Archives of last quarterly package builds?

[grarpamp]

> And many 10s of GB which we would be forcing all the mirrors to carry
> (and remember, *N archs *n OSVERSIONS).
> This has been cited as a stopper in the past.

There's enough slack to pull down at least one
new quarter, how deep that slack goes hasn't
been chimed in on but this was copied out
to hubs at .

However on the plus side, one could easily imagine
a program where mirrors could receive HW / donations
from the foundation... 4TiB is only $100.

They're static reference copies, already transferred,
and only maintained for a year or so, so usage,
thus bandwidth should be low. For the previous
quarters, squelching the web index in dir '/All'
exposing them only to pkg from pkg metadata,
and to rsync module... is further possible.

And the last final pkg build "pkg /latest" for
each major version num "... 8 9 10 11 12 13 ..."
should probably also be kept on archive rsync
server for years like the iso's and distfiles.


> Keeping archives also means keeping packages with security vulnerabilities.
> Why would somebody put that on the internet?

Why would FreeBSD or any other OS put all their
old vulnerable release ISO's, and keep old vulnerable
commits in their repos, on the internet. Lots of reasons,
many noted in this thread.