1 |
On 01/03/2017 09:11 AM, Damien LEVAC wrote: |
2 |
> But routine auditing, while being wishful thinking in the open-source |
3 |
> world (even when the projects are alive), are not meant to find those |
4 |
> kind of bugs anyway (and wouldn't be effective at doing so either). |
5 |
> |
6 |
|
7 |
I think it's wishful thinking in every world :P |
8 |
|
9 |
> I would argue that those concerns apply to every packages to different |
10 |
> degree and you might not be safer (on the contrary) with a maintained |
11 |
> but more experimental package... |
12 |
> |
13 |
> Even if just for the sake of stability, shouldn't there be a policy of |
14 |
> inertia? I.e. if it is not broken it does not need fixing, or something |
15 |
> like that? Like you said, this topic comes every once in a while and |
16 |
> every time it is a waste of time. Unless there is an unknown maintaining |
17 |
> cost in having it in the tree unmaintained? |
18 |
|
19 |
|
20 |
-- |
21 |
Matthew Thode (prometheanfire) |