Re: Bug#323855: ITP: opencvs -- OpenBSD CVS implementation with special emphasis in security
On Fri, 19 Aug 2005 09:39:49 -0700
Russ Allbery <firstname.lastname@example.org> wrote:
> martin f krafft <email@example.com> writes:
> > Javier Fernández-Sanguino Peña <firstname.lastname@example.org> writes:
> >> Also notice that some of our services (web pages, documentation
> >> project) use CVS and will do so for a long time. Having a CVS server
> >> available to switch to if a security issue in the current standard CVS
> >> server is found is something that would be useful to prevent downtime
> >> of those services if the debian admins have to switch them off.
> > So instead of preparing the package, I suggest investing the time to
> > migrate projects from CVS to SVN or bazaar instead.
> We still package RCS, and for good reason.
> *If* it's an improved version of CVS, I think it's still a good idea to
> package it. A lot of us still use CVS for various reasons, ranging from
> familiarity with CVS on the part of people who don't like change, use of
> CVS revision numbers as a cheap versioning system with simple repositories
> that don't need good branching and tagging, use of CVS repositories in a
> shared file system like AFS (which Subversion does not handle well),
> interacting with other open source projects that use CVS, or just out of
> pure inertia.
> I don't think "it's not a good revision control system" is a good reason
> to refuse the package, for exactly the same reason that Debian still
> packages a telnet client even though everyone really should be using SSH.
> Switching to Subversion requires more than individual action on the part
> of one person, and therefore isn't always possible even if it's a good
There is a really good reason to have telnet *client* on board, and that
is accessing IMAP / SMTP etc. servers for testing purposes.
Debian maintainer of Courier, Pure-FTPd, Interchange, Sympa
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration