On Tuesday, October 22, 2002, at 02:08 PM, Olivier Thauvin wrote:
No one is stopping them from maintaining contribs. But if we put contribs into updates, then all of a sudden it must be supported. Do you understand that? And while most contribs packages are of good quality, they all aren't. In order for it to be in updates, I would feel it necessary to test it first. This makes more work for me.To expect us to put contribs into updates takes away the distinctionIt is not the uniq difference, contrib is maintain by lot of poeple who don't
between main and contribs. Only main is supported. Only main packages
will ever be in updates. That's just the way it is.
works for mandrake, then if this poeple can upload on contrib, maybe they
want maintain it too.
Then what about dependencies? If someone is using the download edition, they don't have a contribs source. If they grabbed something from contribs before, who's to say that they have everything installed now? Dependencies change like my underwear. So now I have to put additional packages into updates to handle dependencies.
How can this be easy? This isn't a matter of a contributor wanting to maintain a package. This is them updating a package and me doing all the work to polish it up and put it in updates.
Again, no one is stopping them. And Mandrake might be made by the entire world, but the updates are made by one person. Big difference in manpower.The "Mandrake with security holes" statement is ridiculous. contribsI don't say that, I say Mandrake don't support contrib but is happy to have
is just as much a part of Mandrake as is downloading something from the
net and building it yourself. Are we expected to provide updates for
everything you might possibly download? Mandrake is *main*... Mandrake
is not contribs. To say that Mandrake has security holes because
contribs is unsupported is silly.
lot of package within. Take a look to the powerpack box or installer:
"Mandrake is made lot of people in entire world". Then if contrib is made by
contributer, maybe like, some poeple want to make fix.
I always think to someone who use icecast for his job ! If there are aThat's entirely up to them. Can't be everything to everyone. If someone chooses to use icecast for his job, then he must understand he is using unsupported software, even if it came on one of our CDs. The contribs are clearly labelled as unsupported... if the end user can't understand that, then maybe he should be using "Dummy Linux" or something.
security hole, we are saying "it is not our problem". If it's me I'll choose
to install an other distrib...
No, I won't support it. And no, it won't go into updates. I explain my reasoning for this. The quality of updates is a source of pride for me... I am not going to let just anyone put anything into updates. There is a lot more to it than just making a package. Updates is not the place for this. Club is a much better place.Until then, contribs is made by contributors. If contributors want to
make updated packages, that's fine. They can go into Club or somewhere
else.
Club is not the good place, IMHO. But if you won't supporte it, I purpose contributor do this job.
Yes, you are. You might not think you are, but asking what you are is a lot more work for me. This is probably due to the fact that you don't understand the full process behind making updates (heck, I don't suspect anyone other than the other security officers for the other vendors fully appreciate the amount of work that goes into updates!). And because of that, I'm willing to cut you some slack. But, trust me, no matter how you cut it, if it goes in updates, it is more work for me. I'm overworked as it is already, and other projects I would really like to involve myself with suffer as a result (I had originally aimed to write 1-2 articles for MandrakeSecure each month and now it's been two months since I've written anything... this isn't because I have nothing to do!).This is not something I am interested in doing, much less debating. It
is not going to happen, so trying to convince me otherwise is merely
wasting your time. I am far too busy maintaining main to start jumping
through hoops to support something that is clearly *un*supported.
I am not giving you more works. ;)
To sum up, no one is stopping the contribs maintainer of mhonarc to build it for 8.x and 9.0. I will not see it in updates. This would be better suited for Club, which is urpmi-able, or Unsupported which is, AFAIK, not. My suggestion would be to build it for Club.
And no one is stopping the maintainer from doing that.
--
MandrakeSoft Security; http://www.mandrakesecure.net/
"lynx - source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD: 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
PGP.sig
Description: PGP signature
