Re: Windows ports of Linux software bundling outdated libraries (Gajim / PyCurl)

[Jeffrey Walton <noloader () gmail com>]

> tl:dr; use Fedora or OpenSuse and their mingw-w64* packages to
> cross-compile and package from Linux; if you use Windows or OS X or
> anything else, use one of these in a VM.

Maven and Git are noteworthy here.

Maven was infamous for outdated packages. Confer, "The Vulnerability
Dataset of a Large Software Ecosystem",
http://bkarak.wizhut.com/www/pubs/pdfs/badgers2014.pdf.

Git took it to the next level and made it distributed. Instead of one
outdated repo like Maven, we now have hundreds or thousands of
outdated followers who don't pulll from master.

Jeff