Package updates

[Dagobert Michelsen]

Hi Yuri,

> Am 06.02.2015 um 19:16 schrieb Yuri Voinov <yvoinov at gmail.com>:
> 
> Somebody is going to update packages on time?
> 
> Openssl is two releases old, c-icap is 5 releases old....
> 
> Guys, are you crazy?
> 
> You come to lead this repository - so be kind even to update it in a
> timely manner!
> 
> Why I must build all critical software from sources?
> 
> Maintainers ignores e-mails, are you all there died ?!
> 
> If you are died - just tell us about it! We will build all soft from
> sources!
> 
> This is very bad work. Year to update OpenSSL - is unacceptably!
> 
> Weeks to update ClamAV - is unacceptably!
> Updates is mature as elephant bullshit - from years and older. Are your
> serious?

This answer is a little longer, also because I think your attitude in the
post has a connection to the recent Werner Koch story [1]. It is because
people take things for granted, that „somebody“ does the work and offers
it for free and then people start demanding and complaining instead of
joining the project and fix the stuff they complained about.

Your post is not the first one like this we got so the issues you raise
are certainly valid.

Let me tell you a story: a customer watched over my shoulder when I was doing
some package updates for OpenCSW some time ago and asked me why it would
be necessary nowadays to build packages on my own when there is OpenCSW.
It never came to his mind that someone actually has to do the work of
making it compile and building the package. It would be easier for
me to just build the packages for myself, not share my patches, not
contribute them upstream. So why am I making the packages public?
Make the build recipes public? Contribute the patches and offer
upstream accounts so they can check for Solaris compatibility?
One reason for me is to give something back to the community whom
I profited much both in terms of tools and skills. The other reason
is because in a packaging project I don’t need to build the world,
but only a part of it. So I think both you and the rest of Solaris
users would benefit when you would join the project and fix the
things you complain about. I know from the conversations with you
that you are also working with upstream and contributing in that way,
so I hope not to be too far off.

However, I do feel personally hurt by your post, not because I maintain
any of the packages you complained about or haven’t answered any of
your emails, but because you imply that we are not updating the
packages because we are lazy or dumb or both. This is not the case.
But we all are working less often with Solaris and maintainers
who actively used their packages are no longer using Solaris at
their work and update the packages purely for fun in their freetime.
In the past I took over orphaned packages and have now a package
count of over 1300 which I definitely can’t manage with the quality
I would like to offer. Personally I only update packages when I
need it for a customer or someone kindly asks for it (like you did
in the past for Squid which I updated for you, remember?).

So again, to all users on this mailing list: if your favority package
is not updated, join the project and update it. If your favorite
packaging system is not offered, join the project and build it.
Complaining will fix exactly 0% of the issues you complained about,
but is much easier than fixing the issues.


Thank you for your time — Dago


[1] http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke

-- 
"You don't become great by trying to be great, you become great by wanting to do something,
and then doing it so hard that you become great in the process." - xkcd #896

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2418 bytes
Desc: not available
URL: <http://lists.opencsw.org/pipermail/users/attachments/20150206/cf1e4708/attachment.p7s>