I recently had a support question for IBX for Lazarus and for an issue
that was fixed a couple of years ago. The response was inevitably a
"please upgrade to the next version".
However, what surprised me was that the user came back pointing out that
he was using the most recent version of IBX on OPM. This was a surprise
to me as I had not uploaded IBX to the Online Package Manager nor do I
recall a request to do so. On the other hand, an out-of-date version
(2.5.0) of IBX is on OPM.
I don't object to IBX being on OPM - its probably a good idea, but it
does raise a few questions:
1. Who makes the decision about what is uploaded to the OPM repository?
2. How is a package put there and what precautions are taken to ensure
that the package is genuine and does not contain malicious code -
especially when the upload was not done by the original author.?
3. How are the OPM repository maintainers told that a new version of a
package is now available?
Tony Whyman
https://www.mwasoftware.co.uk
https://github.com/MWASoftware
--
_______________________________________________
lazarus mailing list
lazarus@lists.lazarus-ide.org
https://lists.lazarus-ide.org/listinfo/lazarus
