On Tue, Apr 05, 2016 at 03:08:44PM -0500, Stephen Paul Weber wrote: > To be clear: this is only true if you are the Debian maintainer for > vdirsyncer. If someone else is the maintainer (as, reading this thread, it > seems is the intent) then it is *their* job to backport any relevant bugfixes > and provide any support to Debian stable users. As upstream, you only ever > have to support official versions that you provide, of course, and not Debian > versions.
Security backports are not at all what I'm talking about. I mean that Debian stable users will start reporting bugs for really old releases of vdirsyncer on my issue tracker. And while Debian's documentation may have made this situation extremely clear, apparently nobody reads it. This is already happening with other software. And while I do apprechiate packagers of all operating systems caring about my software (and don't want to dismiss the work they're doing), I'm completely opposed to Debian's model of patching older releases of deprecated software just for their platform. It essentially forks that older release into a completely new project, but keeps the name and contact information from the original project intact. I would call it phishing, except this is probably well-documented. Because of this I think having vdirsyncer in Debian Sid only would be a better idea.
