On 03/16/2017 10:17 AM, Josef Holzmayr wrote:
- locking down specific versions of packages and their dependencies for reproductible builds.
Thanks for summarizing! I have just one comment: at least initially, locking down specific versions has to be optional. We certainly can try our best, but some environments offer no support for it, and even explicitly encourage the opposite approach (Go for instance); Yocto Project has no resources to fight against that. If someone wants to package an app, and lock it down in a reproducible way, they should take their concern directly to upstream.
Alex -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
