On 17/08/14 05:52 AM, Evgeniy Alekseev wrote:
In my opinion TUs should *always* check a package under request. If sources are no longer available anywhere (such as for some of *berlios.de projects) it can be removed. If the package has not maintainer and if it has a few votes it can be removed too (since seems it is not interesting to anyone). As for me I don't think that we should remove useful packages even its upstream has no activity (if it is not broken of course).
If it has known vulnerabilities, then I think it's a different story.
However, we should probably start dealing with dead / poorly maintained projects in [extra] and [community] with known security holes before applying it as a standard for AUR packages...