Nixpkgs: Drop JDK 1.6 and 1.7

Created on 23 Sep 2016  路  4Comments  路  Source: NixOS/nixpkgs

Issue description

Oracle's JDK for 1.6 and 1.7 is no longer receiving public security updates. We should probably drop them from nixpkgs.

Reference:

picture grahamc
👍2

Most helpful comment

Software that is known or likely to be vulnerable _should_ be inconvenient to use, imo.

picture joachifm on 23 Sep 2016
😄31

All 4 comments

Hm, maybe better would be to add flag meta.upstreamMaintained = false to indicate, that nobody is interested in adding fixes to this version. It is still inconvenient to pin nixpkgs to get needed package.

danbst picture danbst on 23 Sep 2016

Software that is known or likely to be vulnerable _should_ be inconvenient to use, imo.

joachifm picture joachifm on 23 Sep 2016
😄31

Maybe similar to how we have goPackages and nodePackages, have an unmaintainedPackages, so that you have to qualify you want one of those? That would also cut down on the size of the list of packages in all-packages :)

NeQuissimus picture NeQuissimus on 24 Sep 2016

Done with:

https://github.com/NixOS/nixpkgs/pull/19057 and https://github.com/NixOS/nixpkgs/pull/19056 and oracledk6's PR above.

grahamc picture grahamc on 29 Sep 2016
Was this page helpful?
0 / 5 - 0 ratings

Related issues

lverns picture lverns  路  3Comments
copumpkin picture copumpkin  路  3Comments
grahamc picture grahamc  路  3Comments
edolstra picture edolstra  路  3Comments
rzetterberg picture rzetterberg  路  3Comments