Re: Packaging pgAdmin4

Fri, 10 Dec 2021 13:49:40 -0800 


On 10.12.21 22:05, Fabio Valentini wrote:

On Fri, Dec 10, 2021 at 12:57 PM Sandro Mani <manisan...@gmail.com> wrote:


On 10.12.21 01:54, Demi Marie Obenour wrote:

On 12/9/21 1:05 PM, Sandro Mani wrote:

On 09.12.21 17:31, Vitaly Zaitsev via devel wrote:

On 09/12/2021 16:56, Sandro Mani wrote:

This does not appear to be accurate for nodejs packages - take i.e.
node-svgo, which compliant with the guidelines bundles node_modules
dir in svgo-2.8.0-nm-dev.tgz resp svgo-2.8.0-nm-prod.tgz.

You can vendor only sources. No prebuilt assets are allowed.

Which would basically mean bundling the node_modules folder?

No, it would mean bundling the source from which the stuff in
node_modules is generated.

Well this isn't what is the current nodejs packaging guidelines state
and as noted by Ben elsewhere in this thread would make it prohibitive
to package anything but the most trivial nodejs library.

Well, not even NodeJS packaging can ignore basic "legal" requirements
(such as: not shipping pre-built binaries etc.).
I always assumed that to be an implicit rule, which doesn't need to be
repeated on every domain-specific Packaging Guidelines page ...
So, if bundled / vendored dependencies contain objectionable content,
those files needs to be removed, preferably before building the vendor
tarball.
If that's currently not the case, then NodeJS packaging is more broken
than I thought.



The license review is outlined in [1] and not the issue at hand here - 
clearly, bundled content needs to satisfy the licensing requirements or 
otherwise removed. The issue here concerns bundling node_modules vs 
unbundling and building from source every single dependency and 
dependency of dependency.


Thanks
Sandro



[1] 
https://docs.fedoraproject.org/en-US/packaging-guidelines/Node.js/#_bundled_licenses

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure























					Reply via email to