Proposal to reduce anti-bundling requirements
Zbigniew Jędrzejewski-Szmek
zbyszek at in.waw.pl
Thu Oct 1 23:47:06 UTC 2015
On Thu, Oct 01, 2015 at 07:00:13PM -0400, Matthew Miller wrote:
> On Thu, Oct 01, 2015 at 11:38:31PM +0200, Reindl Harald wrote:
> > >bundling out. Second, it demonstrates a case where it'd be better if
> > >the bundling had been documented, because it would have shown up in a
> > >query when the security team was working on that vulnerability
> >
> > the last part *only* works *if* it had been documented
> >
> > nothing of the whole thread solves the problem of unintentionally
> > bundeling becaue missing knowledge or just not care about it
> >
> > in a perfect world upsteram would not write crap which needs to be
> > unbundeled as well as maintainers would not bundle withoput
> > intemtion by missing knowledge - nothing of that is solved or
> > targeted
>
> That's a good point; it's not in the scope of this proposal. However,
> it does fit with what Matthias said earier in this thread — automation
> is key. We definitely have some pieces of that puzzle already — I'd
> love to hear about a project to put them together.
We could run a script which looks for duplicated files on the output
of 'fedpkg prep' on a tree of all packages. There are various
linter-style tools which look for duplicated code, but I doubt that
they would be functional for a problem of this size.
Zbyszek
More information about the devel
mailing list