[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Considerations for 'xmms' removal from Debian

Roger Leigh <rleigh@whinlatter.ukfsn.org> scribbled:

> GTK+ 1.2 (and GLib 1.2) were abandoned upstream over *six years* ago.
> It's rather probable (nay, doubtless) that there are unidentified and
> unfixed security problems with these libraries.
> Given that upstreams have had over five years to port their code, it
> is time to drop dead code that is not maintained, IMO.  It's not like
> there isn't huge amounts of compatibility code in GTK, GDK and GLib to
> ease such porting (I've used it myself).  A minimal port is often just
> a bunch of regex search and replace operations, with some small amount
> of rewriting.
> Note that this is irrespective of how good XMMS is or is not.  The
> libraries it depends on are dead, and they should have upgraded years
> back.

So, I maintain gbib. It's a gtk1.2 program which hasn't been ported
upstream and upstream maintenance is basically dead. Should it be remove
from the archive? I think it's really useful, I use it every day, there
isn't a suitable replacement available. (kbibtex comes with lots of KDE
dependencies and while being slightly more featureful is much less nice
to use). Popcon lists 363 installations.

If I have the time and inclination maybe I will port it to gtk2, but why
should I spend that effort when it's a perfectly good working program.
Sure it's not getting new features, but it gets along fine without them.

If there were a drop-in replacement for gbib I wouldn't mind, but there
isn't. Removing gbib from the archive would deprive any new
installations of a suitable tool for doing this, something that existing
Debian users also do often (Upgrading is all well and good, but for
various reasons I have done numerous clean installations), and in those
cases it is made a lot harder for the existing users who suddenly find
gbib has disappeared.

I'm not arguing against the removal of xmms, but I am arguing against
the removal of perfectly good pieces of software just because the are
no-longer upstream supported.


Matthew Johnson

Attachment: signature.asc
Description: Digital signature

Reply to: