Re: Removal of ntop

[Ludovico Cavedon <cavedon@debian.org>]

On Wed Jan 07 2015 at 11:11:08 AM Javier Fernandez-Sanguino <jfs@computer.org> wrote:

With the upcoming ntopng, will ntop upstream still provide security support for previous ntop releases (i.e to version 5.0 which is in testing) ? 

No.

 

If upstream is *not* going to provide security support for ntop then it would be best to not distribute it and just add the information in the Release Notes.

Debian global release notes? Do you think it is relevant enough?

 

Unless you, as maintainer, are going to commit to provide support for it.

Unfortunately I do not have the time on invest on this.

 

If you request the package removal the I would also suggest to ask *all* bug submitters to review if their bugs apply also to ntopng (the code base is similar) and duplicate+reassign the bugs there too. Otherwise many of the open bugs (not addressed in ntop, but forwarded upstream) will get lost with the package removal.

Yes, I am already planning on this.

Should I just request the removal of ntop instead?

If you do this, users will upgrade their Debian system and will not be aware that ntop is obsolete and will have to replace it. (unless they look in aptitude for 'Obsolete' packages).

Indeed, that's why I was wondering if there was an alternative at this point that I was not considering.

 

FWIW, IMHO, the NEWS file I suggest should have been provided in ntop as soon as the move to ntopng was evident (¿2013?). That way users should have been given ample warning time.

You are right, but at this point this cannot be done. 

Thanks,

Ludovico

ps; sorry for the accidentally missing subject in my initial email