[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why [bug#47081] Remove mongodb?

From: Léo Le Bouter
Subject: Re: Why [bug#47081] Remove mongodb?
Date: Wed, 17 Mar 2021 19:16:10 +0100
User-agent: Evolution 3.34.2

On Wed, 2021-03-17 at 18:56 +0100, zimoun wrote:
> AFAIT, 3.4.10 is released under GNU AGPL 3.0 and Apache 2.0.  This
> version had been released before the October 16th, 2018.  Could you
> point which code is non-free?
> IMHO, this claim about non-free code is wrong.  The last versions
> with
> an acceptable license seem 4.0.3 or 4.1.4, I guess.

It's not wrong, look at 2f9132e2e0b1e01398a01a32972e87f45ec2f7a6, we
were shipping 3.4.24 before the removal, not 3.4.10.

> I am not against removing MongoBD.  I am just saying that the removal
> deserves at least a message on guix-devel and maybe a --news entry.
> Other said, it deserves more than 6 days between the “oh there is
> security vulnerabilities” and the full removal.  When one uses a
> version
> from 2017 as 3.4.10 is, one knows that it can have security
> vulnerabilities.
> I am not complaining about the commit itself, but I am complaining by
> the way of doing the thing.

I agree, will do differently in the future, no one mentionned it during
all discussions, but if it was I would've, 3-4 days did not give you
time to comment so I'll wait longer maybe re-re-revert the revert to
restore 3.4.10 instead so we get rid of the non-free code issue. Does
anyone actually use MongoDB on GNU Guix? Some people don't look at
versions or when they were released and just trust GNU Guix.

> All the best,
> simon


Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]