# Found bug in port but maintainer unresponsive



## honk (Dec 5, 2020)

Hello,

I found two simple bugs in a port. The ports pkg-descr points to a GitHub repository where the port is developed. I filed two issues there along with the description of the problem and a possible solution (patch) 10 months ago. I also sent an email to the developer which is also the maintainer (as per Makefile) of the port. As I got no response I resend this email in May, August and October. Now I don't expect an answer anymore.

What should I do next?


----------



## chrbr (Dec 5, 2020)

Dear honk,
I think you have done your best. May be you post the link to the problem report. Then the forum users can have a look as well. It would be a pitty if your effort would have been in vain.


----------



## honk (Dec 5, 2020)

Thanks for you reply!

I'm not sure if it is a good idea to provide the name of the port or a link to the repository here, because I don't want to blame the developer/maintainer. If someone is able to help I cold provide those information in a personal message.

Is there an "official" way or procedure to handle such cases?


----------



## Alexander88207 (Dec 5, 2020)

honk said:


> Is there an "official" way or procedure to handle such cases?



To report a maintainer-timeout, set maintainer-feedback to timeout so everyone can see that there is a maintainer-timeout.

Example:


----------



## Datapanic (Dec 5, 2020)

Did you try reporting the bug on the official FreeBSD site?  https://bugs.freebsd.org/bugzilla/


----------



## honk (Dec 5, 2020)

I filed two issues in the GitHub repository in February. I'm going to report it with FreeBSD Bugzilla now. Thanks!


----------



## Phishfry (Dec 5, 2020)

Your bug report will get more traction if you include a patch attachment.


----------



## honk (Apr 8, 2021)

Four months ago I opened PR 251618 and PR 251619 and attached small and simple patches. No response until now. What could I do next?


----------



## zirias@ (Apr 8, 2021)

Maintainer seems to have changed their email address a while (> 1 year) ago, PR 238336. Sure you wrote to the correct one?
Anyways, this software looks – is inactive still a word here? (Ok, gotta be careful, I have projects without commits in years as well)
Option 1: Add another comment on bugzilla
Option 2: Ask for assistance on freebsd-ports@ mailing list
Option 3: Ask for assistance on IRC (freenode #freebsd-ports or EFnet #bsdports)


----------



## tux2bsd (Apr 8, 2021)

I get the impression email validation isn't performed.

i.e. if developer then 6 monthly email "are you alive" if no verification in 2 weeks flagged for follow up.

Then, all maintainer files must match a verified address or substituted to some stand in.


----------



## honk (Apr 10, 2021)

Zirias said:


> Maintainer seems to have changed their email address a while (> 1 year) ago, PR 238336. Sure you wrote to the correct one?


I saw this before and tried to contact the maintainer on the old, the new and the private address.




Zirias said:


> Anyways, this software looks – is inactive still a word here?


It's a simple tool without a need for permanent updates of any kind just to make it look "active".


I tried to set a "maintainer-timeout" as Alexander88207 proposed, but I'm not sure if I did it correctly.


----------



## tingo (Apr 10, 2021)

Then select "Option 2".


----------



## Deleted member 30996 (Apr 11, 2021)

I recently contacted the Maintainer, sunpoet, of security/nettle directly by the email address provided. He got it fixed and submitted in time to address the vulnerability I reported before the ports tree business. 

Then he replied to apologize for not getting back to me sooner because he was swamped with work. I thanked him personally and for everybody here. 

I believe he used to Maintain Weatherspect which I reported independently to him about not working right. He responded quickly to that, but changes made it impossible to keep it in a working condition so it was pulled.


----------



## honk (Apr 29, 2021)

Trihexagonal: Sorry, I don't understand what you are trying to say in the context of this thread.

In the meantime someone took over my bug reports and commited the fixes to the ports tree. So the bugs should be fixed. Sadly the result is a patch in the ports system and not a fixed version in the originating git repository. But okay. Thanks everyone for the support!


----------



## Deleted member 30996 (Apr 29, 2021)

honk said:


> Trihexagonal: Sorry, I don't understand what you are trying to say in the context of this thread.


I relayed how I contacted the Maintainer of security/nettle directly by the email address provided and not only was he quick to respond and get the port fixed in time for the temporary freeze, he emailed me apologizing it took him so long to get back with me because he was swamped with work.

That it was the second port I had reported a problem with to him and he was quick to react both times.


----------



## kpedersen (Apr 29, 2021)

Coincidentally (unless this was you on the mailing lists), there was a recent discussion about this:



> Subject: security/luasec maintainer not responding
> Date: Thu, 29 Apr 2021 19:42:35 +0200 (CEST)
> 
> > Second: how do you deal with this situation in general? I think I've asked
> ...


----------

