On 17/08/14 05:52 AM, Evgeniy Alekseev wrote: > > In my opinion TUs should *always* check a package under request. If sources > are no longer available anywhere (such as for some of *berlios.de projects) > it > can be removed. If the package has not maintainer and if it has a few votes > it > can be removed too (since seems it is not interesting to anyone). As for me I > don't think that we should remove useful packages even its upstream has no > activity (if it is not broken of course).
If it has known vulnerabilities, then I think it's a different story. However, we should probably start dealing with dead / poorly maintained projects in [extra] and [community] with known security holes before applying it as a standard for AUR packages...
signature.asc
Description: OpenPGP digital signature
