On Mon, 2017-03-20 at 13:15 +0100, Kamil Dudka wrote: > I believe that using -Werror in production builds > is a really bad idea in general. There are other, more efficient, > ways to > detect such warnings off production build environment.
In general, I completely agree, but... > IMO the only correct fix is to remove -Werror=format-security from > default > compiler flags in Fedora build environment. It obviously introduces > more > problems than it solves. ...format-security should be an exception, since it eliminates an entire class of security vulnerabilities. If your package triggers this warning, then the code *really* needs to be audited to ensure it's not a vulnerability. Either patch it to avoid the strange construction or add pragmas to suppress the warning for a particular block of code; don't disable this one. Michael _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
