|
|
Boost : |
From: Niall Douglas (s_sourceforge_at_[hidden])
Date: 2022-04-06 14:12:50
On 06/04/2022 13:58, Dominique Devienne wrote:
>> So that's a big turnoff for me at least, it reminds me of that
>> all-in-one integrated thingy which Boost had yonks ago and we were never
>> able to get off some very ancient version of it full of known security
>> holes. I **really** don't want to go back to that.
>
> But please don't go about writing about security holes or abondonware
> or bloat for things Dr Hipp does...
The issue with the all in one integrated thingy which Boost had yonks
ago wasn't that there weren't new versions. Because there were, at least
two major releases and countless minor releases. We were stuck on
something like v0.5.
The issue was that upgrading the existing to newer broke stuff, and
nobody was willing to volunteer the time to fix the existing stuff. So
we stayed stuck forever on the ancient version.
This has absolutely nothing to do with Dr. Hipp. It has everything to do
with us locking ourselves into technologies which we then find later we
aren't willing to pay the maintenance for, and then we get hoist by our
own petard.
As much as GitHub is a catastrophic single point of failure, and that
used to be unacceptable here as a dependency, once Microsoft took them
over we have mostly stopped worrying and learned to love GitHub. I for
one like that none of us here have to maintain GitHub, keep it safe from
security attacks, and keep it maintained. That's worth a lot of money to
us here to not have to do.
Niall
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk