[Mageia-dev] push java-1.7.0-openjdk
Guillaume Rousse
guillomovitch at gmail.com
Sat Apr 21 16:04:09 CEST 2012
Le 21/04/2012 14:12, D.Morgan a écrit :
> On Sat, Apr 21, 2012 at 2:03 PM, Guillaume Rousse
> <guillomovitch at gmail.com> wrote:
>> Le 21/04/2012 13:44, D.Morgan a écrit :
>>
>>>> Thanks for taking care of the tomcats too. tomcat5 just needs patched
>>>> for the
>>>> last two CVEs, and it'll be good to go.
>>>>
>>>
>>> yes as told i will do :) tomcat5 is the first on my todo ;)
>>
>> Do we really need to have 3 different tomcat versions in the distribution
>> (5, 6 and 7) given the relatively high maintainance cost ? I'd rather drop
>> tomcat 5 than continue to have it on the list of blocker bugs before every
>> release.
>
> this is planned for mga3 when we will have ported all packages needing
> tomcat5 to use a newer version.
I'd rather first have the same interrogation for those packages before
investing any manpower in porting them: do we really need all of them in
the distribution ?
For instance, struts12 is a deprecated version of struts, dating from
2005, whereas current major version is 2.3. tiles20 is a deprecated
version of tiles, whose current version is 2.2.2. Etc...
I would have nothing againt those gazillion packages being present in
the distribution if their had no side-effect for the rest of the world
not using them. However, they do, when they involves release-blockers
bugs. And given you're almost the only guy working on the java stack,
I'd personnaly prefer to have you working on real issues affecting end
users (for instance #2516 and #2517) than fixing security issues for
softwares very unlikely to be used at all...
My point is that we could achieve better results with more focused
objectives in this regard.
--
BOFH excuse #103:
operators on strike due to broken coffee machine
More information about the Mageia-dev
mailing list