Package: gyrus Version: 0.3.12-1 Severity: important Tags: upstream wontfix X-Debbugs-Cc: Yavor Doganov <[email protected]>, Jonathan Carter <[email protected]>
gyrus is unmaintained upstream, and has been archived and made read-only: <https://gitlab.gnome.org/Archive/gyrus>. Its most recent release was in 2013. The version in Debian is effectively a fork, moving it from GTK 2 to GTK 3. However, there is no Debian maintainer since 2013 either (see #732011). I don't think it's a good idea for Debian to contain packages that nobody maintains, either upstream or downstream. This particular program seems to be a network client, which means it is probably security-sensitive. I'm also concerned that it's a special-purpose administrative IMAP client, yet is documented to not support TLS/SSL. If someone wants to maintain gyrus, I would recommend that they fork the (abandoned) upstream project and become its new upstream maintainer. Perhaps this package should be removed from testing/unstable? If anyone wants it, they can retrieve the most recent version from bullseye. smcv

