On 1/7/2013 19:40, Beat Gaetzi wrote:
On 01/07/13 15:22, Mikhail T. wrote:
Once again a working port (no build errors) is scheduled for deletion on
the grounds of simply being "unmaintained".
QT 3.3.8 was released in 2007 and KDE 3.5.10 in 2008 and both are no
longer maintained upstream nor in the ports tree. They possibly
contain security vulnerabilities and they likely will break in the
future if a build or lib dependency gets updated as they assume a 5
year old environment.
The deprecation period was set to 6 month to give someone the
opportunity to update QT3 and KDE3 to the Trinity fork and I'm happy
to offer exp-runs (once the clusters are back) if someone has patches
but I don't see a reason why we should keep pointyhat busy (during
exp-runs and frequent QA runs) with something that is outdated and
mostly unmaintained for years now, prone to break and possibly insecure.
Here's the issue I think some folks have:
"Outdated": debatable. If outdated means a newer release is available,
then yes. If "outdated" means it outlived its usefulness, I'd say no.
This term seems subjectively used here.
"prone to break": Perhaps, but it's not broken now.
"possibly insecure": I think this needs to be "known insecure" rather
than holding it's last release date against it.
So currently it's not broken, not known to be insecure, and it's
probably still useful. I know I'd feel better if this discussion were
taking place after a breakage due to a updated dependency or a
realistically unpatchable vulnerability was discovered.
John
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
