Differences in packages (extra & unsupported)

Thrillhouse · 2007-12-04 18:27:43

I'm wondering if Arch has a policy with regard to package versioning. For example, in the extra repository, there's 3 nessus packages (core, libraries and plugins) with version 2.2.9-1. This version is almost two years old. The AUR has two nessus packages: nessus (which I'm guessing is core) and nessus-client (neither libraries nor plugins) that are the current version (3.0.6) but unsupported. Can we get some consistency here? I'd like to have the client but I wouldn't be able to use it (completely) because there are features in the client which weren't implemented until version 3.0.0 of nessus. And I can't use version 3.0.6 of core because there's no libraries or plugins package, which are imperative. I've flagged the extra packages as out of date and would gladly make/modify the PKGBUILD for 3.0.6 but wouldn't want to hijack the packages from the current maintainer.

I know one of phrakture's goals since being made Arch Overlord was to incorporate some process improvement into Arch and I thought the current process for such scenarios was to put the new package into testing so that at least one other developer could test it before it was updated in extra (or core or whatever). Am I mistaken? If not, shouldn't the 3.0.6 versions of these packages, along with nessus-libraries and nessus-plugins, be in testing?

I bring it up because I'm sure that there are other instances of this out there right now. If one were to do a little digging, I'm sure they could come up with more.

tomk · 2007-12-04 19:43:09

Here's the summary: packages that are already in an official repo, extra in this case, should not be submitted to the AUR. Flagging them out of date, as you have done, is the correct way to request an update. In the meantime, users are of course free to go ahead and update the PKGBUILDs to 3.0.6 for their own use, and they can also be submitted to the arch-general ML, for the maintainer to review. Hijacking the packages is not possible, as only Arch devs have write access to the repos, but we are always happy to receive assistance from the community.

The current signoff procedure applies to Core repo packages only for the moment.

Thrillhouse · 2007-12-04 20:01:50

So, in this case, the mess-up occurred when 3.0.6 was added to the AUR? The proper procedure would have been to flag the package in extra?

If that's the case, what happens when a Developer leaves Arch? Does somebody inherit their packages or do they get abandoned until another Developer picks them up?

Also, considering the nessus-client is a new feature as of version 3.0, does the Developer automatically assume the burden of maintaining that package when his original nessus packages are updated? I realize the user assumes a certain degree of risk when installing things from the AUR but he/she wouldn't have to resort to that if the latest version of the package was in the official repos.

Last edited by Thrillhouse (2007-12-04 20:05:14)

dolby · 2007-12-04 20:28:41

as long as the packages in unsupported dont have the same pkgname as the ones in extra theres no mess up. users are responsible for what they install on their systems. if they installed a package from unsupported and fucked up their system thats their fault.[1]
If a dev leaves then his packages get adopted by others devs or if they are not critical move to communty or even unsupported.

[1]: Notice the "Be careful! The above files may contain malicious code that can damage your system." message

tomk · 2007-12-04 21:11:24

If nessus-client is a new feature, you can post a feature request in the bugtracker. This will be assigned to the maintainer.

Arch Linux

#1 2007-12-04 18:27:43

Differences in packages (extra & unsupported)

#2 2007-12-04 19:43:09

Re: Differences in packages (extra & unsupported)

#3 2007-12-04 20:01:50

Re: Differences in packages (extra & unsupported)

#4 2007-12-04 20:28:41

Re: Differences in packages (extra & unsupported)

#5 2007-12-04 21:11:24

Re: Differences in packages (extra & unsupported)

Board footer