If tidy-html5 can take care of anything htmltidy can, then we can boot the latter as obsolete anyhow. Are there any backwards compatibility issues if we just punt it and let tidy-html5 take over?
On Mon, Jun 6, 2016 at 7:15 AM, Yury German <bluekni...@gentoo.org> wrote: > > > On 6/5/16 8:02 PM, Patrice Clement wrote: > > Sunday 05 Jun 2016 19:39:26, Yury German wrote : > >> app-text/htmltidy currently has no maintainers. It has a vulnerability > >> [Security Bug] filed against it. And a number of other [package depend > >> on it]. Is nyone willing to pick it up? > >> > >> [Secuity Bug] > >> https://bugs.gentoo.org/show_bug.cgi?id=561452 > >> > >> [package depend on it] > >> https://qa-reports.gentoo.org/output/genrdeps/dindex/app-text/htmltidy > >> https://qa-reports.gentoo.org/output/genrdeps/rindex/app-text/htmltidy > > > Don't bother. Have a look at [1], [2] & [3] to find out why. > > > > tl;dr > > > > htmltidy has got to be culled at some point since it's now considered > obsolete > > after tidy-html5 entered the tree a little while ago. It's roughly the > same > > codebase yet it's HTML 5 compliant. Yay! > > > > I've been maintaining the latter since its inclusion in the Portage tree > but > > would definitely need help to remove the former. I didn't swap htmltidy > for > > tidy-html5 cause they're two different projects. As you can see from the > links > > above, htmltidy has a gazillion deps. > > > > [1]: http://tidy.sourceforge.net/ > > [2]: http://www.html-tidy.org/ > > [3]: https://github.com/htacg/tidy-html5 > > > > This is all agreed, but unless someone is driving this it will never get > removed from tree. The security patch is one thing, but cleaning it up > and switching to tidy-html5 is why we need a maintainer so that we can > get rid of the dependencies otherwise it will sit there unsecured for > the next 5 years. > > >
