Hello, On Wed, 25 Nov 2020, Sylvain Beucler wrote: > Consequently I believe we're not in a position to offer MongoDB security > support in LTS nor ELTS, and we need to drop it from our supported packages. > > What do you think?
I think that you are right if you believe that we have no influence on the upstream developers of MongoDB. But I would suggest that we try to reach out to them to see if they are willing to relicense security patches so that they can be used to fix old mongodb releases explaining that it would allow distributors to keep supporting mongodb and thus let some users continue to use mongodb instead of switching to something else. At the same time, we can also let them know that their new license means that mongodb is gone from Debian and that it will hamper their ability to attract new users (and thus money) when a large part of the webservers run Debian-based operating systems. So who can sheperd this? For me, the time spent on such discussions can be made as part of your paid time. (And it puts Debian as an actor and not only a follower, which is a good thing IMO) Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog <hert...@debian.org> ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄⠀⠀⠀⠀ Debian Long Term Support: https://deb.li/LTS
