X.org has announced several packages that they are no longer maintaining, which we should be dropping: https://www.openwall.com/lists/oss-security/2023/05/02/3 I believe I got all of them listed in the Source RPM field, here they are with versions: xfindproxy-1.0.4-4.mga9.src.rpm, libxfontcache-1.0.5-14.mga9.src.rpm, xfwp-1.0.3-8.mga9.src.rpm, xsetpointer-1.0.1-15.mga9.src.rpm, libxkbui-1.0.2-19.mga9.src.rpm, libxxf86misc-1.0.4-4.mga9.src.rpm, libdmx-1.1.4-4.mga9.src.rpm, liboldx-1.0.1-19.mga9.src.rpm, xsetmode-1.0.0-18.mga9.src.rpm, libxevie-1.0.3-13.mga9.src.rpm, libxtrap-1.0.1-10.mga9.src.rpm, x11-font-bitstream-speedo-1.0.2-10.mga9.src.rpm, xrx-1.0.4-10.mga9.src.rpm, libxp-1.0.4-1.mga9.src.rpm, liblbxutil-1.1.0-13.mga9.src.rpm, x11-driver-input-mutouch-1.3.0-28.mga9.src.rpm, x11-driver-input-fpit-1.4.0-27.mga9.src.rpm, x11-driver-input-hyperpen-1.4.1-33.mga9.src.rpm, x11-driver-input-penmount-1.5.0-27.mga9.src.rpm We'll have to be careful, as some of them are currently required by other packages.
Blocks: (none) => 30163Priority: Normal => release_blockerTarget Milestone: --- => Mageia 9
Here are the packages to drop listed, hopefully in alphabetic order: libdmx liblbxutil liboldx libxevie libxfontcache libxp libxtrap libxxf86misc x11-driver-input-fpit x11-driver-input-hyperpen x11-driver-input-mutouch x11-driver-input-penmount x11-font-bitstream-speedo xfindproxy xfwp xrx xsetmode Inevitably assigning this globally, but it might need more than one packager to do it all - especially as "some of them are currently required by other packages".
Assignee: bugsquad => pkg-bugs
we will need to rebuild xorg w/o the deps because for ex: urpmq --whatrequires lib64dmx1 lib64dmx-devel lib64dmx1 lib64xorg-x11
CC: (none) => mageia
Should we really do this for mga9? Needs much testing for reliability? = delaying mga9 further. Or do this after RC1, in order to be able to ship RC1 soon?
CC: (none) => fri
We should do this now. Once we release with unmaintained packages/software, we have no recourse. Rushing a distro release that we can't support doesn't help us.
If we don't do it before the rc, which is supposed to be as close to final as possible, it will not get adequate testing before the final iso images are released. For packages being dropped, if they are on the iso images or need to be obsoleted to force removal from user's systems, that has to be done before the RC iso images start testing. Doing it later would lengthen the final iso image testing, which we want to have be as short as possible due to the freeze on all development except fixing bugs impacting the iso images. For this bug, it's due to the security warning from Xorg.
CC: (none) => davidwhodgins
So I searched all unmaintained X.org packages listed and cleaned all packages which depended on they, here the cleaned dependencies list: $ urpmq --whatrequires-recursive lib64dmx1 lib64dmx-devel $ urpmq --whatrequires-recursive lib64dmx-devel $ urpmq --whatrequires-recursive lib64lbxutil1 lib64lbxutil-devel $ urpmq --whatrequires-recursive lib64lbxutil-devel $ urpmq --whatrequires-recursive lib64oldx6 lib64oldx-devel $ urpmq --whatrequires-recursive lib64oldx-devel $ urpmq --whatrequires-recursive lib64xevie1 lib64xevie-devel $ urpmq --whatrequires-recursive lib64xevie-devel $ urpmq --whatrequires-recursive lib64xfontcache1 lib64xfontcache-devel $ urpmq --whatrequires-recursive lib64xfontcache-devel $ urpmq --whatrequires-recursive lib64xp6 lib64xp-devel lib64xprintutil1 $ urpmq --whatrequires lib64xp-devel lib64xprintutil-devel libxprintutil $ urpmq --whatrequires-recursive lib64xtrap6 lib64xtrap-devel xtrap $ urpmq --whatrequires-recursive lib64xtrap-devel xtrap $ urpmq --whatrequires-recursive xtrap $ urpmq --whatrequires lib64xxf86misc1 lib64xxf86misc-devel $ urpmq --whatrequires lib64xxf86misc-devel drakx-kbd-mouse-x11 $ urpmq --whatrequires x11-driver-input-fpit $ urpmq --whatrequires x11-driver-input-hyperpen $ urpmq --whatrequires x11-driver-input-mutouch $ urpmq --whatrequires x11-driver-input-penmount $ urpmq --whatrequires x11-font-bitstream-speedo $ urpmq --whatrequires-recursive xfindproxy $ urpmq --whatrequires-recursive xfwp $ urpmq --whatrequires-recursive xrx $ urpmq --whatrequires-recursive xsetmode $ urpmq --whatrequires-recursive xsetpointer $ urpmq --whatrequires-recursive lib64xkbui1 lib64xkbui-devel $ urpmq --whatrequires-recursive lib64xkbui-devel $ urpmq --whatrequires-recursive lib64xprintutil1 lib64xprintutil-devel $ urpmq --whatrequires-recursive lib64xprintutil-devel All can be removed except for now our "drakx-kbd-mouse-x11" pkg which still depend on xxf86misc-devel. Also new xdpyinfo-1.3.4-2.mga9 should now be moved from Testing to Release to fix dependencies.
