"Unbundling SIG" was [Re: Summary/Minutes from today's FESCo Meeting (2015-10-07)]
kevin.kofler at chello.at
Sun Oct 11 12:29:59 UTC 2015
> In short: packagers are not to be trusted, that's the bottom line of
> your argumentation.
Not at all! It is funny that you are accusing me of distrusting packagers
when I have been arguing for years that packagers ARE to be trusted and thus
the restrictions on updates need to go away.
What I am saying instead is that:
1. You have to acknowledge that there is an obvious conflict of interest
between upstream and downstream on this issue.
2. Several packagers ARE upstream.
3. There is a common credo (which I do not adher to) in Fedora that upstream
should be followed blindly ("upstream, upstream, upstream").
4. There is nothing in the new policy that states, even informally
(= without enforcement), that unbundling is MORE IMPORTANT than following
And don't forget that the people who want libraries to be unbundled will in
most cases ALSO be packagers, just not necessarily the maintainers of the
So there needs to be:
* a clear statement (an informal recommendation or a strict rule) that
unbundling is the desired target state even if upstream is against it, and
* a way to deal with the potential conflicts of interest (where the packager
is upstream and/or puts upstream's goals above ours).
I still think the old policy with its strict rule was the best way to
If you think packagers will always do the right thing without any kind of
guidance, then why do we have packaging guidelines at all?
> Being putting down stricter guidelines without any means of enforcing
> them, you're not solving anything.
There is a means of enforcing this guideline, just like all the other
packaging guidelines: unsponsoring offenders! Of course, it should be done
only as a last resort, but the possibility needs to be there.
> FESCo choose to trust contributors to do the right thing and being honest.
Then start by repealing the update stability policies.
> Wrong, it's even more "laxist" than our current one.
It is actually not, if you read them closely.
| Debian packages should not make use of these convenience copies unless the
| included package is explicitly intended to be used in this way.
i.e., the LIBRARY upstream decides whether it is a copylib or not. This is
similar to the copylib exception in our old guidelines, except that they do
not require any formal approval for copylibs.
| All packages whose upstreams allow them to be built against system
| libraries must be built against system libraries.
i.e., the APPLICATION upstream decides whether it bundles its libraries or
not. This is NOT the same thing. In most cases, they are NOT the same
upstream, and the application upstream can bundle even libraries that DON'T
want to be bundled.
> Besides, you're not answering the question, Matthew changed the topic
> to focus the discussion on the Unbundling SIG proposal.
I am answering some points Matthew was making, and they are within the topic
of the thread as a whole.
> I think it's a better idea to have a focused group leading that effort
> and I hope closely with FPC.
I don't think it is fair to offload lazy packagers' work on the small group
that cares about having Fedora done right. It is bad enough that we need to
fix packages that are in violation of the guidelines, we should not let it
become the norm by weakening or repealing the guidelines (but instead take
steps to prevent this from happening to begin with).
More information about the devel