On Thu, Aug 21, 2014 at 04:19:17PM +0200, Haïkel wrote:
> > (c) An orphaned package is not necessarily a risk ("security" has been
> > mentioned here ...). Just because it might be a risk on rare
> > occasions doesn't mean we have to throw out every orphaned package.
> > Security bugs can sit around in non-orphaned packages too.
> You're right, but filtering packages that we could safely keep or not
> would require manual filtering (though it could be partly automated)
> We don't have enough manpower for that, unless a group wants to make a
> counter-proposal, I don't see a better way to solve that issue.
Could we move these to an "at your own risk" separate repository rather than
deleting them, except for when we know that there's a critical security
issue?
--
Matthew Miller
<mattdm@xxxxxxxxxxxxxxxxx>
Fedora Project Leader
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
