On Mon, 2017-03-20 at 13:15 +0100, Kamil Dudka wrote:
I believe that using -Werror in production builds
is a really bad idea in general. There are other, more efficient,
ways to
detect such warnings off production build environment.
In general, I completely agree, but...
IMO the only correct fix is to remove -Werror=format-security from
default
compiler flags in Fedora build environment. It obviously introduces
more
problems than it solves.
...format-security should be an exception, since it eliminates an
entire class of security vulnerabilities. If your package triggers this
warning, then the code *really* needs to be audited to ensure it's not
a vulnerability. Either patch it to avoid the strange construction or
add pragmas to suppress the warning for a particular block of code;
don't disable this one.
Michael