[Fedora-packaging] mp3 source (but not compiled) in squeak package
Michael Schwendt
mschwendt at gmail.com
Mon Oct 1 22:28:11 UTC 2012
On Mon, 1 Oct 2012 15:28:24 -0500, Bruno Wolff III wrote:
> >> One might think that using pristine sources in the source rpm is better
> >> than using one with the patented code stripped out.
> >
> >Why "better"? Stripped source code cannot be compiled accidentally.
> >That would be something for the lawyers. Imagine a repo contained an
> >audio application that supported MP3 for several weeks.
>
> Easier for downstream to check against upstream to see that it matches.
> the packager doesn't need to create stripped down archives.
Hmm, that's more of a matter of convenience or laziness (as it may be
non-trivial to remove a component from a build framework).
How many downstreams perform checks of sources? (also don't forget
snapshot checkouts)
There are not many upstream projects who offer detached signatures
for their source archives, so that's seldomly an issue.
More information about the packaging
mailing list