On Wednesday February 1 2017 22:16:50 Ben Cooksley wrote:

>We'd still have to keep the software running, and up to date (to avoid
>it becoming a security risk).

Running yes, but if log-in is disabled at the core and not linked to the 
central LDAP service or whatever it is you use, what significant security risk 
could it pose?
I don't have the impression the software has been upgraded that frequently but 
I haven't been monitoring that either.

>I'd prefer to optimise our resources towards keeping what we are
>actively using in the best condition, rather than having to remain
>concerned with keeping legacy systems running for purely archival
>purposes.
>
>We have a significant amount of systems already (and associated
>technical debt in some instances). Let's not make the problem any
>worse please.

I guess it depends on the importance you attach on being able to retrieve 
things from revision and review histories. That's not to say it should be kept 
around online forever, but I'd say 2 years is a reasonable time to keep 
providing read-only access before archiving and taking everything offline for 
good.
I'd offer to help during that period but without any experience with the 
associated kind of sysadminship I'm not convinced that would be of much value.

I take it you investigated whether there is any existing way to transfer 
existing records from ReviewBoard to Phabricator? That would make the whole 
issue moot.

R.

Reply via email to