Mayuresh <mayuresh%acm.org@localhost> writes: > On Sat, Mar 05, 2016 at 09:11:21AM -0500, Greg Troxel wrote: >> Putting openssh contrib stuff in base is perhaps controversial (after >> all, upstream recommends that it not be installed by default) > > Curious why they recommend so - because it is contrib (implying possible I was making the infererence: what's in contrib is called contrib it is (almost certainly) not installed by the build system when one does configure/make/make install Essentially I'm saying that by definition, upstream recommends what you get when you do ./configure && make && sudo make install > quality and security issues)? What does it take for such simple yet useful > program to shun that tag and become mainstream. Is it just a matter of > upstream team finding time and inclination for it? And what if say NetBSD > does adequate reviews and adopts such a program despite the contrib tag > upstream? (Just some general philosophical questions, not just about > NetBSD adopting ssh-copy-id or not.) I suspect it's not so much time upstream as it is the eternal question of whether every added piece of code is worth it, in terms of the costs of everybody getting it by default, the costs of security problems, and the benefits. >> If you want to see a package, the easiest path is to make one in >> pkgsrc-wip. Then even if no one imports it, it's usable from there, by >> you, and by everyone else. > > Agree. That can be a good starting point. Once in wip, it may probably > make its way to pkgsrc and slightly less probably (in this case) to base. > Nevertheless it at least becomes available immediately. I don't really see a path from pkgsrc to base, other than that more people may get used to it and think it worthy.
Attachment:
signature.asc
Description: PGP signature