when DEP-3 compliant patches in Fedora?
Florian Weimer
fweimer at redhat.com
Fri Aug 28 12:44:00 UTC 2015
On 08/28/2015 02:11 PM, Marcin Juszkiewicz wrote:
> Hi
>
> I am building software for misc distributions for over 11 years. And so
> far Fedora packages are the worst of those I played with (mostly
> OpenEmbedded and Debian).
>
> Why? Because patches are mess. Let's take random one:
>
> @@ -108,7 +108,7 @@
> M = int(max(r, g, b))
> m = int(min(r, g, b))
> val = (2 * M + r + g + b) / 5
> - p[:] = (val + r) / 2, (val + g) / 2, (val + b) / 2
> + #p[:] = (val + r) / 2, (val + g) / 2, (val + b) / 2
> if alpha[y][x] >= 250:
> alpha[y][x] = 255 - (M - m) * 3 / 4
> del pixels
>
> Who knows what it does and why? For some reason it has a name '64bitfix'
> but why it is needed? Did upstream ever saw it? No idea.
>
> In Debian (or in OpenEmbedded) it is solved by implementing DEP-3 [1]
In reality, here's what the Debian version of this patch looks like:
<http://sources.debian.net/src/monsterz/0.7.1-8/debian/patches/010_64-bit-alignment-issues-with-python2.5.diff/>
I'm not sure if it's all that more helpful, to be honest. It does not
follow DEP-3, sure, but neither do many other Debian packages. Even
some critical server packages still do not have any broken-out patches
at all.
(In general, if there is no upstream to contribute such fixes to, it's
probably best not to ship such software at all.)
--
Florian Weimer / Red Hat Product Security
More information about the devel
mailing list