[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MongoDB license change and security support


On Wed, 25 Nov 2020, Sylvain Beucler wrote:
> Consequently I believe we're not in a position to offer MongoDB security
> support in LTS nor ELTS, and we need to drop it from our supported packages.
> What do you think?

I think that you are right if you believe that we have no influence on
the upstream developers of MongoDB.

But I would suggest that we try to reach out to them to see if they are
willing to relicense security patches so that they can be used to fix old
mongodb releases explaining that it would allow distributors to keep
supporting mongodb and thus let some users continue to use mongodb instead
of switching to something else.

At the same time, we can also let them know that their new license means
that mongodb is gone from Debian and that it will hamper their ability
to attract new users (and thus money) when a large part of the webservers
run Debian-based operating systems.

So who can sheperd this? For me, the time spent on such discussions can be
made as part of your paid time. (And it puts Debian as an actor and not
only a follower, which is a good thing IMO)

  ⢀⣴⠾⠻⢶⣦⠀   Raphaël Hertzog <hertzog@debian.org>
  ⢿⡄⠘⠷⠚⠋    The Debian Handbook: https://debian-handbook.info/get/
  ⠈⠳⣄⠀⠀⠀⠀   Debian Long Term Support: https://deb.li/LTS

Reply to: