From nobody Mon Mar 11 17:22:57 2024 X-Original-To: ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TtkBP05Fyz5DN28 for ; Mon, 11 Mar 2024 17:23:09 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from mail.rdtc.ru (ns3.rdtc.ru [62.231.190.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TtkBN3Z5pz4mpb for ; Mon, 11 Mar 2024 17:23:08 +0000 (UTC) (envelope-from eugen@grosbein.net) Authentication-Results: mx1.freebsd.org; none Received: by mail.rdtc.ru (RDTC Post Office Server, from userid 1000) id 32B8B1CF08; Tue, 12 Mar 2024 00:23:04 +0700 (+07) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [62.231.161.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: egrosbein@rdtc.ru) by mail.rdtc.ru (RDTC Post Office Server) with ESMTPSA id B627E1CC60; Tue, 12 Mar 2024 00:23:02 +0700 (+07) X-Envelope-From: eugen@grosbein.net X-Envelope-To: flo@FreeBSD.org Received: from [10.58.0.10] (dadvw [10.58.0.10]) by eg.sd.rdtc.ru (8.17.1/8.17.1) with ESMTPS id 42BHMw2G041740 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 12 Mar 2024 00:22:58 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Proposed ports deprecation and removal policy To: Daniel Engberg References: <435edf7c-a956-4317-b327-3372de70dbef@FreeBSD.org> <1c5b7818-842f-f7b8-9d4e-5bf681cad20e@grosbein.net> Cc: Florian Smeets , ports@freebsd.org From: Eugene Grosbein Message-ID: <64c7435c-2d69-1f62-ba7c-30812860a457@grosbein.net> Date: Tue, 12 Mar 2024 00:22:57 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,LOCAL_FROM, NICE_REPLY_A,SPF_PASS,T_DATE_IN_FUTURE_96_Q,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=4.0.0 X-Spam-Report: * -0.0 SPF_PASS SPF: sender matches SPF record * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * 2.6 LOCAL_FROM From my domains * -0.0 T_SCC_BODY_TEXT_LINE No description available. * -2.1 NICE_REPLY_A Looks like a legit reply (A) X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on eg.sd.rdtc.ru X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:29072, ipnet:62.231.184.0/21, country:RU] X-Rspamd-Queue-Id: 4TtkBN3Z5pz4mpb 11.03.2024 4:49, Daniel Engberg wrote: >>> Ports can be removed immediately if one of the following conditions is met: >>> >>> - Upstream distfile is no longer available from the original source/mirror >>> (Our and other distcaches e.g. Debian, Gentoo, etc do not count as "available") >>> - Upstream WWW is unavailable: deprecate, remove after 3 months >> [skip] >>> A port can be deprecated and subsequently removed if: >>> - Upstream declared the version EOL or officially stopped development. >>> DEPRECATED should be set as soon as the planned removal date is know. >> >> Objection to quoted reasons. A software not developed anymore but still works fine >> after years is best software ever. Do not touch it, please. >> >> Some examples: >> >> mail/qpopper abadoned by Qualcomm years ago >> russian/d1489 created by ache@ who passed away years ago >> net/quagga abadonware but still best OSPF implementation for FreeBSD kernel >> net-im/pidgin-manualsize abadoned by initial author years ago >> databases/oracle8-client the only known library to link native FreeBSD code with for OracleDB connection >> >> Do not "fix" what ain't broken. >> > Eugene > > I'm going to assume that there will be a PR or something regarding maintained ports either way. I maintain most of listed ports. > As far as the "Do not "fix" what ain't broken" argument goes one major concern is how do you know > especially regarding to Internet facing services? Not every port deals with public Internet and services therein. > Qpopper (for example) has been dropped by pretty much every distro > https://repology.org/project/qpopper/versions and upstream is dead so there's no hub for communication. And not need to, practice shows. > There likely aren't many eyes on the software by now (I guess for both good and bad reasons) > but it might also very well bite you or users in the end. Until then, it works and let it be. > That being said, all software contains bugs True. The question is, do any of bugs affect particular setup? If not, let it be. > including active projects so it's not like it's a clean cut in terms of security concerns (wordpress) > but you'll likely see issues being adressed and reported when software is more widely available. > If upstream is dead it's very likely that security reports ends up in some package repo, > random hosted fork or such and never finds it way outside of it. There are private networks not exposed to untrusted users or hosts not affected by any security concerns, including one-user-only. No need to break their setups. > Quagga is in a similar position, pfsense seems to point users to frr and there's also other software such as bird/bird2. frr development is Linux-centric and its OSPF implementation has some problems under FreeBSD ignored by developers, it cannot be a replacement (can't tell for bird/bird2). Quagga ospfd/bgpd work fine, let it be. > According to https://www.orafaq.com/wiki/Oracle_8 Oracle 8 support ended 20 years ago, > it's also marked as i386 only so its days are counted. This is userland library and we have no plans to eliminate userland i386 support yet. No alternatives, also. > Nothing is stopping people to use an overlay but not everything needs to be in or rather stay the "public" repo forever. Not forever. While it works fine. Eugene