Re: git: 77f72c463b90 - 2024Q1 - x11-servers/xwayland-devel: backport recent secfixes

From: Jan Beich <>
Date: Thu, 04 Apr 2024 17:55:05 UTC
Emmanuel Vadot <> writes:

> On Thu, 04 Apr 2024 16:47:09 +0200
> Jan Beich <> wrote:
>> Baptiste Daroussin <> writes:
>> > On Thu 04 Apr 15:48, Jan Beich wrote:
>> >
>> >> Emmanuel Vadot <> writes:
>> >> 
>> >> >> but also introduced a number of regressions that
>> >> >> don't exist in my port, all of which were documented in my reviews.
>> >> >
>> >> >  What regressions ? I'm using xwayland for more than a year on my
>> >> > desktop instead of -devel and haven't seen a problem.
>> >> 
>> >> Try diff xwayland{,-devel}/Makefile:
>> >> - Missing XSECURITY (ssh -X vs. ssh -Y; xorg-server parity per bug 221984)
>> >> - Missing XDMCP (xorg-server parity, maybe used with rootful Xwayland and GUI login managers)
>> >> - Missing XTEST input emulation (XDG Portal API, required by GNOME, Plasma and maybe rootful Xwayland)
>> >> - Missing CSD for rootful (mainly for GNOME, optional even if preferred elsewhere)
>  All those options could be added. The main reason that they are not is
> that x11-server/xwayland isn't used by anyone but me as it requires
> patching ports to use it. So obviously if they aren't needed for my
> case no one will stand up and ask for them to be enabled.
>  Another way to view this is that you enabled all those options without
> consulting anyone, why would you you might ask, it's your port ? Well
> yes but since this port is forced to be used by everyone enabling
> option and dependencies should be a concensus between multiple users.
>  For some, (like XSECURITY) you've explained in the commit message so
> that's good at least. Other like CSD was enabled without anything in
> the commit message except that this was an update, this is not good.

- XDMCP was enabled (auto-detection) in xwayland up until 5f87249229d3
- xwayland-devel was created before 5f87249229d3 thus used xwayland and
  xorg-server from back then as the reference for feature defaults
- CSD and EI are enabled due upstream default (auto-detection) and
  as part of "batteries included" policy for binary packages

>> >> - Broken on DragonFly due to forcing -Dsha1 (already default after I've fixed upstream bug years ago)
>  I don't care about Dragonfly, they are grown ups and can manage their
> own ports.

Sure but the option is redundant on FreeBSD. libmd is already preferred
and auto-detected over OpenSSL, nettle or gcrypt.

>  Lol, very bold of you to say this as all your ports forced on others
> follow your views.

Sure but the proposal is no different. Under the guise of changing to a
stable version of dependency you also want to change maintainership into
one that benefits you. For example, all these x11@ updates you land
haven't been submitted through Bugzilla for peer review.

>  I think that you should fork the ports tree to JanPorts, do your stuff
> there and for the FreeBSD ports tree please start engaging discussion
> with the community, you are not alone.

Bug 244016 is an example discussion. Looks civil? Now look at bug 276614.
Many years have passed but I see x11@ culture of brandishing authority
hasn't disappeared.