https://bugzilla.redhat.com/show_bug.cgi?id=1597287
--- Comment #10 from Jonathan Dieter <jdieter(a)gmail.com> ---
(In reply to Igor Gnatenko from comment #9)
(In reply to Jonathan Dieter from comment #7)
> (In reply to Igor Gnatenko from comment #5)
> > So the licensing is complicated here:
> > * It should be BSD and MIT and Public Domain
> > * Provides: bundled(buzhash) = VERSION OF BUZHASH
>
> I had to modify the original code, so it can't really be unbundled. I'll
go
> ahead and add the provides.
>
> > There seems to be some bundled code about multipart parsing...
>
> There was, but it didn't do what I needed, so I had to start from scratch.
> I obviously forgot to delete the original README.md, so I'll take care of
> that
Why did you do that? Any reason not to use some other dependency which meet
your needs?
I looked, but couldn't find anything that would do it. I don't think many
pieces of software use multiple range requests in a single http request, so I
just wrote the code myself.
> > * Provides: bundled(something) = VERSION OF THIS SOMETHING
> > * Provides: bundled(sha1) = …
> > * Provides: bundled(sha2) = …
> >
> > But please, can you unbundle those?
>
> These were bundled to keep dependencies at a minimum because I see zchunk as
> having universal use, even in places where openssl might not be available.
>
> Having said that, if you feel strongly about this, I will change zchunk so
> openssl is an optional dependency, that, if available, will provide the
> hashing functions rather than the built-in hashing functions.
>
> Do you feel that that would be worth the effort?
Just saying that it can't be dependency of dnf because in enterprise any
crypto-related code has to be checked and certified. While if you use
openssl, this is already done. So yes, please use openssl.
Ok, will do
--
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component