[Bug 1159041] New: Leap 15.2 drop requests
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 Bug ID: 1159041 Summary: Leap 15.2 drop requests Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: christophe@krop.fr Reporter: lnussel@suse.com QA Contact: qa-bugs@suse.de CC: lubos.kocman@suse.com, mlin@suse.com Found By: --- Blocker: --- Hey Christophe! thanks for your efforts to take care of Leap. I see you filed a bunch of drop requests for things you consider obsolete. Please keep in mind that 15.2 is a service pack level upgrade. In general the version of the distribution must be considered 15. Users do not expect stuff to break when upgrading between minor version. So just as we try hard to not take away programs from people via maintenance we shouldn't do that in service packs either. The fact that we can do technically should be the exception not the rule. So not maintained upstream anymore or dropped from Factory is not a reason for the Leap 15 series to drop a package. As long as the software works we need to keep it. If the software in question never worked we can just as well get rid of it of course. So I need your confirmation on the following packages on whether they are just dropped for being unmaintained or linking against qt4, or they are actually broken ie unusable: H2rename Qross fate (fate is still used by some departments in SUSE AFAIK) jovie kaccessible kate4-parts kdesdk4-scripts keepassx kepas klinkstatus konsole4-part kpassgen kppp kremotecontrol kuser kvkbd kvpnc libjreen libkdegames4 libkqoauth python-pyside python-pyside-tools tomahawk The following look fine as they are replaced by other bits: jag-level-editor qgo Also, any dropped or replaced packaged should be mentioned in the release notes at https://github.com/openSUSE/release-notes-openSUSE/tree/Leap_15.2/xml -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c1 --- Comment #1 from Christophe Giboudeaux <christophe@krop.fr> --- There's a bigger concern than software being abandoned: Qt4 and KDE4 don't receive security fixes anymore. Both already have security issues and that's a sufficient reason for dropping as much obsolete packages as possible. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c2 --- Comment #2 from Christophe Giboudeaux <christophe@krop.fr> --- I also added some notes to some requests. Here are more information:
jovie kaccessible Replaced by the Qt5 accessibility module
kvkbd plasma5 has a virtual keybord functionality
keepassx kpassgen
keepassxc should be preferred Abandoned security applications mean they're dangerous for users.
kdesdk4-scripts Replaced by its KF5 package
kuser systemsettings5 has a user configuration module (the yast module shall be preferred for user management IMO)
kppp kvpnc networkmanager is the modern way to set up connections
libkdegames4 No use without kdegames4 (long gone)
kate4-parts konsole4-part These are only kparts, not applications.
kepas Last release 11 years ago... KDE Frameworks5 contain a DNSSD module.
libkqoauth This only supports Oauth 1.0. Afaik, this is not considered secured (and I'm not sure many services are still using this version)
klinkstatus Can be replaced by linkchecker (which has an update in factory not submitted to leap)
python-pyside python-pyside-tools No user in Leap. pyside2 is available.
Qross Bindings for kross which was mostly only useful to koffice (long gone).
libjreen No user in Leap except old tomahawk releases. The Leap 15.2 tomahawk package uses libjreen-qt5
tomahawk No activity upstream, half dead website. You can keep it if you really want obsolete programs.
H2rename Leap 15.2 has krename (Qt5 based)
kremotecontrol No idea if that still works (or if it ever worked)
fate (fate is still used by some departments in SUSE AFAIK) Interestingly, the maintainers still didn't delete the broken _link in the devel project.
