Hello, developers. I would like to bring to your attention an alarming trend in Gentoo ebuilds -- the proliferation of IUSE=static-libs, that is a flag allowing our users to build static libraries.
I should like to remind you that static linking is almost always a bad idea. It has serious security implications, it is poorly supported on *nix systems (example: library dependencies are provided via hacks, we don't have proper rebuild capabilities) and should be basically considered a great evil. Partially relevant doc: [1]. This is why Gentoo does not generally support statically linking stuff, and we force dynamic linking whenever possible (sometimes even going too far with that but that's another story). We only allow static linking for special cases where shared linking can't be used for one reason or another. As part of that we also shouldn't deliver static libraries unless absolutely necessary to satisfy the dependencies of applications which we support built statically. Back in the day, Gentoo developers were pushing against packages that built static libraries unconditionally. However, it seems that at some point this front changed from 'fighting unconditionally built static libraries' to 'proliferating USE=static- libs everywhere'. Which is bad. So, developers, please *stop adding USE=static-libs* to random libraries that have no reason whatever to be statically linked to. And by that I mean a good reason, not creeping featurism, not 'user asked for it', not 'this broken package hardcodes libfoo.a'. If upstream doesn't build static libraries by default, don't add flags to make it do it. If upstream builds static libraries by default, just pass '--disable-static' instead of adding a flag for it. If upstream uses CMake and supports building only one type of libraries, there's no need to write patches to make it behave like automake/libtool. Also, if your package has unnecessary IUSE=static-libs that is not correctly needed by any other package, please drop it. Please remember that not installing static libraries is the first step towards preventing broken build systems from unnecessary linking to them (think of upstreams who pass -Wl,-Bstatic unconditionally). Thanks. [1]:https://wiki.gentoo.org/wiki/Why_not_bundle_dependencies -- Best regards, Michał Górny
