| 1 |
On Sun, Jul 21, 2013 at 11:22 AM, hasufell <hasufell@g.o> wrote: |
| 2 |
> I am maintaining it for some months now and it has reached a state |
| 3 |
> where we should think about treecleaning it. |
| 4 |
|
| 5 |
++ |
| 6 |
|
| 7 |
> Maintaining a package in gentoo implies a few things for me: |
| 8 |
> We are able to support it properly which either means that we can |
| 9 |
> communicate with upstream or at least (if that fails) fix bugs on our |
| 10 |
> own. Currently, both does not apply to googleearth which means we |
| 11 |
> cannot resolve a lot of bugs in any way. |
| 12 |
> Also... software in the tree should meet a minimum of quality and we |
| 13 |
> should not support vulnerable and broken software officially. |
| 14 |
|
| 15 |
From your description it seems like Google Earth is really pushing it. |
| 16 |
I wouldn't call it "vulnerable" and "broken" though - software is |
| 17 |
only vulnerable if there is a known exploit. Bundling libraries is |
| 18 |
bad practice because it increases the risk of such vulnerabilities |
| 19 |
existing, but on its own shouldn't be grounds for removal. It |
| 20 |
certainly has the potential to increase the workload for maintainers |
| 21 |
though. |
| 22 |
|
| 23 |
My sense is that none of the problems you listed should really be |
| 24 |
considered a reason that something MUST be removed from the tree, but |
| 25 |
they certainly tend to add up. If somebody wants to take over |
| 26 |
wrestling with it I don't think we should look down on that though. |
| 27 |
|
| 28 |
Rich |
Archives