https://bugzilla.redhat.com/show_bug.cgi?id=1597287
--- Comment #9 from Igor Gnatenko <i.gnatenko.brain(a)gmail.com> ---
(In reply to Jonathan Dieter from comment #7)
(In reply to Igor Gnatenko from comment #5)
> So the licensing is complicated here:
> * It should be BSD and MIT and Public Domain
> * Provides: bundled(buzhash) = VERSION OF BUZHASH
I had to modify the original code, so it can't really be unbundled. I'll go
ahead and add the provides.
> There seems to be some bundled code about multipart parsing...
There was, but it didn't do what I needed, so I had to start from scratch.
I obviously forgot to delete the original README.md, so I'll take care of
that
Why did you do that? Any reason not to use some other dependency which meet
your needs?
> * Provides: bundled(something) = VERSION OF THIS SOMETHING
> * Provides: bundled(sha1) = …
> * Provides: bundled(sha2) = …
>
> But please, can you unbundle those?
These were bundled to keep dependencies at a minimum because I see zchunk as
having universal use, even in places where openssl might not be available.
Having said that, if you feel strongly about this, I will change zchunk so
openssl is an optional dependency, that, if available, will provide the
hashing functions rather than the built-in hashing functions.
Do you feel that that would be worth the effort?
Just saying that it can't be dependency of dnf because in enterprise any
crypto-related code has to be checked and certified. While if you use openssl,
this is already done. So yes, please use openssl.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component