| 1 |
On 01/03/2017 09:11 AM, Damien LEVAC wrote: |
| 2 |
> But routine auditing, while being wishful thinking in the open-source |
| 3 |
> world (even when the projects are alive), are not meant to find those |
| 4 |
> kind of bugs anyway (and wouldn't be effective at doing so either). |
| 5 |
> |
| 6 |
|
| 7 |
I think it's wishful thinking in every world :P |
| 8 |
|
| 9 |
> I would argue that those concerns apply to every packages to different |
| 10 |
> degree and you might not be safer (on the contrary) with a maintained |
| 11 |
> but more experimental package... |
| 12 |
> |
| 13 |
> Even if just for the sake of stability, shouldn't there be a policy of |
| 14 |
> inertia? I.e. if it is not broken it does not need fixing, or something |
| 15 |
> like that? Like you said, this topic comes every once in a while and |
| 16 |
> every time it is a waste of time. Unless there is an unknown maintaining |
| 17 |
> cost in having it in the tree unmaintained? |
| 18 |
|
| 19 |
|
| 20 |
-- |
| 21 |
Matthew Thode (prometheanfire) |
Archives