On Friday, March 22, 2019 12:25:28 PM CET Vitaly Zaitsev wrote:
Hello, Kamil Dudka.
Fri, 22 Mar 2019 12:03:26 +0100 you wrote:
> Enforcing -Werror=format-security in Fedora build system was a mistake.
No. Enforcing -Werror=format-security is good choice. This helped
maintainers to fix lots of potential security vulnerabilities in packages.
There are more effective ways to capture and process compiler warnings.
Using -Werror in production builds can in fact be counterproductive when
someone is trying to release a security update for a real security issue
and has to deal with unexpected build failures.
Another problem is that -Werror aborts the build prematurely. When building
in parallel, it may be even non-deterministic how many errors are reported
before the build stops. So people have to apply fixes (or workarounds) in
iterations, which is not fun with packages like libreoffice.
Needless to say that build.log does not contain any machine-readable
information about the warnings detected during the build, because compiler
diagnostic may be suppressed by the build system, diagnostic messages may
be interleaved with each other when building in parallel, etc.
We have better tooling to reliably capture compiler warnings of your choice,
fully automatically, and in a machine readable format:
$ csmock ${pkg}.src.rpm -t gcc
You can also transparently inject compiler flags without changing anything
in the buildroot (and unnecessarily breaking production builds of others):
$ csmock ${pkg}.src.rpm -t gcc --gcc-add-flag=...
Kamil