Thanks to Adrian and pabs for their corrections on documenting security
support, and there wasn't too much objection to the summary, more to the
sad state of affairs that leads to it and a bit of clarification.
I believe all the major points have cc'd 907051, so would like to
encourage someone
On Thu, Sep 02, 2021 at 11:38:35PM +0100, Phil Morrell wrote:
>...
> 4. When 2 or 3 are too onerous to maintain, the package MAY use the
>convenience copy but MUST document why in README.source and SHOULD be
>included in the [security-tracker].
>...
The package MUST be listed as being
2021, സെപ്റ്റംബർ 3 8:22:51 AM IST, Jonas Smedegaard ൽ എഴുതി
>I am very worried about how complex node-* packages in Debian have
>become since ftpmasters explicitly stated a not-too-small rule and we
>began more aggressively embedding. E.g. version of each embedded
>project is hidden by
Phil Morrell dijo [Fri, Sep 03, 2021 at 02:04:44AM +0100]:
> On Fri, Sep 03, 2021 at 01:03:35AM +0200, Jérémy Lal wrote:
> > - should a package debian/control list bundled dependencies to make
> > sure to avoid duplications ?
>
> Maybe? I noted in my final paragraph that Fedora has a mechanism
On Fri, 03 Sep 2021 at 02:46:20 +0200, Jonas Smedegaard wrote:
> I suspect that it helps if separating reasons for _encouraging_
> embedding (tiny upstream projects and deeply integrated sets of
> upstreams, I guess) from reasons for _discouraging_ embdding (all other
> cases, I guess).
If the
Le jeudi 2 septembre 2021, 22:38:35 UTC Phil Morrell a écrit :
> Over this last year there seems to have been a noticeable divergence of
> maintainer opinion, on what has become known as vendoring, from a strict
> reading of [policy 4.13]. I think it's notable that the heading is
> [Embedded]
On Thu, Sep 2, 2021 at 10:39 PM Phil Morrell wrote:
> Over this last year there seems to have been a noticeable divergence of
> maintainer opinion, on what has become known as vendoring
Embedded copies of code/etc have downsides ...
https://wiki.debian.org/EmbeddedCopies
> It is my reading of
Quoting Phil Morrell (2021-09-03 03:30:04)
> On Fri, Sep 03, 2021 at 02:46:20AM +0200, Jonas Smedegaard wrote:
> > First of all, thanks for compiling the list of reasonings.
>
> Thanks for taking the time to read through it, I was hoping it would
> be a useful observation.
>
> > I get the
On Fri, Sep 03, 2021 at 02:46:20AM +0200, Jonas Smedegaard wrote:
> First of all, thanks for compiling the list of reasonings.
Thanks for taking the time to read through it, I was hoping it would be
a useful observation.
> I get the impression that you are framing current state of embedding as
On Fri, Sep 03, 2021 at 01:03:35AM +0200, Jérémy Lal wrote:
> - should a package debian/control list bundled dependencies to make
> sure to avoid duplications ?
Maybe? I noted in my final paragraph that Fedora has a mechanism for
this that we don't, but perhaps Provides is sufficient.
> - when a
Hi Phil,
First of all, thanks for compiling the list of reasonings.
I get the impression that you are framing current state of embedding as
a generally good thing to do, and if I understand that correctly then I
disagree with it.
I suspect that it helps if separating reasons for _encouraging_
Le ven. 3 sept. 2021 à 00:39, Phil Morrell a écrit :
> Over this last year there seems to have been a noticeable divergence of
> maintainer opinion, on what has become known as vendoring, from a strict
> reading of [policy 4.13]. I think it's notable that the heading is
> [Embedded] copies and
Over this last year there seems to have been a noticeable divergence of
maintainer opinion, on what has become known as vendoring, from a strict
reading of [policy 4.13]. I think it's notable that the heading is
[Embedded] copies and was [Convenience] copies since its inception,
thankfully I found
13 matches
Mail list logo