CC: (none) => geiger.david68210
List of srpms which can now be retired from our repo: libdmx-1.1.4-4.mga9.src.rpm liblbxutil-1.1.0-13.mga9.src.rpm liboldx-1.0.1-19.mga9.src.rpm libxevie-1.0.3-13.mga9.src.rpm libxfontcache-1.0.5-14.mga9.src.rpm libxp-1.0.4-1.mga9.src.rpm libxtrap-1.0.1-10.mga9.src.rpm xtrap-1.0.3-4.mga9.src.rpm x11-driver-input-fpit-1.4.0-27.mga9.src.rpm x11-driver-input-hyperpen-1.4.1-33.mga9.src.rpm x11-driver-input-mutouch-1.3.0-28.mga9.src.rpm x11-driver-input-penmount-1.5.0-27.mga9.src.rpm x11-font-bitstream-speedo-1.0.2-10.mga9.src.rpm xfindproxy-1.0.4-4.mga9.src.rpm xfwp-1.0.3-8.mga9.src.rpm xrx-1.0.4-10.mga9.src.rpm xsetmode-1.0.0-18.mga9.src.rpm xsetpointer-1.0.1-15.mga9.src.rpm libxkbui-1.0.2-19.mga9.src.rpm libxprintutil-1.0.1-20.mga9.src.rpm Execpt libxxf86misc-1.0.4-4.mga9.src.rpm as we have first to fix our drakx-kbd-mouse-x11 pkg!
So all added in task-obsolete except libxxf86misc for now.
The code which uses libxxf86misc is present since about 2005. It seems to concern test of the X server and another part for mouse setting. https://gitweb.mageia.org/software/drakx-kbd-mouse-x11/tree/lib/xf86misc/main.xs Who knows how this work? Not me. I suggest to keep it to not blocks the Mageia 9 release. For the X test, an option is to withdraw it, this is not so important. We still need to investigate for initIMPS2 function.
CC: (none) => yves.brungard_mageia
Priority: release_blocker => High
drakx relies on libxxf86misc, so it's removal broke stage2 installer (bug 31867), so I've restored the deps so stage2 installer works again, ... that will need to be reviewed for mga10
bug 32031 that is
If we are satisfied with dropping packages for Mageia 9 release, please drop blocking of Bug 30163 - [TRACKER] Packages that need to be obsoleted for Mageia 9 release
FI, I am just having a few proprietary programs failing on mga9 as they are looking for libXp. I was able to fix my very personal issue by building from obsolete/libxp, which does not depend on other obsoleted packages. Bug reports on that will possibly come. Cheers, Chris.
CC: (none) => eatdirt
Mageia 9 released long ago... Targeting mga10
Target Milestone: Mageia 9 => Mageia 10Blocks: 30163 => 32127
I'd like, as I said on the mailing list, that a fine-compiling package, working-package, used, should not be dropped. For instance, xsetmode should stays. Cheers.
See Comment 4. If we can remove our reliance on dead, unmaintained software, we should. There have been other things in the past people would have liked to keep forever (old versions of Gtk+ being just one example), but we just can't responsibly do that.
I disagree. We should remove software when they do not work or do not build. Here, you're using manpower to remove softs and, more importantly, dependencies, that work perfectly fine. Non-sense to me. Unmaintained does not mean broken nor useless.
Unless we have the expertise to maintain the software ourselves, or know that we can rely on someone else that does, it's not good to keep unmaintained stuff, should any serious issues arise with it.
Created attachment 14396 [details] Packages that would be removed from my current m9 x86_64 install The following command shows any of the packages that would be obsoleted based on the srpm list in comment 1. $ cat checkxorgpkgs rpm -q \ lib64xpm4 \ lib64xpm-devel \ lib64xpresent1 \ lib64xpresent-devel \ lib64xxf86misc1 \ lib64xxf86misc-devel \ libxpa1 \ libxpa-devel \ libxplayer-plparser18 \ libxplayer-plparser-devel \ libxplayer-plparser-gir1.0 \ libxplayer-plparser-mini18 \ libxplc0 \ libxplc-devel \ libxpm4 \ libxpm-devel \ libxpresent1 \ libxpresent-devel \ libxxf86misc1 \ libxxf86misc-devel | grep -v -w not The attached file lists the 269 packages that would then be uninstalled, which I generated using "urpme --test".