From owner-freebsd-ports@freebsd.org  Sat Aug 10 08:17:50 2019
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9B0F3B617A
 for <freebsd-ports@mailman.nyi.freebsd.org>;
 Sat, 10 Aug 2019 08:17:50 +0000 (UTC)
 (envelope-from martin@waschbuesch.de)
Received: from relay01.waschbuesch.it (relay01.waschbuesch.it
 [IPv6:2a00:cba0:100::231])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "*.waschbuesch.it",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 465FNF2x5kz4WwF
 for <freebsd-ports@freebsd.org>; Sat, 10 Aug 2019 08:17:48 +0000 (UTC)
 (envelope-from martin@waschbuesch.de)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=waschbuesch.de; s=dkim; h=To:Date:Message-Id:Subject:Mime-Version:
 Content-Transfer-Encoding:Content-Type:From:Sender:Reply-To:Cc:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=I87Oi9ynZynBVhyrydnSsEjk9eamSpnffaiT5aZkuCM=; b=ozNBRAsHMNb6L5xSCbBCHYTG1M
 TIDSTQddI9UMCa4DDDRfPIhwkQznwKt+4RLNu2haCCeGjtt2XzxmUKhsERb446oW5Nrw+PFj0iCqc
 ijZZpp9XBxZz6fyvotHIP6AKJt1avqFPnbedQuMpHbr9VmoEi/FKqfXJvKwP0q58aruY=;
Received: by relay01.waschbuesch.it with esmtpsa
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim)
 (envelope-from <martin@waschbuesch.de>) id 1hwMZM-0002lo-5y
 for freebsd-ports@freebsd.org; Sat, 10 Aug 2019 08:17:44 +0000
From: =?utf-8?Q?Martin_Waschb=C3=BCsch?= <martin@waschbuesch.de>
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Subject: PHP version retirement
Message-Id: <CF1F28D6-1072-4BE6-B124-A97DE43FA4E6@waschbuesch.de>
Date: Sat, 10 Aug 2019 10:17:44 +0200
To: freebsd-ports@freebsd.org
X-Mailer: Apple Mail (2.3445.104.11)
X-Rspamd-Queue-Id: 465FNF2x5kz4WwF
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=waschbuesch.de header.s=dkim header.b=ozNBRAsH;
 dmarc=pass (policy=none) header.from=waschbuesch.de;
 spf=pass (mx1.freebsd.org: domain of martin@waschbuesch.de designates
 2a00:cba0:100::231 as permitted sender) smtp.mailfrom=martin@waschbuesch.de
X-Spamd-Result: default: False [-3.86 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[waschbuesch.de:s=dkim];
 FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain];
 TO_DN_NONE(0.00)[]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[];
 RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MV_CASE(0.50)[];
 RCVD_IN_DNSWL_MED(-0.20)[1.3.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.a.b.c.0.0.a.2.list.dnswl.org
 : 127.0.5.2]; DKIM_TRACE(0.00)[waschbuesch.de:+];
 DMARC_POLICY_ALLOW(-0.50)[waschbuesch.de,none];
 NEURAL_HAM_SHORT(-0.65)[-0.654,0]; RCVD_COUNT_ZERO(0.00)[0];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+];
 IP_SCORE(-0.00)[country: DE(-0.01)];
 ASN(0.00)[asn:21476, ipnet:2a00:cba0::/32, country:DE];
 MID_RHS_MATCH_FROM(0.00)[]
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Aug 2019 08:17:50 -0000

Hi all,

At least the last  two versions of PHP, 5.6 & 7.0, were removed from =
ports as soon as (or even shortly before) they were no longer actively =
maintained upstream.
I am unsure what the exact reasoning behind this was, but I do not think =
it is a good idea moving forward:

I suppose it is true that outdated & no longer supported versions of PHP =
could be seen as a security risk. So far so good.

However, if, for whatever reason (and I think there are legitimate =
ones), I still need to use a now obsolete version of PHP, having them =
removed from ports effectively makes it harder for me to keep everything =
else up-to-date.
I might have to stick with an old ports revision so I cannot update =
other packages.
If I just keep PHP as is, and update other packages, I cannot easily =
switch to a new version of FreeBSD itself, because I'd have to go back =
to an old revision of ports (hopefully working with the OS version I =
updated to) to compile PHP and then do other packages.
Libraries / dependencies may change and break my PHP, etc.
So, on top of possible security concerns for the outdated software I =
use, I basically get an overall less secure / stable system to boot.

Now, I am not suggesting we leave every old and outdated PHP version in =
ports, but why remove a port just days after it received its last =
security update upstream? (With PHP 5.6 it was actually removed from =
ports before it got its last update upstream).

Would it not be better to have, say, the last two versions before =
current stable still in ports but with a huge disclaimer saying: use at =
your own risk, etc.?

What do y'all think?

Martin=