Florian Schmaus writes:
> [[PGP Signed Part:Undecided]]
> On 30/06/2023 10.22, Sam James wrote:
>> Florian Schmaus writes:
>>> [[PGP Signed Part:Undecided]]
>>> [in reply to a gentoo-project@ post, but it was asked to continue this
>>> on gentoo-dev@]
>>> On 28/06/2023 16.46, Sam James wrote:
Zoltan Puskas writes:
> On Tue, Jul 04, 2023 at 01:13:30AM -0600, Tim Harder wrote:
>> On 2023-07-03 Mon 04:17, Florian Schmaus wrote:
>> >On 30/06/2023 13.33, Eray Aslan wrote:
>> >>On Fri, Jun 30, 2023 at 03:38:11AM -0600, Tim Harder wrote:
>> >>>Why do we have to keep exporting the related
On Thu, Jul 6, 2023 Zoltan Puskas wrote:
> I've been following the EGO_SUM thread for quite some time now. One
> other thing I did not see mentioned in favour of EGO_SUM so far:
> reproducibility.
> The problem with external tarballs is that they are gone once the
> ebuild is dropped from the
On Tue, Jul 04, 2023 at 01:13:30AM -0600, Tim Harder wrote:
> On 2023-07-03 Mon 04:17, Florian Schmaus wrote:
> >On 30/06/2023 13.33, Eray Aslan wrote:
> >>On Fri, Jun 30, 2023 at 03:38:11AM -0600, Tim Harder wrote:
> >>>Why do we have to keep exporting the related variables that generally
>
On Wed, Jul 05, 2023 at 20:40:34 +0200, Gerion Entrup wrote:
> Am Mittwoch, 5. Juli 2023, 01:09:30 CEST schrieb Oskari Pirhonen:
> > On Tue, Jul 04, 2023 at 21:56:26 +, Robin H. Johnson wrote:
> > > On Tue, Jul 04, 2023 at 12:44:39PM +0200, Gerion Entrup wrote:
> > > > just to be curious about
On Wed, Jul 5, 2023 at 2:40 PM Gerion Entrup wrote:
>
> Am Mittwoch, 5. Juli 2023, 01:09:30 CEST schrieb Oskari Pirhonen:
> > On Tue, Jul 04, 2023 at 21:56:26 +, Robin H. Johnson wrote:
> > >
> > > Developing it requires PMS work in addition to package manager
> > > development, because it
Am Mittwoch, 5. Juli 2023, 01:09:30 CEST schrieb Oskari Pirhonen:
> On Tue, Jul 04, 2023 at 21:56:26 +, Robin H. Johnson wrote:
> > On Tue, Jul 04, 2023 at 12:44:39PM +0200, Gerion Entrup wrote:
> > > just to be curious about the whole discussion. I did not follow in the
> > > deepest detail
On Tue, Jul 04, 2023 at 21:56:26 +, Robin H. Johnson wrote:
> On Tue, Jul 04, 2023 at 12:44:39PM +0200, Gerion Entrup wrote:
> > just to be curious about the whole discussion. I did not follow in the
> > deepest detail but what I got is:
> > - EGO_SUM blows up the Manifest file, since every
On Tue, Jul 04, 2023 at 12:44:39PM +0200, Gerion Entrup wrote:
> just to be curious about the whole discussion. I did not follow in the
> deepest detail but what I got is:
> - EGO_SUM blows up the Manifest file, since every little Go module needs
> to be respected. A lot of these Manifest files
Am Dienstag, 4. Juli 2023, 09:13:30 CEST schrieb Tim Harder:
> On 2023-07-03 Mon 04:17, Florian Schmaus wrote:
> >On 30/06/2023 13.33, Eray Aslan wrote:
> >>On Fri, Jun 30, 2023 at 03:38:11AM -0600, Tim Harder wrote:
> >>>Why do we have to keep exporting the related variables that generally
>
On 2023-07-03 Mon 04:17, Florian Schmaus wrote:
On 30/06/2023 13.33, Eray Aslan wrote:
On Fri, Jun 30, 2023 at 03:38:11AM -0600, Tim Harder wrote:
Why do we have to keep exporting the related variables that generally
cause these size issues to the environment?
