On Thu, Dec 12, 2013 at 5:00 PM, Micha Bailey <michabai...@gmail.com> wrote:
> Apologies for the cross-post, but I wasn't sure which mailing list would be
> most appropriate.
> Also, please note that I am writing this as myself, not as a representative
> of the Bitcoin project or development community.

As one of the Debian maintainers for the package, I agree that the
network protocol is in such a flux that it is not suitable for stable
release yet. Old versions not only hurt users, but pose a threat to
the network as a whole. PPAs are more appropriate, at least for the
time being. Debian has an RC bug preventing migration to testing for
this and other reasons [1]. Perhaps blacklisting bitcoin import from
Debian, and removing it from the Ubuntu repositories, is reasonable.

This is difficult, because many users rely on the package - and
removing it from the repositories will leave them vulnerable. However,
keeping the package in the repositories potentially makes more users
vulnerable.

Another alternative would be to have a MOTU/dev that is interested
perform day-of-release backports, and encourage users to enable
backports. However, this could create a situation where the stable
release contains a harmful version, and only the backport version
would be safe to use. This is probably unacceptable to both Ubuntu and
Bitcoin.

Also, the bitcoin package is only really necessary to run a full node.
Users that want to run a wallet can use electrum (in ubuntu and
debian) or multibit (not in Debian yet, but someone is working on it).

At some point bitcoin should be stable enough that full node software
can be included in Ubuntu and Debian releases, but for now it is
probably best to use the PPA.

Regards,
Scott
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718272

-- 
Ubuntu-motu mailing list
Ubuntu-motu@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu

Reply via email to