Hey all,
this is a interesting problem, while looking on the 3 dependent packages. (see 
below)

We have 3 choices to go on:

1. Still provide zendframework 1 in a separated path, so it won't conflict with 
ZF2/3
2. Embed needed code into the packages, and drop the full library
3. Remove all 3 packages from stretch

I'd prefer to go with #1, there should not be any major security issues in the 
future with the code base.

And if so, we should be able to tackle them.

I would love to hear the opinion of the security team on the matter.

Regards
Markus


## icingaweb2

The integrations of Zend in terms of controllers/templates is not that big of a 
problem. Zend_Form is integrated tightly into the application.

Any adaption to ZF2/3 will need rewriting, that is not simple and certainly not 
a drop-in replacement in terms of functionality.

## postfixadmin

Zend_Xmlrpc_Server is used to provide API functionality, this is not a must for 
the package.

But adapting to ZF2/3 will cause rewriting the XMLRPC interface.

## php-letodms-lucene

The package is relying on Zend_Search_Lucene to index documents and search them.

A removal of ZF1 will cause massive problems here. Question is: who uses the 
package?


-- 
mar...@lazyfrosch.de / lazyfro...@debian.org
http://www.lazyfrosch.de

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to