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c3 Fabian Vogt <fabian@ritter-vogt.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fabian@ritter-vogt.de --- Comment #3 from Fabian Vogt <fabian@ritter-vogt.de> --- There was a Qt 5 version of tomahawk in oS:F (and KDE:Extra) for a while. I don't remember any user feedback, neither about the sudden version update to git master nor about it being dropped later. To get rid of the Qt 4 dep, updating makes sense, but that might give the illusion of it being maintained. It's also completely untested. I undeleted the package (temporarily) for reference: KDE:Extra/tomahawk -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c4 Wolfgang Bauer <wbauer@tmo.at> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |wbauer@tmo.at --- Comment #4 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Christophe Giboudeaux from comment #2)
kuser systemsettings5 has a user configuration module (the yast module shall be preferred for user management IMO)
Yes, this was superseeded in Plasma5 by kde-user-manager. Could be dropped without any consequence AFAIK.
libkdegames4 No use without kdegames4 (long gone)
Actually was still needed for some KDE games (lskat e.g.) in earlier Leap releases, but all of them have been ported to KF5 by now. Not going to be missed.
kate4-parts konsole4-part These are only kparts, not applications.
Yes, but if they are going to be dropped, we need to upgrade kile to the KF5 version as well. (which is still beta, but should be stable enough, I suppose)
kremotecontrol No idea if that still works (or if it ever worked)
It certainly worked in KDE4 times (I used it long ago), but probably not anymore in a Plasma5 environment... For the others, I cannot say anything. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c5 --- Comment #5 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Wolfgang Bauer from comment #4)
For the others, I cannot say anything.
I probably should add that I fully agree with those: (In reply to Christophe Giboudeaux from comment #2)
jovie kaccessible Replaced by the Qt5 accessibility module
kvkbd plasma5 has a virtual keybord functionality
kdesdk4-scripts Replaced by its KF5 package
kppp kvpnc networkmanager is the modern way to set up connections
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c6 --- Comment #6 from Christophe Giboudeaux <christophe@krop.fr> --- (In reply to Wolfgang Bauer from comment #4)
Yes, but if they are going to be dropped, we need to upgrade kile to the KF5 version as well. (which is still beta, but should be stable enough, I suppose)
Accepted 2 days ago -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c7 --- Comment #7 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Christophe Giboudeaux from comment #6)
(In reply to Wolfgang Bauer from comment #4)
Yes, but if they are going to be dropped, we need to upgrade kile to the KF5 version as well. (which is still beta, but should be stable enough, I suppose)
Accepted 2 days ago
Good. We can drop kile5 then though. DR filed: https://build.opensuse.org/request/show/755941 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c8 --- Comment #8 from Ludwig Nussel <lnussel@suse.com> --- Wait, will we have the final kile 5 (non Beta) version until March next year? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c9 --- Comment #9 from Ludwig Nussel <lnussel@suse.com> --- I tried H2rename, kepas, tomahawk, klinkstatus, kppp, vpnc, keepassx, kpassgen. All of them at least launch. So unless there are bug reports that those are not working I see no reason take them away. I'd agree to drop jovie kaccessible kate4-parts kdesdk4-scripts konsole4-part kuser kvkbd libkdegames4 Could you please add them to the list of dropped packages to https://github.com/openSUSE/release-notes-openSUSE/blob/Leap_15.2/xml/releas... ? Feel free to add the other to the list of deprecated packages so users know they will go away in the future. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c10 --- Comment #10 from Christophe Giboudeaux <christophe@krop.fr> --- That's a poor reasoning. KDE3 applications would still start but noone would think about shipping these applications in any product. Security is a reason for removing software. SUSE is free to sell insecure software to its customers, but I don't want to ship insecure software to openSUSE users. If you need an example, CVE-2019-7443 affects kdelibs4 and will not be fixed upstream. (kdelibs is not maintained anymore since august 2017 and Qt4 is unmaintained since may 2015...) -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c11 --- Comment #11 from Max Lin <mlin@suse.com> --- I afraid we need to add one more to the list, gstreamer-plugins-qt - since gstreamer stack update came to Leap, gstreamer-plugins-qt is simply just build failed https://build.opensuse.org/package/show/openSUSE:Leap:15.2:Staging:C/gstream... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c12 --- Comment #12 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Max Lin from comment #11)
I afraid we need to add one more to the list, gstreamer-plugins-qt - since gstreamer stack update came to Leap, gstreamer-plugins-qt is simply just build failed https://build.opensuse.org/package/show/openSUSE:Leap:15.2:Staging:C/ gstreamer-plugins-qt
KDE:Qt5 would have a fix for that, but it has been dropped from Factory already. If it's going to be dropped in Leap too, ktp-call-ui would need to be dropped too as it depends on it. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c13 --- Comment #13 from Max Lin <mlin@suse.com> --- (In reply to Wolfgang Bauer from comment #12)
(In reply to Max Lin from comment #11)
I afraid we need to add one more to the list, gstreamer-plugins-qt - since gstreamer stack update came to Leap, gstreamer-plugins-qt is simply just build failed https://build.opensuse.org/package/show/openSUSE:Leap:15.2:Staging:C/ gstreamer-plugins-qt
KDE:Qt5 would have a fix for that, but it has been dropped from Factory already.
