From: Rich Freeman <rich0@gentoo.org>
To: gentoo-dev <gentoo-dev@lists.gentoo.org>
Subject: Re: [gentoo-dev] Packages up for grabs due lavajoe retirement
Date: Sat, 1 Dec 2012 06:42:13 -0500 [thread overview]
Message-ID: <CAGfcS_nwkZM6x2Wfj8-s7pM3xWeXLQC2m+Nji6zfGnEgNTtWMg@mail.gmail.com> (raw)
In-Reply-To: <1725003.cukAb6kBvN@arcarius>
On Fri, Nov 30, 2012 at 4:13 PM, Tomáš Chvátal <tomas.chvatal@gmail.com> wrote:
> Dne Pá 30. listopadu 2012 20:37:22, Pacho Ramos napsal(a):
>> media-sound/logitechmediaserver-bin -> this package is "special", it's
>> maintained by a proxy maintainer but it was reassigned to
>> maintainer-needed instead of proxy-maint herd. Was reviewing to reassign
>> it when I saw:
>> https://bugs.gentoo.org/show_bug.cgi?id=251494
>>
>> that I have no idea about how to handle :|
>
> Simple,
> add hardmaks explaining possible secuirty issues due to bundling earth&heaven,
> and then let the proxymaintainer play with it if he wants.
>
> The mask will be lifted only under condition these issues are fixed.
> People can unmask quite easily if they want, we don't need everything in
> stable :-)
I can't say that I agree with this needing to be masked. If it HAS a
known security issue, then mask it. If the only issue is that it
bundles too many libs, well, then just stick an ewarn in there or
something but make it the user's call.
Should we mask chrome while we're at it (and yes, I'm aware that the
chromium team is doing their best to remove these, but there are MANY
left)? How about mythtv - that bundles ffmpeg?
Yes, it is lousy practice, but our options are to change the world,
practically fork upstream, or refuse to include useful packages. It
is admirable when we can remove bundled libs, but this should not be
mandatory for having a package in the tree. Actual security issues
should be fixed, of course, or masked.
Sure, it ain't perfect or pretty, but it works. And when dealing with
outsiders, whether they are proxy maintainers or our founder, can we
at least try to be polite?
Rich
next prev parent reply other threads:[~2012-12-01 11:43 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-30 19:37 [gentoo-dev] Packages up for grabs due lavajoe retirement Pacho Ramos
2012-11-30 21:13 ` Tomáš Chvátal
2012-12-01 11:42 ` Rich Freeman [this message]
2012-12-01 12:32 ` Tomáš Chvátal
2012-12-01 13:46 ` Rich Freeman
2012-12-02 2:20 ` [gentoo-dev] " Duncan
2012-12-02 2:37 ` Alec Warner
2012-12-02 2:41 ` Rich Freeman
2012-12-02 2:44 ` Alec Warner
2012-12-08 18:31 ` Jeroen Roovers
2012-12-02 8:35 ` Michał Górny
2012-12-02 10:14 ` Duncan
2012-12-02 19:18 ` Ian Stakenvicius
2012-12-03 1:42 ` Duncan
2012-12-02 0:15 ` [gentoo-dev] " Chí-Thanh Christopher Nguyễn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGfcS_nwkZM6x2Wfj8-s7pM3xWeXLQC2m+Nji6zfGnEgNTtWMg@mail.gmail.com \
--to=rich0@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox