On Thu, 25 Feb 2016 13:45:58 +0000 Dimitris Papastamos <s...@2f30.org> wrote:
> On Thu, Feb 25, 2016 at 02:42:42PM +0100, Mattias Andrée > wrote: > > On Thu, 25 Feb 2016 14:11:05 +0100 > > FRIGN <d...@frign.de> wrote: > > > > > On Thu, 25 Feb 2016 13:39:30 +0100 > > > Mattias Andrée <maand...@kth.se> wrote: > > > > > > Hey Matthias, > > > > > > > I think the documentation should be clear that it > > > > only to be relied upon if whitespace changes do > > > > not have any affects. Perhaps it should not allow > > > > introducing whitespace where there was none, > > > > > > > > -helloworld > > > > +hello world > > > > > > > > or removing all whitespace > > > > > > > > -hello world ! > > > > +helloworld ! > > > > > > > > to protect against changes in strings. This however > > > > does would mean that > > > > > > > > -a=b*c > > > > +a = b * c > > > > > > > > would not be allowed either. > > > > > > this is insane. Just read the fucking patches and stop > > > handholding the users. > > > > > > Cheers > > > > > > FRIGN > > > > > > > Whitespace patches can be large. This is to help ensure > > that the user does not miss something in the patch that > > changes the behaviour of the program. Like someone > > trying to sneak in a backdoor or otherwise weaken > > security. Of course the user will be reading the patch > > to make sure that the patch fixes the whitespace > > correctly. > > > > So it is not about handholding, but rather a security > > feature. > > Currently, the easy way to do that is to build with and > without the patch and run sha1 on the resulting binaries. > I have not thought about that.
pgpOhb8VN2OlC.pgp
Description: OpenPGP digital signature