www/chromium MAINTAINER,
was Re: chromium producing constant hdd access
Julian H. Stacey
jhs at berklix.com
Tue Jan 18 15:31:04 UTC 2011
Hi Rene,
Your mailer is emitting many \xa0
=?ISO-8859-1?Q?Ren=E9_Ladan?= wrote:
> 2011/1/18 Julian H. Stacey <jhs at berklix.com>:
> > Hi,
> > Reference:
> >> From: Mark Linimon <linimon at lonesome.com>
> >> Date: Tue, 18 Jan 2011 00:48:50 +0000
> >> Message-id: <20110118004850.GB17292 at lonesome.com>
> >
> > Mark Linimon wrote:
> >> On Mon, Jan 17, 2011 at 08:12:40PM +0100, Julian H. Stacey wrote:
> >> > rene@ has ignored request to roll back. If rene@ resigns,
> >> > MAINTAINER would revert to ports at freebsd.org so others could fix
> >> > FreeBSD's current ports/www/chromium
> >>
> >> Because of the legal questions surrounding chromium,
> >
> > I know nothing of that. Just that a month ago it compiled, now it won't.
> >
> >> portmgr will ensure
> >> that it does not revert to ports@ :-)
> >> mcl
> >
> > So how about:
> > Revert to something that will compile, with no MAINTAINER.
> > Or delete port ?
> > A port that
> > - wont build,
> FORBIDDEN is there for a reason [*]
I don't query FORBIDDEN being set.
It's up to individual builder/user to choose to over ride that or not.
But port was not broken a month ago & Is now broken so should be fixed
or marked BROKEN.
ports/Mk/bsd.port.mk:
# FORBIDDEN - Package build should not be attempted because of
# security vulnerabilities.
# BROKEN - Port is believed to be broken. Package builds will
# still be attempted on the pointyhat package cl
uster to
# test this assumption.
> > - the maintainer won't fix,
> makes no sense, versions before 8 are unsupported upstream,
Not relevant. FreeBSD ports do not Need to be supported up stream to run
& work, eg multimedia/acidrip has not been supported by author for years.
It still compiles & runs. If we marked as RESTRICTED, then broke the Makefile
of any port that merely was no longer supported upstream, then FreeBSD
ports/ would become a graveyard.
Chromium still compiled a month ago till someone broke it.
> > - has security issues,
> not my fault ...
I don't query that.
> > - is legaly problematic
> there are proper methods to handle this, the issue is mostly upstream,
> > - ports@ is scared of inheriting
> ports@ is an indication that the port is unmaintained, except for a few
> well-known exceptions (misc/compat??)
> > - that we can't fix by adding a _DEPENDS etc
> makes no sense, see above
It compiled it a month ago. It runs here. A friend garyj saw it,
said it wouldn't compile for him, I tried to make again on same
release for a package, & found someone had broken it.
> [*] maybe all currently vulnerable ports should be marked FORBIDDEN, and yes,
> this includes a dependency for linux-flash-plugin
Aside: I don't run flash. I also did a search a while back
to try to find all ports that installed binaries Not from
fetched sources (a difficult job, I didnt complete it, &
not many people were interested in the security aspect of
running non localy compiled binaries, unfortunately.)
FORBIDDEN for all ports with vulnerabilities would rule out more than
many would want, I guess. But some ports could benefit from eg:
Mk/bsd.port.mk:
# DEPRECATED - Port is deprecated to install. Advisory only.
( see also # DISABLE_VULNERABILITIES )
Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Mail plain text; Not quoted-printable, or HTML or base 64.
Avoid top posting, it cripples itemised cumulative responses.
More information about the freebsd-ports
mailing list