Why delete KDE3 ports?
John Marino
freebsdml at marino.st
Mon Jan 7 18:53:08 UTC 2013
On 1/7/2013 19:40, Beat Gaetzi wrote:
> On 01/07/13 15:22, Mikhail T. wrote:
> Once again a working port (no build errors) is scheduled for deletion on
>> the grounds of simply being "unmaintained".
>
> QT 3.3.8 was released in 2007 and KDE 3.5.10 in 2008 and both are no
> longer maintained upstream nor in the ports tree. They possibly
> contain security vulnerabilities and they likely will break in the
> future if a build or lib dependency gets updated as they assume a 5
> year old environment.
>
> The deprecation period was set to 6 month to give someone the
> opportunity to update QT3 and KDE3 to the Trinity fork and I'm happy
> to offer exp-runs (once the clusters are back) if someone has patches
> but I don't see a reason why we should keep pointyhat busy (during
> exp-runs and frequent QA runs) with something that is outdated and
> mostly unmaintained for years now, prone to break and possibly insecure.
Here's the issue I think some folks have:
"Outdated": debatable. If outdated means a newer release is available,
then yes. If "outdated" means it outlived its usefulness, I'd say no.
This term seems subjectively used here.
"prone to break": Perhaps, but it's not broken now.
"possibly insecure": I think this needs to be "known insecure" rather
than holding it's last release date against it.
So currently it's not broken, not known to be insecure, and it's
probably still useful. I know I'd feel better if this discussion were
taking place after a breakage due to a updated dependency or a
realistically unpatchable vulnerability was discovered.
John
More information about the freebsd-ports
mailing list