| 1 |
On Sun, 2006-04-02 at 21:20 +0200, Carsten Lohrke wrote: |
| 2 |
> On Sunday 02 April 2006 04:48, Daniel Goller wrote: |
| 3 |
> > exactly, what's the point of removing it so fast? give people a chance |
| 4 |
> > to miss it, it does not matter if it's removed or masked only as far as |
| 5 |
> > going "woah, what?" and if masked it is a matter of unmasking rather |
| 6 |
> > than recommitting |
| 7 |
> |
| 8 |
> We haven't had a single issue with the usual seven day period as far as I can |
| 9 |
> remember, so please come up with a valid argument against it, instead |
| 10 |
> assuming turning my argument would be one. |
| 11 |
> |
| 12 |
> > in short, if it's slowing down the process, why do you need it to be |
| 13 |
> > quick in the first place? |
| 14 |
> |
| 15 |
> Getting the junk out of tree and mind as fast as possible is a value in |
| 16 |
> itself. |
| 17 |
> |
| 18 |
|
| 19 |
you should apply a finer granularity and not call them all junk, even a |
| 20 |
unmaintained package that only has 50% of its features working might be |
| 21 |
the only thing someone has, where does this hurt anyone?, or maybe it is |
| 22 |
unmaintained but has no single (uncovered flaw), where does this hurt |
| 23 |
anyone? or or or, point is, say you would like certain vulnerable |
| 24 |
packages removed quicker, without making the waiting the usual 30 days |
| 25 |
sound insane. |
| 26 |
|
| 27 |
with that kind of grace period you give people the chance to say "oh |
| 28 |
hey, i have this patch in my patch overlay, let me give it to you" |
| 29 |
|
| 30 |
just wait a little, it hurts noone usually, if it's a security issue, |
| 31 |
say it is and use a shorter time, noone is gonna have a problem, unless |
| 32 |
carlo suddenly goes under the cloak of security and yanks everything he |
| 33 |
wants under those pretences... :) |
| 34 |
|
| 35 |
my $1 |
| 36 |
|
| 37 |
|
| 38 |
Daniel |
Archives