On Tue, Apr 14, 2020 at 05:36:37PM +0100, Ben Hutchings wrote:
>
> If a package hasn't been uploaded for 7 years, then:
>
> * At least some of its binary packages were probably built by the
> uploader, not on a buildd
> * If it's written in C or C++, it hasn't been built with all the
> current hardening options that should be used
> * Its binary packages probably aren't repoducible
> * It may not build correctly with the current build tools (failure to
> build at all would usually be caught and reported, though)
+1
* If it was maintained on Alioth its Vcs URLs are broken now.
* If its not yet maintained on Salsa that would be a good reason to do
so
> I think we should be rebuilding everything at least once per release
> cycle, so we don't have a nasty surprise when these "mature" packages
> need bug fixes.
I have a script which outputs a sorted list of packages that are
relevant for the Debian Med Blend. I try hard to upload all packages
not uploaded since the last release and I *always* had something to do.
Kind regards
Andreas.
--
http://fam-tille.de
