On Thu, Apr 06, 2017 at 12:53:01AM +0000, brian m. carlson wrote: > > It would be great to have them on-list, as far as I can tell they were > > never submitted? Is there some time/administrative reason for why > > you're not submitting them? Some of these are many years old, it would > > be great to have them on-list for wider review & included so vanilla > > git works on these platforms. > > I'm very opposed to accepting patches for operating systems that are no > longer security supported. Having insecure systems directly or > indirectly connected to the Internet is a very bad thing, and we > shouldn't make it easier for people who want to do that.
Hmm. I'm not sure whether I agree with that or not. I certainly wouldn't want to _encourage_ people to use ancient unpatched systems. But I'm also not entirely comfortable passing judgements on people's OS choices. Security isn't a discrete variable, and there are lots of situations where it makes sense to stick with an old, unpatched system because the risk of changing it outweighs the risk of it being attacked (think mission-critical systems sitting behind firewalls). That said, I don't mind the argument "even the people who made this OS are no longer supporting it; why should we?". And the response from Todd seems to reinforce that. And it's not like people on ancient mission-critical systems get cut off. They can still run the version of Git they were running when their OS went out of support. -Peff
