On Mon, Sep 05, 2016 at 10:20:36AM +0200, Ludovic Courtès wrote: > Hi! > > Leo Famulari <l...@famulari.name> skribis: > > > > > Do we have any guidelines about "retiring" packages? > > Not yet! > > Of course there’s a fine line here: we cannot systematically retire > packages “just” because they have bugs (all of them do ;-)). So we have > to be cautious. In this case, it can be considered a serious bug in the > package’s core functionality, *and* there’s a fix provided by a fork, so > I see no obstacle in removing it. > > What do people think? > > Thanks, > Ludo’. >
I think it makes sense to change the description that this package is slated for eventual removal. Another example is pinentry. We now have 4 pinentry packages, and the original pinentry package just points to pinentry-gtk. I think it would make sense in that case to change the description to something like `the pinentry package in guix is depreciated, please remove it and install pinentry-gtk to retain the same functinality' or something along those lines. In this case something about attic having serious unpatched flaws, is unmaintained, and that borg is a fork & continuation of it, would be a good change. That might keep new people from installing it, but how would we get people who have already installed it to uninstall it? Or to see the message? -- Efraim Flashner <efr...@flashner.co.il> אפרים פלשנר GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted
signature.asc
Description: PGP signature