I really do not want to make a
> On Mon, 03 Jul 2023, Florian Schmaus wrote:
> So pkgcheck counting EGO_SUM entries would be sufficient for the
> purpose of having a static check that notices if the ebuild would
> likely run into the environment limit?
> To find a common compromise, I would possibly invest my time in
>
On 30/06/2023 13.33, Eray Aslan wrote:
On Fri, Jun 30, 2023 at 03:38:11AM -0600, Tim Harder wrote:
Why do we have to keep exporting the related variables that generally
cause these size issues to the environment?
I really do not want to make a +1 response but this is an excellent
question
On 30/06/2023 10.22, Sam James wrote:
Florian Schmaus writes:
[[PGP Signed Part:Undecided]]
[in reply to a gentoo-project@ post, but it was asked to continue this
on gentoo-dev@]
On 28/06/2023 16.46, Sam James wrote:
and questions remain unanswered on the
ML (why not implement a check in
On Fri, Jun 30, 2023 at 03:38:11AM -0600, Tim Harder wrote:
> Why do we have to keep exporting the related variables that generally
> cause these size issues to the environment?
I really do not want to make a +1 response but this is an excellent
question that we need to answer before implementing
On 2023-06-30 Fri 02:22, Sam James wrote:
> My position on this has been consistent: a check is needed to statically
> determine when the environment size is too big. Copying the Portage
> check into pkgcheck (in terms of the metrics) would satisfy this.
>
> That is, regardless of raw size, I'm
Florian Schmaus writes:
> [[PGP Signed Part:Undecided]]
> [in reply to a gentoo-project@ post, but it was asked to continue this
> on gentoo-dev@]
>
> On 28/06/2023 16.46, Sam James wrote:
>> Florian Schmaus writes:
>>> On 17/06/2023 10.37, Arthur Zamarin wrote:
I also want to nominate
[in reply to a gentoo-project@ post, but it was asked to continue this
on gentoo-dev@]
On 28/06/2023 16.46, Sam James wrote:
Florian Schmaus writes:
On 17/06/2023 10.37, Arthur Zamarin wrote:
I also want to nominate people who I feel contribute a lot to Gentoo and
I have a lot of
On 01/06/2023 21.55, William Hubbs wrote:
The EGO_SUM alternatives
- do not have the same level of trust and therefore have a negative
impact on security (a dubious tarball someone put somewhere, especially
when proxy-maint)
For this, I would argue that vetting the tarball falls to the
On 2.6.2023 21.06, William Hubbs wrote:
>>
>> In theory it's "easy", but in practice how'd you work? This would be
>> fine when a single developer is proxying a single maintainer, but when a
>> a stack of devs (project) are proxying hundreds of different people, it
>> becomes messy and
On Fri, Jun 02, 2023 at 10:13:55AM +0300, Joonas Niilola wrote:
> On 1.6.2023 22.55, William Hubbs wrote:
> >>
> >> The EGO_SUM alternatives
> >> - do not have the same level of trust and therefore have a negative
> >> impact on security (a dubious tarball someone put somewhere, especially
> >>
On 1.6.2023 22.55, William Hubbs wrote:
>>
>> The EGO_SUM alternatives
>> - do not have the same level of trust and therefore have a negative
>> impact on security (a dubious tarball someone put somewhere, especially
>> when proxy-maint)
>
> For this, I would argue that vetting the tarball
I know I'm pretty late to this thread, but I'm going to respond to some
of the concerns and suggest another alternative.
On Mon, Apr 17, 2023 at 09:37:32AM +0200, Florian Schmaus wrote:
> I want to continue the discussion to re-instate EGO_SUM, potentially
> leading to a democratic vote on
I want to continue the discussion to re-instate EGO_SUM, potentially
leading to a democratic vote on whether EGO_SUM should be re-instated or
deprecated.
For the past months, I tried to find *technical reasons*, e.g., reasons
that affect end-users, that justify the deprecation of EGO_SUM.
24 matches
Mail list logo
