Proposal to reduce anti-bundling requirements

Sun Sep 13 20:23:07 UTC 2015

2015-09-13 20:40 GMT+02:00 Matěj Cepl <mcepl at cepl.eu>:
> On 2015-09-13, 13:13 GMT, Haïkel wrote:
>> But, distros have lost the influence they used to have then, we're in the
>> cloud/container era where people bundle everything ...
>
> And they won't retake it by giving up. Then they will just give
> ammunition to the idiots persuading them they are right.
>

Nope, they end up telling their users just not to use Fedora
packages or not using Fedora at all.

That's common sense that if nobody uses Fedora, no upstream
will care about our "peculiar" requests. Influence is necessary.

>
> My experience is very different. Sensible languages and their
> universe usually welcome sensible patches. Even some less
> sensible universes are moving towards more sensible state ...
> certainly even such monster as Java is (hopefully, slowly)
> moving in the right direction, I see some (some!) movement in
> the right direction even in the JavaScript world (ES6, some
> efforts in the NodeJS world).

The Java world is definitively not moving in the right direction.

> Yes, there is PHP, but I believe that their brightest moment has
> passed and they will either start to do sensical engineering
> (and that means way more than just unbundling) or they will
> slowly vanish. Certainly, I don't think PHP is the reason why
> Fedora should change their direction.
>

I'm not speaking about PHP, most of the upstream I deal with
are python developers. Bad habits are rather spreading than
regressing.

Recently, the new trend among python developers is to follow
Kenneth Reitz stupid habit to bundle all dependencies in
his modules though we have pip and ability to pin versions!

> And if somebody thinks docker & co. is the answer, then we
> should wait just a little bit before they discover that the
> content of their containters needs maintenance as well, and
> before their customers discover that they have infrastructure
> full of old unmaintatenable junk.
>
> Certainly, an engineer who prostitutes himself and in order to
> be popular accepts stupid decisions of his clients is not
> something I would like to follow.
>
> Matěj
>

Thanks for calling me a whore.

If you care about purity, I care about all those hidden bundled
libs carrying CVE shipped in Fedora that are not properly referenced
and tracked security team.

Good engineering is not just about technical prowess but being able to
prevent customers/users to shoot themselves in the foot.

I think I do not want to debate anymore if people purposefully
mix a proposal to relax a guideline with dropping it.
That's a cheap trick.

H.