Re: remove xview?
tim hall wrote:
> Luk Claes wrote:
>> Jack T Mudge III wrote:
>>> On Monday 14 January 2008 07:13:01 am Riku Voipio wrote:
>>>> It's not only lack of 64bit that makes xview a problem. If security
>>>> issues withing xview are found, it is unlikely that they get fixed
>>>> in a timely manner.
>>> Sometimes I wish there were a security warning system in dpkg. Say,
>>> a user loads up Synaptic (or Adept, depending), and when they try to
>>> install a dangerous package -- maybe a server that opens ports by
>>> default -- they get a textual warning summarizing the problems, and
>>> pointing them to more information (/usr/share/doc/pkg_name/SECURITY,
>>> perhaps?).
>>>
>>> It seems to me that removing old packages just because they are old
>>> misses an important point: There are people who use them. Perhaps
>>> warning them that the packages are ancient and may be dangerous to
>>> their health is a good thing. Removing xview or similar small,
>>> insignificant (to debian, not to the users necessarily), and old
>>> packages doesn't seem like it'd do much good. It would, however,
>>> annoy the users who DO still use them.
>>
>> Removing old packages just because they are not maintained, have
>> (unknown) security issues and are almost not used is just making sure
>> that people don't install a package that is obsolete. People that are
>> using the package can continue using it or can decide to start using an
>> alternative...
>
> How many popcon users does it take ... ?
>
> This change would affect @ 80 popcon users. I don't know how many real
> users that translates to. I realise there are many other factors to this
> decision, but generally speaking what do most people consider the
> shelve-off point that would suggest a package is no longer worth
> maintaining?
It totally depends on the kind of package. A decent maintained package
that is only usefull for some niches which has no alternatives is
totally different than an obsolete package...
Cheers
Luk
Reply to: