Re: git: 020281bef16d - main - archivers/fastjar: remove undue deprecation of maintained port

El sáb, 30 mar 2024, 14:21, Daniel Engberg <daniel.engberg.lists@pyret.net>
escribió:

> On 2024-03-30T09:06:51.000+01:00, Gleb Popov <arrowd@freebsd.org> wrote:
> >  On Sat, Mar 30, 2024 at 8:38 AM Alexey Dokuchaev <danfe@freebsd.org>
> wrote:
> >
> > >
> > >  The branch main has been updated by danfe:
> > >
> > >  URL:
> https://cgit.FreeBSD.org/ports/commit/?id=020281bef16d866a64bac35850f21ae27f956b5c
> > >
> > >  commit 020281bef16d866a64bac35850f21ae27f956b5c
> > >  Author:     Alexey Dokuchaev <danfe@FreeBSD.org>
> > >  AuthorDate: 2024-03-30 05:36:18 +0000
> > >  Commit:     Alexey Dokuchaev <danfe@FreeBSD.org>
> > >  CommitDate: 2024-03-30 05:36:18 +0000
> > >
> > >      archivers/fastjar: remove undue deprecation of maintained port
> >
> > It is my personal opinion, but I think that one should assume
> > maintainership when undeprecating a port (especially maintained by a
> group)
>
> I also found an old CVE which I don't know if it's fixed or not.
> https://www.opencve.io/cve/CVE-2006-3619


If you don't know, then it is not an argument to keep the port deprecated.
If you are, then it might be. Even in that case, as per the handbook, ports
with security issues are marked as FORBIDDEN, not DEPRECATED:

https://docs.freebsd.org/en/books/porters-handbook/book/#security-fix



>
> There's also a fork here from what I can tell:
> http://download.savannah.nongnu.org/releases/fastjar/
>
> I don't know if it's worth keeping for less than a sec of processing and
> newer version of openjdk might have improved performance too (openjdk8 is
> pretty old).
>

*might*? I think arguments for or against deprecating should not be guesses.

Don't get me wrong, I'm all for keeping the ports tree clean, but these "a
posteriori" (non) arguments sound a bit weak :-)


> Best regards,
> Daniel
>