[ACTION REQUIRED] Retiring packages for F-17
Adam Williamson
awilliam at redhat.com
Thu Jan 19 23:30:50 UTC 2012
On Sat, 2012-01-14 at 19:12 +0100, Kevin Kofler wrote:
> Kevin Fenzi wrote:
> > Keeping packages around with no maintainers or people handling their
> > bugs is poor for everyone.
>
> Why? If I, as a user, really need a certain piece of software, I'd rather
> have an unmaintained package than none at all! Worst case, I can't use the
> package at all, in which case I'm still no worse off than with no package at
> all!
I disagree. The existence of a package triggers certain assumptions: the
package will be maintained and keep working. That's the point of there
*being* a package, after all. So if there's a package for something, I
don't check for security updates for that 'something' myself. I figure
the packager is doing that for me.
So if I wind up with an unmaintained package installed, my security has
just been reduced.
> (And now with my packager hat on, fixing and/or updating a package in
> the repo also requires less effort than unretiring a package which got
> removed.)
This is an important point: I think it would be much less of a problem
to retire packages if the process for unretiring them were not so
painful. I _do_ think the unretiring process is an excellent example of
unnecessary bureaucracy (as is the renaming process, good lord, what a
PITA). Those two things could stand to be trimmed down. At least to 'if
you're a provenpackager (or even just a sponsored packager) you can
unretire a package without any obstacles'.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the devel
mailing list