Well a few things need to happen: 1. app-text/tidy-html5 - Need to go Stabl 2. dep and rdep need to be migrated to tidy-html5 and tested.
Since Patrice (monsieurp) is the maintainer of tidy-html5, do you want to become maintainer of htmltidy temporarily to help kill it and move to tidy-html5? On 6/6/16 10:41 AM, Raymond Jennings wrote: > If tidy-html5 can take care of anything htmltidy can, then we can boot > the latter as obsolete anyhow. Are there any backwards compatibility > issues if we just punt it and let tidy-html5 take over? > > On Mon, Jun 6, 2016 at 7:15 AM, Yury German <bluekni...@gentoo.org > <mailto:bluekni...@gentoo.org>> wrote: > > > > On 6/5/16 8:02 PM, Patrice Clement wrote: > > Sunday 05 Jun 2016 19:39:26, Yury German wrote : > >> app-text/htmltidy currently has no maintainers. It has a vulnerability > >> [Security Bug] filed against it. And a number of other [package depend > >> on it]. Is nyone willing to pick it up? > >> > >> [Secuity Bug] > >> https://bugs.gentoo.org/show_bug.cgi?id=561452 > >> > >> [package depend on it] > >> https://qa-reports.gentoo.org/output/genrdeps/dindex/app-text/htmltidy > >> https://qa-reports.gentoo.org/output/genrdeps/rindex/app-text/htmltidy > > > Don't bother. Have a look at [1], [2] & [3] to find out why. > > > > tl;dr > > > > htmltidy has got to be culled at some point since it's now considered > obsolete > > after tidy-html5 entered the tree a little while ago. It's roughly the > same > > codebase yet it's HTML 5 compliant. Yay! > > > > I've been maintaining the latter since its inclusion in the Portage > tree but > > would definitely need help to remove the former. I didn't swap htmltidy > for > > tidy-html5 cause they're two different projects. As you can see from > the links > > above, htmltidy has a gazillion deps. > > > > [1]: http://tidy.sourceforge.net/ > > [2]: http://www.html-tidy.org/ > > [3]: https://github.com/htacg/tidy-html5 > > > > This is all agreed, but unless someone is driving this it will never get > removed from tree. The security patch is one thing, but cleaning it up > and switching to tidy-html5 is why we need a maintainer so that we can > get rid of the dependencies otherwise it will sit there unsecured for > the next 5 years. > > >
