[ACTION REQUIRED] Retiring packages for F-17
Nathanael D. Noblet
nathanael at gnat.ca
Thu Jan 19 23:43:59 UTC 2012
On 01/19/2012 04:30 PM, Adam Williamson wrote:
> On Sat, 2012-01-14 at 19:12 +0100, Kevin Kofler wrote:
>> Kevin Fenzi wrote:
>>> Keeping packages around with no maintainers or people handling their
>>> bugs is poor for everyone.
>>
>> Why? If I, as a user, really need a certain piece of software, I'd rather
>> have an unmaintained package than none at all! Worst case, I can't use the
>> package at all, in which case I'm still no worse off than with no package at
>> all!
>
> I disagree. The existence of a package triggers certain assumptions: the
> package will be maintained and keep working. That's the point of there
> *being* a package, after all. So if there's a package for something, I
> don't check for security updates for that 'something' myself. I figure
> the packager is doing that for me.
>
> So if I wind up with an unmaintained package installed, my security has
> just been reduced.
I can see both points here. Is it worth it to create a repo / koji tag
for 'unmaintained' packages? They automatically get put there and
someone enabling it would hopefully know what that means.
That way everyone is happy, someone who wants it around gets it, and can
take ownership if they so choose, but the base set of packages is
'maintained'...?
--
Nathanael d. Noblet
t 403.875.4613
More information about the devel
mailing list