[aur-requests] [PRQ#18988] Orphan Request for ungoogled-chromium
malcolm [1] filed an orphan request for ungoogled-chromium [2]: This user is not keeping the package up-to-date as it should. Since it's a browser, it always needs to be up-to-date because of security fixes. [1] https://aur.archlinux.org/account/malcolm/ [2] https://aur.archlinux.org/pkgbase/ungoogled-chromium/
I am not sure I know what I "should" do according to you. This package is used by many people and I have always tried, and still trying, to keep it both as close to the upstream releases as possible and up to date. As I have always stated I wait for upstream releases, though ungoogled-chromium archlinux releated repository is in bit confused state of versioning, and test if the new release builds and works with archlinux official patchset released on ungoogle-chromium- archlinux. You may not know but it often does not. As I recently stated, if the needed fix is minor I include it in the PKGBUILD to let all you user build the new verion, but if it's something that needs quite a bit of modifications I wait for upstream fixes and updates to keep it as "official" as possible. Please note that I do this for the sole purpose of keeping the package clean and faithful to the upstream version and specifically because it is used by many people who intend to use ungoogled-chromium as upstream developed, not my version of it. I am perfetly aware the the PKGBUILD has been out of date for weeks but you should know that archlinux patchset is in a broken state and build fails with new version of ungoogled-chromium. Of course I could patch it myself but not only it requires more than a few modifications, but it is also something I do not think should be done for the reasons I espressed here and in previous statements. As of now there is an open pull request on github repo that fixes the build (patching actually) issue and I was waiting for it to be merged. Last note: I could always update the PKGBUILD as soon as a new ungoogled-chromium release come out (without waiting for the archlinux patchset to being updated) but you would get a broken package more than half of the times. It is my understanding that most of the userbase would rather have ungoogled-chromium properly packaged on archlinux and faithful to the official releases, rather than something that can easily become a confused patchwork with a somewhat different approach and patching scheme from upstream. Hope my positions and reasons are clear and agreable on. If not, and most users prefer a different approach feel free to explain it, maybe before abruptly submitting an orphan request with no prior discussion (I could have just orphaned it myself if many useres wanted me to), and I would have no problems at all in leaving the maintaing to someone else. Regards, Seppia On Wed, 2020-04-22 at 14:19 +0000, notify@aur.archlinux.org wrote:
malcolm [1] filed an orphan request for ungoogled-chromium [2]:
This user is not keeping the package up-to-date as it should. Since it's a browser, it always needs to be up-to-date because of security fixes.
[1] https://aur.archlinux.org/account/malcolm/ [2] https://aur.archlinux.org/pkgbase/ungoogled-chromium/
Request #18988 has been rejected by eschwartz [1]: "It's a browser therefore special" is not a valid argument. This package will continue to follow the rules of every other package. This package was flagged out of date a mere 11 days ago; on principle I'm skeptical that the maintainer is truly inactive, especially as the package had been updated 2 days before the flag date. In such cases, with an extremely active maintainer, orphan requests will almost certainly be rejected unless you can provide additional reasons above and beyond "it was flagged out of date a few days ago". ... And also, as it happens, the maintainer has responded with a lengthy, thoughtful response detailing why the package is out of date -- to wit, it's been attempted but does not build, therefore per definition it cannot be updated and it would be a rules violation to knowingly update it into a broken state. We do NOT blindly accept orphan requests, we are third-party arbitration and our job is to perform dispute resolution (and sometimes to moderate packages which violate the rules of submission). If you are in doubt whether an orphan request will be accepted, it never hurts to ask in the package comments before escalating to an orphan request. If the maintainer is active, they might have a compelling rationale for why they are doing things the way they are. If they don't respond, then, well, that's useful info for making a case that the package should be orphaned. :) [1] https://aur.archlinux.org/account/eschwartz/
participants (2)
-
notify@aur.archlinux.org
-
Salvatore Bellizzi