On 08/21/2017 04:20 PM, Christian Stadelmann wrote: > I'd like to see this change land in F28! > > Anyway, I think there is a showstopper: > * Fedora Packaging guidelines demand packages bundle no dependencies (e.g. > libraries, or in Rust's case crates). This is a good choice in my opinion. > * Rust currently has no ABI definition compatible over different versions of > the rust compiler. As a result, every time a new compiler is released it will > also require *ALL* rust packages to be rebuild. See > https://github.com/rust-lang/rfcs/issues/600 for details and discussion. > * To get a sane update strategy, it is critical that not too much packages > are involved in rebuilds. Consider a CVE in openssl: Luckily we can rebuild > openssl (plus its subpackages) and ship it. No need to rebuild every > application that uses openssl or uses another package which uses openssl. > > As far as I understand, these 3 points are conflicting right now. Either Rust > gets an ABI or we need to give up one of the other two principles, which I > highly recommend not to do.
I think ABI compatibility is achieved by shipping source code only in the -devel packages (similar to what Perl does). The rebuild issue is still there, but it's no different from certain Java packaging practices, and what C++ (with template metaprogramming), Ocaml, Go, and so on currently do. Thanks, Florian _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
