Re: Is subversion safe to use?

On Nov 26, 2004, at 4:35 PM, Ben Collins-Sussman wrote:

> For dev@ folks not reading the users@ list, it looks like David
> Summers' RPMS are bogus. David, maybe you should fix them, rebuild
> them? Maybe we should take down the link from our downloads page?
>

Okay, so maxb's analysis is that David Summers' svn 1.1 RPMS were
statically linking against BDB 4.0, but the user's previous 1.0.9 RPMs
(whereever they came from) were statically linking against BDB 4.2...

This makes me ponder two different things:

1. Maybe package maintainers should clearly label (or even warn) which
version of of BDB they're using, since changing BDB versions can so
easily wreak havoc on unsuspecting users?

2. a separate question -- and this is nothing against David or any
other packager -- I wonder if our downloads page shouldn't make it
really, really clear that

     A. the Subversion project only "officially" tests and releases
sourceballs
     B. every link we provide is to volunteer-produced packages.

This is on my mind lately, because whenever someone has a problem with
a binary package (for any OS) the first thing they say is, "but I'm
using the official package from the Subversion site!" There's this
common misunderstanding that keeps coming up. A lot of users think
that if they follow and install those links, then nothing can possibly
go wrong because they've all been thoroughly tested and blessed. We
need to make it clear that we're providing those links merely as a
convenience, don't you think?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Nov 27 04:52:29 2004