Roger Leigh <rleigh@whinlatter.ukfsn.org> scribbled: > GTK+ 1.2 (and GLib 1.2) were abandoned upstream over *six years* ago. > It's rather probable (nay, doubtless) that there are unidentified and > unfixed security problems with these libraries. > > Given that upstreams have had over five years to port their code, it > is time to drop dead code that is not maintained, IMO. It's not like > there isn't huge amounts of compatibility code in GTK, GDK and GLib to > ease such porting (I've used it myself). A minimal port is often just > a bunch of regex search and replace operations, with some small amount > of rewriting. > > Note that this is irrespective of how good XMMS is or is not. The > libraries it depends on are dead, and they should have upgraded years > back. So, I maintain gbib. It's a gtk1.2 program which hasn't been ported upstream and upstream maintenance is basically dead. Should it be remove from the archive? I think it's really useful, I use it every day, there isn't a suitable replacement available. (kbibtex comes with lots of KDE dependencies and while being slightly more featureful is much less nice to use). Popcon lists 363 installations. If I have the time and inclination maybe I will port it to gtk2, but why should I spend that effort when it's a perfectly good working program. Sure it's not getting new features, but it gets along fine without them. If there were a drop-in replacement for gbib I wouldn't mind, but there isn't. Removing gbib from the archive would deprive any new installations of a suitable tool for doing this, something that existing Debian users also do often (Upgrading is all well and good, but for various reasons I have done numerous clean installations), and in those cases it is made a lot harder for the existing users who suddenly find gbib has disappeared. I'm not arguing against the removal of xmms, but I am arguing against the removal of perfectly good pieces of software just because the are no-longer upstream supported. Matt -- Matthew Johnson
Attachment:
signature.asc
Description: Digital signature