>I've added this to the TB agenda. I imagine it'll take quite a bit of
>reading of the various references (I've added them to the agenda item)
>so appreciate you may not be able to decide by tomorrow's meeting.

just to give my quick maintainer point of view.

1) the security issues it has, are also applicable to hexchat (we will upload
a fixed hexchat soon, upstream after all this debate quickly found and fixed 
some issues
and released a new upstream tarball)

this said, the security issues, can crash hexchat or xchat if you connect to a 
server, sending non standard irc replies.
(so, an exceptional use case I would say)

2) the package is not upstream maintained but it is fully Debian/Ubuntu 
downstream maintained.
I did fix a lot of bugs, and did ~10 uploads in the archive, making it suitable 
again for
release (in my maintainer opinion, feel free to have whatever different opinion)

3) I still need to reproduce the ctrl+i crash, I failed so far
4) see my point here
5) having 40 patches is a complete nonsense, what is the problem if somebody is 
willing to maintain
it that way?
would it be better if I create a new "upstream" release and upload a no-patch 
package? it would end
up in a similar result, I don't see the difference
6) I'm willing to maintain it for bionic lifespan.
7) people debating about something is not a good reason from stopping adoption 
or remove it
(cfr: init systems war :p )
8) both upstream/hexchat and Ubuntu/xchat maintainers opinion are biased, so, 
consider that here
I'm just making a point for xchat, not against.

just my .02$, feel free to do whatever your hat demands to do, I'll happily 
accept any decision
you will take on this matter :)
(I'll continue to maintain it in my ppa anyway, unless you ask me to stop doing 
it :p )

thanks for reading,
(Robie, please bounce the email in case it doesn't reach the two lists)


technical-board mailing list

Reply via email to