On 2/28/19 9:26 AM, Levente Polyak via aur-general wrote: > On 2/28/19 2:58 PM, Jerome Leclanche wrote: >> On Thu, Feb 28, 2019 at 12:51 PM Josef Miegl <jo...@miegl.cz> wrote: >>> Although I don't have high expectations when dealing with AUR packages, it >>> is absolutely the maintainers job to keep track of upstream updates. This >>> mindset is probably the reason why there is so much out of date stuff on >>> the AUR. It strikes me that a maintainer who doesn't keep track of his own >>> packages wants to become a TU. >> >> No, it is not, and please don't expect this of volunteers. The >> responsibility goes as far as security (being made aware ASAP of >> security issues in packages), but knowing in general when a release >> happens is not (and/or shouldn't be) the TU's responsibility. >> Most TUs do know when a release happens in at least a portion of their >> packages, by nature of often maintaining packages they have some >> working relationship with. But the flagging system is very useful in >> crowdsourcing the non-security-sensitive portion of package >> maintenance. > > > I very strongly disagree on this, nobody forces a volunteer to > _maintain_ a certain package, but If it is chosen by choice then keeping > it up to date is a responsibility as well. > As long as we do not have an automatic system in place it is one of the > responsibilities to track it as good as possible! > This doesn't make the out-of-date flag system non-useful, even when we > would have our automatic flagging system in place, as it could slip > through the radar or tracking like upstream may change the location for > future releases. > I frankly don't like the habit of "i don't give a darn to track, someone > will flag it", this is bad practice, and the best we could agree on is > that we strongly disagree.
This is indeed the ideal. Of course even with the flagging system, 412 / 10691 packages are marked out of date. It is true that over half of these were flagged within the past month. -- Eli Schwartz Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature
