On 16.6.2020 20:22, Gerald Henriksen wrote:
Given the number of cases of evil people getting access to computer systems, and the fallout of said attacks, any package left on a system after it no longer is being maintained is not only broken but a security risk.
Unless the process and the approach of "If it builds let's ship it" has not been changed over the years then the end user might be getting a package that is not actually being maintained in the distribution thus already is a security risk ( without it being flagged retired ) to begin with so arguably that problem needs to be solved first or at the same time as this.
I think people first need to establish what perception and thus meaning people put in the words retired,broken,maintained etc. before the proper course of action can be taken.
JBG _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