If it's going to be dropped in Leap too, ktp-call-ui would need to be dropped too as it depends on it.
hmm... you mean gstreamer-plugins-qt or gstreamer-plugins-qt5? gstreamer-plugins-qt here is based on Qt4/KDE4. We have gstreamer-plugins-qt5 in Leap also though. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c14 --- Comment #14 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Max Lin from comment #13)
hmm... you mean gstreamer-plugins-qt or gstreamer-plugins-qt5? gstreamer-plugins-qt here is based on Qt4/KDE4. We have gstreamer-plugins-qt5 in Leap also though. I thought it was about gstreamer-plugins-qt5, sorry.
I don't think anything in the distribution still uses the Qt4 version though, so it should be fine to go. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c15 Max Lin <mlin@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1159430 --- Comment #15 from Max Lin <mlin@suse.com> --- I'd say https://bugzilla.opensuse.org/show_bug.cgi?id=1159430 is related. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c16 --- Comment #16 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Max Lin from comment #15)
I'd say https://bugzilla.opensuse.org/show_bug.cgi?id=1159430 is related.
No. That's a file conflict between phonon-backend-gstreamer and phonon4qt5-backend-gstreamer, and has nothing to do with gstreamer-plugins-qt (phonon doesn't use that). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c17 --- Comment #17 from Max Lin <mlin@suse.com> --- (In reply to Wolfgang Bauer from comment #16)
(In reply to Max Lin from comment #15)
I'd say https://bugzilla.opensuse.org/show_bug.cgi?id=1159430 is related.
No. That's a file conflict between phonon-backend-gstreamer and phonon4qt5-backend-gstreamer, and has nothing to do with gstreamer-plugins-qt (phonon doesn't use that).
yes, I think I making you misunderstand, sorry about that. The file conflict between phonon-backend-gstreamer and phonon4qt5-backend-gstreamer I thought was related here is because we probably have to drop phonon-backend-gstreamer which matches this bug's subject - add old phonon* to drop candidate list :) -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c18 --- Comment #18 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Max Lin from comment #17)
(In reply to Wolfgang Bauer from comment #16)
(In reply to Max Lin from comment #15)
I'd say https://bugzilla.opensuse.org/show_bug.cgi?id=1159430 is related.
No. That's a file conflict between phonon-backend-gstreamer and phonon4qt5-backend-gstreamer, and has nothing to do with gstreamer-plugins-qt (phonon doesn't use that).
yes, I think I making you misunderstand, sorry about that. Indeed, I thought you were referring to gstreamer-plugins-qt.
The file conflict between phonon-backend-gstreamer and phonon4qt5-backend-gstreamer I thought was related here is because we probably have to drop phonon-backend-gstreamer which matches this bug's subject - add old phonon* to drop candidate list :) Dropping the old phonon* (the Qt4 version) would mean dropping kdelibs4 completely as a consequence too.
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1159041 http://bugzilla.opensuse.org/show_bug.cgi?id=1159041#c28 --- Comment #28 from OBSbugzilla Bot <bwiedemann+obsbugzillabot@suse.com> --- This is an autogenerated message for OBS integration: This bug (1159041) was mentioned in https://build.opensuse.org/request/show/976384 15.4 / release-notes-openSUSE -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com -
bugzilla_noreply@suse.com