Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> On the other hand, maintainers can and have inserted (accidentally or not) vulnerabilities in software,

Such maintainer will be kicked off from distribution.

> and ignore developer wishes (like "please stop distributing this ancient unmaintained software without this warning that says it is ancient and unmaintained")

Developer wishes are developer wishes. User wishes are more important. If package has a maintainer, then it IS maintained.

You can use any distribution developed by developers (do you know any?) if you dislike maintained distributions and share experience with us.



> Such maintainer will be kicked off from distribution.

ORLY? What's Kurt Roeckx[0] up to these days? Oh right, he's the Debian Project secretary, despite famously crippling RNG in OpenSSL.

> Developer wishes are developer wishes. User wishes are more important.

You mean like the wish to get up to date software directly from the developer without waiting for some third-party middleman to get around to updating the repo?

> You can use any distribution developed by developers (do you know any?) if you dislike maintained distributions and share experience with us.

Such a beast doesn't seem to exist in the Linux world, so I just don't use Linux. Linux Desktop's abysmally low market share may or may not be related.

[0] To be fair to Kurt, he wasn't the only one who didn't see a problem removing those lines and he did ask around first. It is an understandable mistake and I don't mean to crucify him.


> Such maintainer will be kicked off from distribution.

Debian did this, they said oops and moved on. Packagers suck as developers, they apply patches they don't fully understand to solve problems they don't understand on codebases they don't understand.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: