1 |
Hi! |
2 |
|
3 |
Our current -Werror policy demands unconditional removal: |
4 |
https://devmanual.gentoo.org/ebuild-writing/common-mistakes/index.html#-werror-compiler-flag-not-removed |
5 |
|
6 |
I think this is wrong, see bugs 665464, 665538 for a recent |
7 |
discussion why. |
8 |
|
9 |
My point is that in *most* cases -Werror indeed should be removed, |
10 |
because upstream rarely can keep up with all possible configure, |
11 |
*FLAGS, compiler versions and arch combinations. But! In some cases |
12 |
— especially for security oriented software — this flag may be |
13 |
pertain and may be kept at maintainer's discretion. |
14 |
|
15 |
The rationale is that -Werror usually points to dangerous |
16 |
situations like uninitialized variables, pointer type mismatch or |
17 |
implicit function declaration (and much more) which may lead to |
18 |
serious security implications. |
19 |
|
20 |
So, if maintainer has enough manpower to support this flag, we |
21 |
should allow to keep it. Of course if it will cause long-standing |
22 |
troubles (e.g. bugs opened for a long time) QA should have power to |
23 |
remove it or demand its removal. |
24 |
|
25 |
So my proposal is: |
26 |
|
27 |
1) Deprecate QA policy with unconditional demand of -Werror removal. |
28 |
2) Add to devmanual's chapter on -Werror an exception clause about |
29 |
security-oriented software and maintainer's right to make final |
30 |
decision. |
31 |
|
32 |
Best regards, |
33 |
Andrew Savchenko |