X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org F2778385843E
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1697083202;
	bh=fLExn2wlmCAhMBPCsPv4TLlFmn70z6VBiH9u/vKBgts=;
	h=Date:To:Cc:Subject:References:In-Reply-To:List-Id:
	 List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
	 From:Reply-To:From;
	b=gh3lSroojdXgF7H+rT85QQ8UcKT9BfgvnaZ5HU6LW6/eLSrZK9qjTgsBF9XOMI6I3
	 FmsVTe42o8OR8+GG+Nuo5D/ZdN1aXH92yPeda84F2+rwgwtweNUup/szuI7tPR3psw
	 n9YzohlSWEaCCc4t+35raJ+Up6WBPd3x0YzSub2Y=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D92933858D1E
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-Spam-Language: en
X-Spam-Relay-Country: 
X-Spam-DCC: B=; R=smtp1.atof.net 1102; Body=1 Fuz1=1 Fuz2=1
X-Spam-RBL: 
X-Spam-PYZOR: Reported 0 times.
Date: Wed, 11 Oct 2023 23:59:14 -0400
To: Eric D Hendrickson <ericdavidhendrickson AT gmail DOT com>
Cc: "Hendrickson, Eric D" <edh AT optum DOT com>,
        "cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>
Subject: Re: Ruby EOL in Cygwin 3.4.9?
Message-ID: <ZSdvEv7Ds2UY72FG@xps13>
References: <PH7PR22MB31209C697AD372E36AD384ABAFCCA AT PH7PR22MB3120 DOT namprd22 DOT prod DOT outlook DOT com>
 <8cae1a30-cc92-cbea-4599-d7d550850ac5 AT cs DOT umass DOT edu>
 <PH7PR22MB3120ED5DF8EB2AA48EB8C436AFCCA AT PH7PR22MB3120 DOT namprd22 DOT prod DOT outlook DOT com>
 <d5eb20bc-bbe9-327f-bafc-e56dacfb23b8 AT cs DOT umass DOT edu>
 <CAByPD9=cE_-cuS8BXYv9EPy7_VNqhyXHj=2HMQ_ro4+V5t+sng AT mail DOT gmail DOT com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <CAByPD9=cE_-cuS8BXYv9EPy7_VNqhyXHj=2HMQ_ro4+V5t+sng@mail.gmail.com>
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: "gs-cygwin.com--- via Cygwin" <cygwin AT cygwin DOT com>
Reply-To: gs-cygwin DOT com AT gluelogic DOT com
Content-Type: text/plain; charset="utf-8"
Errors-To: cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 39C4025f011126

On Wed, Oct 11, 2023 at 09:55:04PM -0500, Eric D Hendrickson via Cygwin wrote:
> Sorry for the unclarity - I meant this for the whole list - not just you.
> 
> Thank you so much for taking the time to respond.  Like you said, this
> really is all volunteers.
> 
> For the whole list:
> 
> Totally taking into account the all volunteer nature of Cygwin, would it
> make sense to defer on further non-emergency releases of Cygwin until all
> packages that are EOL have been updated?  Since this is the case with ruby,
> I am guessing it's likely the case with other packages in Cygwin too.
> 
> Is there a Issues log of some sort (ala github) for Cygwin somewhere, so
> that I can document this in the backlog and come back later to investigate
> this myself if I have time this winter?
> 
> 
> On Wed, Oct 11, 2023 at 8:11 PM Eliot Moss <moss AT cs DOT umass DOT edu> wrote:
> 
> > On 10/11/2023 6:36 PM, Hendrickson, Eric D wrote:
> > > Hi Eliot,
> > >
> > > Thanks for responding.  That makes total sense.
> > >
> > > Totally taking into account the all volunteer nature of Cygwin, would it
> > make sense to defer on further non-emergency releases of Cygwin until all
> > packages that are EOL have been updated?  Since this is the case with ruby,
> > I am guessing it's likely the case with other packages in Cygwin too.
> > >
> > > Is there a backlog for Cygwin somewhere, so that I can investigate this
> > myself if I have time this winter?
> > >
> > > Thank you and all the best,
> > > Eric
> > >
> > > -----Original Message-----
> > > From: Eliot Moss <moss AT cs DOT umass DOT edu>
> > > Sent: Wednesday, October 11, 2023 5:03 PM
> > > To: Hendrickson, Eric D <edh AT optum DOT com>; cygwin AT cygwin DOT com
> > > Cc: Eric @ Gmail <ericdavidhendrickson AT gmail DOT com>
> > > Subject: Re: Ruby EOL in Cygwin 3.4.9?
> > >
> > > On 10/11/2023 12:37 PM, Hendrickson, Eric D via Cygwin wrote:
> > >> Hello all,
> > >>
> > >> As a ~25 year user and sometime contributor to Cygwin, I support Cygwin
> > here at my place of work.  Does anyone know why we are deploying Ruby 2.6
> > which EOL about 18 months ago?
> > >>
> > >> https://www.ruby-lang.org/en/downloads/branches/
> > >>
> > >> I'm concerned about proliferation of EOL versions of Ruby in case some
> > security risk / 0Day is identified.
> > >>
> > >> Please advise.
> > >> Eric Hendrickson
> >
> > You should send such things to the list, not me.  I'm just
> > a user who has only made occasional small contributions ...
> >
> > Eliot
> >
> > > If nobody has responded I can give a generic response:
> > > "Because cygwin is all volunteer and someone has not volunteered, or did
> > volunteer and is behind, or fell off the radar."
> > >
> > > Someone else will know how to look up if there is a currently registered
> > volunteer for Ruby ...
> > >
> > > Eliot Moss
> > >
> > >> This e-mail, including attachments, may include confidential and/or
> > >> proprietary information, and may be used only by the person or entity
> > >> to which it is addressed. If the reader of this e-mail is not the
> > >> intended recipient or intended recipient’s authorized agent, the
> > >> reader is hereby notified that any dissemination, distribution or
> > >> copying of this e-mail is prohibited. If you have received this e-mail
> > >> in error, please notify the sender by replying to this message and
> > delete this e-mail immediately.
> > >>
> > >
> > > This e-mail, including attachments, may include confidential and/or
> > > proprietary information, and may be used only by the person or entity
> > > to which it is addressed. If the reader of this e-mail is not the
> > intended
> > > recipient or intended recipient’s authorized agent, the reader is hereby
> > > notified that any dissemination, distribution or copying of this e-mail
> > is
> > > prohibited. If you have received this e-mail in error, please notify the
> > > sender by replying to this message and delete this e-mail immediately.
> >
> >


On Wed, Oct 11, 2023 at 09:55:04PM -0500, Eric D Hendrickson via Cygwin wrote:
> For the whole list:
> 
> Totally taking into account the all volunteer nature of Cygwin, would it
> make sense to defer on further non-emergency releases of Cygwin until all
> packages that are EOL have been updated?

Absolutely not.  That makes *zero* sense for an all volunteer group.

Not every single package is important to everyone.
(I am speaking personally, as maintainer of a single package on Cygwin.)

You care about Ruby?  Good.
I do not use Ruby, so that is not important *to me*.

If some specific packages are important to you, please consider finding
the maintainers of those packages and offering to help maintain those
packages.

https://cygwin.com/cygwin-pkg-maint

There are many ruby-* packages that have been orphaned.  Have at it. :)

Cheers, Glenn

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple