Subject: Re: security fixes and 1.6 branch of pkgsrc
To: None <tech-pkg@netbsd.org>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: tech-pkg
Date: 01/12/2003 16:17:07
On Tue, Jan 07, 2003 at 12:00:05PM +0100, Feico Dillema wrote:
> My primary interest for the 1.6 branch is for our server that runs a
> limited set of services and has a limited set of packages installed,
> that are basically maintained under the motto: "if it ain't broken
> don't fix it". I am rarely interested in 'upgrading' to a new release
> of a package unless it is for security reasons and serious bugs. For
> my desktop machines I don't mind running the risk of a long update
> process and temporary loss of installed packages too much (if emacs is
> not there, there's always vi, right?). But for public or shared
> services/servers you want to minimize downtime and maintenance time.

Another reason is binary packages. The policy is that binary packages
available from ftp are built from the 1.6 branch, and I think this policy
is the right one. Making binary packages from current pkgsrc has some
problems:
1) it's hard to have the same set of packages available for all platforms
  (because of build time)
2) it's hard to retrieve the pkgsrc from which the binaries have been built
3) it's probably a bad thing to have the binary packages available from
   ftp move as much as pkgsrc does.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 23 ans d'experience feront toujours la difference
--