[racket] revoking PLaneT packages?
Danny Yoo wrote at 10/26/2010 09:50 PM:
> Is there a procedure ready for revoking old PLaneT packages? Some of my packages are obsolete or dead enough that I'd like to disable them from being served by PLaneT, or at the very least, I'd like PLaneT to warn the user that the package is dead. Is there a standard procedure for doing marking a PLaneT package so?
Probably we should characterize the ways that a package might be
"obsolete" or "dead". Examples:
* Package was trojan.
* Package has stopped working completely, due to some change in the
world. (Example: package's only use was to scrape a live eBay site, but
eBay changed their HTML and broke the scraper, and package has zero
possible use now.)
* Package no longer works with current Racket version, due to changes in
Racket.
* A grave defect has been discovered in package, such as a security
vulnerability or erroneous calculation, and cannot or will not be fixed.
* Core Racket functionality now makes the package redundant.
* Package works, but developer no longer wishes to maintain package.
I would say that most of these are grounds for a "deprecated" metadata
flag, and perhaps new minor version that documents the issue.
Only in the case of a trojan would I suggest removing the package, however.
Even in the second case (i.e., change in the world, and no other use),
we could imagine someone's research needing the package, perhaps in a
simulated world.
Separately, in the case of a developer no longer wishing to maintain a
package, but someone else taking it over, there could be a final minor
version under the authority of the original developer's account that
requires and re-exports a version under the authority of the new
developer's account.
--
http://www.neilvandyke.org/