On 1/9/20 12:56 PM, Thorsten Kukuk wrote:
On Thu, Jan 09, Adam Majer wrote:
I find it somewhat amusing how when someone mentions "EOL" and "unmaintained", then it suddenly becomes a semi-dogmatic emergency to remove anything and everything that is using this so called "EOL" and "unmaintained" code... while at the same time, we have all licenses that state "DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE"
Because legally, there is a big difference if you ship something with a big security problem you are not aware of compared to shipping something with a security problem you are aware of. In the second case, all this disclaimers don't help you at all.
Maybe, not sure. But EOL upstream does not imply "big security hole". And even with security issues, we (or almost anyone) doesn't stop shipping of distributions because some component has an issue. This is true in OSS as well as closed software world. Anyway, back to reality, if python2 ends up with future security issues, we can deal with it at the time instead of now. - Adam -- Adam Majer - amajer@suse.de SUSE Software Solutions Germany GmbH HRB 36809 (AG Nürnberg), GF: Felix Imendörffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org