Re: Fedora 33 System-Wide Change proposal: Fedora-Retired-Packages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Kamil Paral píše v Út 16. 06. 2020 v 14:21 +0200:
> On Tue, Jun 16, 2020 at 12:25 PM Kevin Kofler <kevin.kofler@xxxxxxxxx
> > wrote:
> > Kamil Paral wrote:
> > > I'll not talk about implementation, there are more suitable
> > people for
> > > that here. But I'll voice my opinion that automatically retiring
> > software
> > > from Fedora users' computers is a sane and proper thing to do. If
> > a
> > > package is removed from Fedora, it should also be removed from
> > users
> > > computers (during FN+1 upgrade). Of course, we should allow users
> > to keep
> > > it, if they want it. But the default process should happen
> > automatically,
> > > and users should opt-out of automatic retiring, instead of opt-
> > in. Only
> > > this way we can build a secure and reliable operating system.
> > > 
> > > If only power users can opt-out from retiring a package (e.g. by
> > editing
> > > dnf.conf), I don't think that's a problem. Because even though
> > general
> > > users will of course be unhappy when an application they use get
> > > permanently removed during system upgrade, they will be even more
> > unhappy
> > > when their system suddenly breaks in the future, either by
> > unresolved
> > > dependencies, or when the retired app/library causes the system
> > to not
> > > boot or breaks the desktop, because nobody at that points expects
> > and
> > > tests those software interactions. A general user can resolve a
> > missing
> > > app, but they can't resolve a broken OS. If they want to deviate
> > from the
> > > system we provide, it's reasonable to ask them to have certain
> > technical
> > > knowledge, instead of allowing them to shoot themselves in the
> > foot (even
> > > unknowingly, by not doing automatic retirement).
> > 
> > I cannot agree with these statements. I think removing working
> > software from 
> 
> You can't say whether it's working, because it has been retired in
> Fedora, it has no maintainer, no testing, no security updates or bug
> fixes.

+1
Any software which doesn't get maintenance at least on the security
level should be considered by any responsible software provider as
broken these days.

I'd also add that it creates confusion among users. I often read
questions on forums like: "I've got a package XY on my computer with
Fedora 32 upgraded from a previous version, but I cannot install the
same package on a freshly installed Fedora 32. Why?"

Jiri
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux