On Thu, 22 Dec 2016, Peter Tribble wrote:
I thoroughly dislike the "stable" approach of backporting patches to older versions. In my experience this ends up being expensive to maintain compared to just building current, ties you up in knots because other things require newer versions, and give you bigger and harder jumps (and more breakage) when you finally do upgrade.
There is also the problem is that the available patches do not represent all of the fixes available in the latest release. This is particularly true in recent years where the developer has access to much better tools (e.g. valgrind, ASAN, Fuzzy LOP, Coverity, and improved compiler warnings/lint) to discover problems and validate the software and these tools were not available when the older versions were developed.
Distributions like Debian only create patches for issues given a CVE and thoroughly ignore other known issues and the many issues which were silently fixed by the package developer.
Bob -- Bob Friesenhahn bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ _______________________________________________ openindiana-discuss mailing list openindiana-discuss@openindiana.org https://openindiana.org/mailman/listinfo/openindiana-discuss
