svn commit: r347949 - in head/net: samba36 samba4 samba41
John Marino
freebsd.contact at marino.st
Wed Mar 12 08:33:22 UTC 2014
On 3/12/2014 09:27, Dmitry Sivachenko wrote:
>
> On 12 марта 2014 г., at 12:09, John Marino <freebsd.contact at marino.st> wrote:
>
>> On 3/12/2014 07:19, Timur I. Bakeyev wrote:
>>> The practice of certain commiters just randomly picking up ports and
>>> making changes there without contacting maintainer beforehand becomes
>>> more and more annoying and abusive recently.
>>>
>>> I've spent all night, trying to put all the stacked changes all together
>>> and test Samba ports when at a commit attempt suddenly learn, that
>>> someone felt the urge to interfere and bump port versions just cause he
>>> was in a mood. Well, thanks a lot.
>>>
>>> And yes, I hate to change PORTREVISION.
>>>
>>> Have a nice day.
>>
>> Er, what?
>> It was a security update.
>> All the dependent ports had to be bumped in order to force incremental
>> builders to pick up the security fix.
>> As a bystander, I see nothing wrong with what happened, nor do I
>> categorize that as abuse.
>>
>> My quick judgement of the day: He's right, you are wrong.
>>
>> I hope your day is nice too.
>>
>
>
> Actually updating vuln.xml is enough to warn people about vulnerability.
> So the actual update of the port could be easily postponed for some time, provided maintainer is responsive and update could be easily coordinated.
>
> Your attitude does not encourage people to participate you know.
>
What's my attitude have to do with things? I'm a third party, this is
the first I've heard of it. Why would somebody "not participate" based
on my opining on who is correct after that aggressive email?
Dmitry, you obviously don't understand why ports are bumped. It is not
to "warn people", it is to notify package builders (machines). If the
version number doesn't change (of which PORTREVISION is a part) then the
package might not be rebuilt if it is an incremental run. Bumping it
guarantees the security fix is in place. Additionally, policy is to fix
binary packages ASAP so that vulnerabilities are not distributed after
they are fixed.
John
More information about the svn-ports-head
mailing list