguments for or against deprecating should not be guesses.</div><div dir="auto"><br></div><div dir="auto">Don't get me wrong, I'm all for keeping the ports tree clean, but these "a posteriori" (non) arguments sound a bit weak :-)</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <br> Best regards,<br> Daniel<br> </blockquote></div></div></div>home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGwOe2azznY5jtMdL4uuupMi3SgCd5Pj7O7wWT7qtcV_zDNUNA>