[OpenIndiana-discuss] How many versions of libs/apps should OI provide?

Bob Friesenhahn bfriesen at simple.dallas.tx.us
Thu Dec 22 19:53:10 UTC 2016


On Thu, 22 Dec 2016, Peter Tribble wrote:
>
> I thoroughly dislike the "stable" approach of backporting patches to 
> older versions. In my experience this ends up being expensive to 
> maintain compared to just building current, ties you up in knots 
> because other things require newer versions, and give you bigger and 
> harder jumps (and more breakage) when you finally do upgrade.

There is also the problem is that the available patches do not 
represent all of the fixes available in the latest release.  This is 
particularly true in recent years where the developer has access to 
much better tools (e.g. valgrind, ASAN, Fuzzy LOP, Coverity, and 
improved compiler warnings/lint) to discover problems and validate the 
software and these tools were not available when the older versions 
were developed.

Distributions like Debian only create patches for issues given a CVE 
and thoroughly ignore other known issues and the many issues which 
were silently fixed by the package developer.

Bob
-- 
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/



More information about the openindiana-discuss mailing list