Re: PostgreSQL package download for Solaris 11.4 - Mailing list pgsql-www
| From | Magnus Hagander |
|---|---|
| Subject | Re: PostgreSQL package download for Solaris 11.4 |
| Date | |
| Msg-id | CABUevExDi8xisD71iJPECv9gn3OLSU9dRHXYmgaxJDfbTkrwsQ@mail.gmail.com Whole thread Raw |
| In response to | Re: PostgreSQL package download for Solaris 11.4 ("Jonathan S. Katz" <jkatz@postgresql.org>) |
| List | pgsql-www |
On Mon, Sep 12, 2022 at 3:32 PM Jonathan S. Katz <jkatz@postgresql.org> wrote:
On 9/12/22 6:42 AM, Marcel Hofstetter wrote:
>
>>> Also, I don't think it's fair to complain about the javascript part.
>>> While I
>>> agree it's laughable that it's now apparently impossible to find a
>>> page that
>>> displays text or links without millions of lines code of javascript
>
> The download page is not for you guys. It is for Solaris users.
> They have javascript enabled anyway, because the Oracle Support Portal
> and many other modern websites use/require javascript.
>
> For MacOS and Windows a link to external pages is no problem.
> Why is it a problem for Solaris and AIX?
The reason for this with MacOS/Windows installers is historical. Many
folks have mentioned that "this ship has sailed" for adding links to 3rd
party sites, though I will note that we did have a major cleanup in the
recent past by removing a large chunk of those links (see [1], and
possibly some other threads).
Yeah. Just because something is bad now, doesn't mean we should double down on it.
> As we do the work of the buildfarm, building and creating the packages,
> we will keep our page. For me it makes no sense to maintain additional
> sites. Where is the benefit for you if the packages are on your site?
There are a few reasons:
1. Consistent user experience. It makes it easier for users to access
the various binaries all in one
2. Easier to troubleshoot when issues occur. We do get reports of
"unable to download XYZ" and find out it is due to an issue on one of
the 3rd party sites. So we then spend our time chasing that down and
trying to get it fixed vs. having control of being able to fix it
ourselves. This creates a bad experience for our users and reflects
poorly on .org, so having more control to be able to remediate issues
more quickly is preferable.
3. Ongoing commitment to support. I'm glad you suggest you'll be able to
have the packages available in 1-2 days; this is typically what would
happen when we would start linking to another website with downloads.
However, we have seen through the years that there is a nonzero chance
that this support degrades, so I think it is good to exercise caution.
4. Cost of upkeep on our end. Dave & I ran a study a few years back
(threads in -www archives) to better understand how much traffic went to
external sources. Outside of the MacOS/Windows installers, the numbers
were fairly minimal[1].
5. Ensuring authenticity / integrity of the downloads. Requirements
include ensuring the packaging files are open source. I don't presently
see those for these packages, but I may also be looking in the wrong place.
Getting a link from .org to a different website is very valuable,
especially for downloads, so I think it's OK for us to be vigorous in
vetting it.
Now, I've mentioned in the past that if we add some policy around
including third party links, I'd be open to that. I'm happy to write up
a draft for that, noting that we're currently in the throes of the major
release cycle.
Perhaps a reasonable way forward would be to put it under the Software Catralogue, with a section for PostgreSQL distributions? Then it's more clear that it's a third party distribution, and we hold those links to a much lighter moderation level?
//Magnus