Proposal to reduce anti-bundling requirements

Zbigniew Jędrzejewski-Szmek zbyszek at
Thu Oct 1 23:47:06 UTC 2015

On Thu, Oct 01, 2015 at 07:00:13PM -0400, Matthew Miller wrote:
> On Thu, Oct 01, 2015 at 11:38:31PM +0200, Reindl Harald wrote:
> > >bundling out. Second, it demonstrates a case where it'd be better if
> > >the bundling had been documented, because it would have shown up in a
> > >query when the security team was working on that vulnerability
> > 
> > the last part *only* works *if* it had been documented
> > 
> > nothing of the whole thread solves the problem of unintentionally
> > bundeling becaue missing knowledge or just not care about it
> > 
> > in a perfect world upsteram would not write crap which needs to be
> > unbundeled as well as maintainers would not bundle withoput
> > intemtion by missing knowledge - nothing of that is solved or
> > targeted
> That's a good point; it's not in the scope of this proposal. However,
> it does fit with what Matthias said earier in this thread — automation
> is key. We definitely have some pieces of that puzzle already — I'd
> love to hear about a project to put them together.

We could run a script which looks for duplicated files on the output
of 'fedpkg prep' on a tree of all packages. There are various
linter-style tools which look for duplicated code, but I doubt that
they would be functional for a problem of this size.


More information about the devel mailing list