[Nix-dev] Re: OpenSSL dowgrade summary
Peter Simons
simons at cryp.to
Wed Apr 28 19:35:04 CEST 2010
Hi Marc,
> Today Lluís Batlle dowgraded OpenSSL because some packages don't
> compile yet and Sander found that 1.0.0 might be a bigger change than
> expected.
this surprises me because ArchLinux has been shipping OpenSSL 1.0.0 for
almost a month.
> Those packages I found which don't compile are: mutt, php, nmap. Also
> Sander told that KDE doesn't compile.
Wouldn't it be possible to build those packages with OpenSSL 0.9.8n and
everything else with the latest version? I suppose Nix is the kind of
system that can do that.
> [trunk] broke again. It will break again. I still vote for
> - git
Personally, I like Git a lot, so I'd be all for switching. However, I
don't see how using Git instead of SVN would have had an impact on that
particular situation. The version control system doesn't prevent
breakage -- *testing* does.
> - having a stable branch which is updated only once a week
> (exception security fixes)
Assuming that everyone who commits to trunk is (a) somewhat careful and
(b) responsive to problems that might occur, I don't see a problem with
the current mode of operation. The problems we've had with your recent
commits weren't caused by the organization of the repository, IMHO, they
occurred because you were uncareful and inresponsive.
Take care,
Peter
More information about the nix-dev
mailing list