Package requests wishlist - pine
Rex Dieter
rdieter at math.unl.edu
Wed Jul 14 12:37:01 UTC 2004
On Tue, 13 Jul 2004, Peter Jones wrote:
> On Tue, 2004-07-13 at 14:00 -0500, Rex Dieter wrote:
>
>> The point I wanted to make is this: What is *redhat/fedora*'s
>> definition of Open Source? I have yet to see any authoritative
>> reference. Until I see one, I would argue that there exists enough
>> ambiguity to include pine. For example, UW's site claims pine is
>> opensource.
>
> It doesn't matter which licenses are or aren't "open source".
To this discussion, it most certainly does matter. If pine doesn't meet
the definition of "open source", then it's inclusion in Extras can
certainly be rejected without further comment.
> If there's a security problem, what would we tell the users? "Remove
> the package until there's a fixed one, which oh by the way we don't have
> any clue as to an ETA for"?
It's not nearly as bad as you make it out.
You just wait for upstream fixes. Maybe, oh maybe, you (or I as packager)
could even join pine's mailing lists, and be able to know the development
progress of bugs/fixes. I'd bet you can't tell me there currently exists
no packages in Fedora Core/Extras that doesn't have to wait to upstream
fixes.
> If we need to patch it to do mailbox locking the One True Fedora Way,
> what do we do? We can't fix it, and so it'll be the one mail client
> that corrupts mailboxes. Users love corrupted mailboxes.
Ditto as before. Report bug upstream. Wait for fix. The ball would be
in the pine developers' hands. There is a reason there exists an UPSTREAM
keyword in bugzilla.fedora.us you know.
> I'd say the possibility of any of these scenarios puts any package with
> this kind of license well past "unmaintainable".
I disagree. I would argue that having to wait for upstream fixes
certainly does *not* imply a package in unmaintainable.
-- Rex
More information about the fedora-devel-list
mailing list