Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 9 Nov 2011 23:24:35 +0100
From:      Baptiste Daroussin <bapt@FreeBSD.org>
To:        Stanislav Sedov <stas@deglitch.com>
Cc:        ports@FreeBSD.org
Subject:   Re: Recent ports removal
Message-ID:  <20111109222435.GD92221@azathoth.lan>
In-Reply-To: <20111109124325.17efc0d1.stas@deglitch.com>
References:  <20111109124325.17efc0d1.stas@deglitch.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--cHMo6Wbp1wrKhbfi
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Nov 09, 2011 at 12:43:25PM -0800, Stanislav Sedov wrote:
> Hi!
>=20
> I noticed the following in the commit log:
> %
> %  Modified files:
> %    .                    MOVED=20
> %    devel                Makefile=20
> %    graphics             Makefile=20
> %  Removed files:
> %    devel/soup           Makefile distinfo pkg-descr pkg-plist=20
> %    devel/soup/files     patch-Makefile.in patch-configure=20
> %                         patch-docs::reference::Makefile.in=20
> %                         patch-soup-0.7.11-gcc41=20
> %                         patch-src_libsoup_soup-message.c=20
> %                         patch-src_libwsdl_wsdl-soap-memory.c=20
> %                         patch-src_libwsdl_wsdl-soap-parse.c=20
> %                         patch-src_libwsdl_wsdl-typecodes.c=20
> %    graphics/clutter-qt  Makefile distinfo pkg-descr pkg-plist=20
> %    graphics/librsvg     Makefile distinfo pkg-descr pkg-plist=20
> %    graphics/librsvg/files patch-Makefile.in patch-configure=20
> %                           patch-librsvg-config.in patch-rsvg-ft.c=20
> %                           patch-test-ft-gtk.c patch-test-ft.c=20
> %    graphics/p5-clutter  Makefile distinfo pkg-descr pkg-plist=20
> %  Log:
> %  2011-11-06 devel/soup: Unmaintain, use devel/libsoup
> %  2011-11-06 graphics/clutter-qt: upstream distfile and doesn't build, a=
nd %doesn't seem to be developed anymore
> %  2011-11-06 graphics/p5-clutter: upstream distfile disappeard, and does=
n't seem to be developed anymore
> %  2011-11-06 graphics/librsvg: unmaintained and not used anymore
>=20
> I just cannot get the commit message. librsvg -- not used by whom?  Perso=
nally,
> I used it in one of my older projects (~ 10 years old) which I don't plan
> to rework to use rsvg2/gtk2 because it doesn't make sense for it.  So how
> do I use my project now on FreeBSD?
>=20
> It's also a lie that it's not maintained, it's maintained by ports@ maili=
ng
> list and the community.  So please, restore it.
>=20
> The same also probably goes for other ports, but I don't have enough deta=
ils
> to comment.
>=20
> Thanks!
>=20

They have been deprecated for a while and noone said anything about those, =
that
is the purpose of the DEPRECATED status. The "not used anymore" mean not us=
ed in
the portstree (ie no more depended on).

If someone really needs it, he can:=20
1- install it by hand
2- maintain the port
3- just come up when someone deprecate it saying please undeprecate I really
need it.
4- they should be a lot more options.

I has been deprecated and removed just because upstream don't maintain it, =
no
one looks at the "maybe" security problem if any etc.

Of course it could have been a mistake to remove this one in particular, in=
 that
case sorry about that.

Concerning the fact that it is "maintained" by ports@, if it would really b=
e the
case why it is still in the tree while it depends on libxml1 for which in a=
bout
5s I find a security issue:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=3DCVE-2011-1944 which hasn'=
t been
reported and hasn't been fixed at all, which means librsvg1 is also vulnera=
ble.=20

the problem is that those ports abandonned upstream are not really maintain
anymore, and can lead to a real security problem.


note that I don't know yet how the libxml1 vulnerability can have an impact=
 on
librsvg, this is just a 5s example.

regards,
Bapt

--cHMo6Wbp1wrKhbfi
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk66/aMACgkQ8kTtMUmk6EzotgCeJRvAVJSnczBly9wcoPPKE7vu
NWwAoI0IXqgotjxCz01lixcWQFwKJmL0
=iEbd
-----END PGP SIGNATURE-----

--cHMo6Wbp1wrKhbfi--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111109222435.GD92221>