Re: libqt4-opengl-dev: Different dependencies on armhf than on other architectures / Licheng Ma
>Andreas Moogwrote: >>Hi there, >> >>I have a question about the package libqt4-opengl-dev on the armhf >>architecture (source: qt4-x11). I was investigating >>https://bugs.launchpad.net/bugs/941062, a build failure of the package >>fracplanet and was wondering why it succeeded on all other arches as >>well as on armhf in Debian. >> >>The difference I found was in the dependencies of libqt4-opengl-dev: >> >>On amd64 (and others) it is: >> >>Depends: libgl1-mesa-dev | libgl-dev, libglu1-mesa-dev | libglu-dev, >>libqt4-dev (= 4:4.8.4+dfsg-0ubuntu19), libqt4-opengl (= >>4:4.8.4+dfsg-0ubuntu19) >> >>But on armhf in Ubuntu (NOT in Debian): >> >>Depends: libgles2-mesa-dev | libgles2-dev, libqt4-dev (= >>4:4.8.4+dfsg-0ubuntu19), libqt4-opengl (= 4:4.8.4+dfsg-0ubuntu19) >> >>Is there a reason for this difference? How would I go to further find >>out why this is what it is? > >In Ubuntu we only support GLES on arm for performance reasons. This is an intentional difference with Debian. > >Scott K Hi there I just found out that on aarch (ARM64) libqt4-opengl-dev is using libgl1-mesa-dev again instead of libgles2-mesa-dev, as I would expected, like in armhf. Tested in Ubuntu 15.04 on a Tegra X1 system.Does this (Difference in GLES support on aarch64 and armhf) have a reason? How can I solve this issue, regarding the fact that I use GLES based source code and on Tegra X1 only GLES libraries exist?Licheng Ma -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Minifying JS files with no node-uglify in main
Hi all, There are lots of packages that have JS files to be minified, and some of them are in main (including core JS libraries such as jquery and underscore). In Debian the de-facto standard tool for minifying files is node-uglify (source package uglifyjs). In Ubuntu, we do not want nodejs in main, so such packages are patched to either have the files non-minified or to use an alternative minifier such as yui-compressor (example: [1]). However yui-compressor is mostly unmaintained upstream (last release was in May 2013, compare with uglifyjs where the latest release was 5 days ago), which means it potentially has bugs which can be used to insert backdoors to code (I recommend reading [2]). Also, not using node-uglify means we have Debian delta for most JS packages in main, which in turn means we can miss some important fixes from Debian. So my question is: based on security concerns raised above, can we reconsider shipping nodejs and node-uglify in main, maybe with restricting its use to only build-time JS minifying? (Context: I have been working on modernizr which I will need in main soon, and it also uses node-uglify in Debian.) [1]: https://launchpad.net/ubuntu/+source/underscore/1.1.6-1ubuntu1 [2]: https://zyan.scripts.mit.edu/blog/backdooring-js/ -- Dmitry Shachnev signature.asc Description: OpenPGP digital signature -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
