Proposal to reduce anti-bundling requirements
Ralf Corsepius
rc040203 at freenet.de
Wed Sep 30 14:52:48 UTC 2015
On 09/30/2015 04:25 PM, Reindl Harald wrote:
>
>
> Am 30.09.2015 um 16:13 schrieb Orion Poplawski:
>> On 09/30/2015 07:45 AM, Fabian Deutsch wrote:
>>> Yes, I also see this as a good compromise.
>>> We then have the ability to at least track bundling.
>>>
>> I'd just like to point out that we have always had the requirement for
>> package that bundled libraries to carry the "Provides: bundled(libname)"
>> metadata. What's new here is not needing to go through the FPC to get
>> an exception. Which perhaps leads to people not declaring their
>> packages bundled libraries.
>
> how do you come to that conclusion?
>
> people not declaring their bundles and not care about policies did the
> same before: not declare it and not ask for exceptions - there is a
> logical flow in "now that i don't need to ask FPC i don't declare it"
Exactly, that's what I would consider a serious regression.
This proposal effectively is a carte-blanche to bundling and
carelessness, which I would expect to seriously impact the quality of
Fedora.
> the opposite is more likely: people trying to avoid the FPC burden now
> can declare it without fearing somebody takes notice and points out a
> violation
If they don't care or are not aware about the consequences of their
bundling?
Like I've said many times before, I feel Fedora needs a serious
vulnerability in a widespread bundled or static library, such that
people finally comprehend the harm of bundling.
Ralf
More information about the devel
mailing list