F21 Self Contained Change: Playground repository
Bruno Wolff III
bruno at wolff.to
Wed Apr 9 01:54:57 UTC 2014
On Tue, Apr 08, 2014 at 20:21:11 -0400,
Josh Boyer <jwboyer at fedoraproject.org> wrote:
>Who is doing that work within Fedora today? After the initial review,
>there is no on-going audit of packages _within_ Fedora to make sure
>they aren't bundling (or following guidelines at all). That's not to
>say that we have a massive problem. It _is_ implying that maybe one
>shouldn't blindly trust the guidelines to catch all of the potential
>problems though.
I think there is a difference in people not following guidelines than
saying it is OK. Right now there is a reasonable chance that no one has
bundled openssl into another official Fedora package. If we explicitly
say bundling is OK, then it becomes a lot more likely that libraries
end up being bundled.
More information about the devel
mailing list