1 |
Il giorno gio, 20/01/2011 alle 20.27 +0100, Matti Bickel ha scritto: |
2 |
> Not sure what you mean: if someone quickpkg's php and needs all the |
3 |
> source? Well, they already downloaded them. Better keep them around, |
4 |
> since it's *your* binary, not mine. |
5 |
|
6 |
We do distribute part of our packages as binaries already so we have to |
7 |
be compliant with their licenses to begin with. Better doing it with a |
8 |
single sweep than trying to come up with abstruse case-by-case points, |
9 |
no? |
10 |
|
11 |
> Same thing, as already pointed out in another message. I see the point |
12 |
> in making it easier for them. That's okay. So what you're saying is |
13 |
> we're upstream too and upstream's should provide their historical stuff. |
14 |
|
15 |
This is but _one_ reason, and just another thing to trickle down. I |
16 |
don't care if "FSF says it's their problem"; what is it costing us, |
17 |
really? The cost is minimal (as we need the archive anyway), and the |
18 |
gain is there for many people. |
19 |
|
20 |
Arguing against this is just getting to the point of arguing because |
21 |
somebody is doing what nobody did for a long time: taking decisions. |
22 |
|
23 |
> If you're reporting a security issue in a ebuild that's no longer in |
24 |
> tree (in php's case, chances are it got removed b/c of security :p), the |
25 |
> bug wouldn't be investigated, right? |
26 |
|
27 |
There are cases and cases there; in the case of _custom_ tarballs, I'd |
28 |
expect us to investigate if the security issues was found on our version |
29 |
and not in the upstream-provided one for instance. |
30 |
|
31 |
Once again, please tell me: what does it change to you? If anybody |
32 |
should complain about this request is Infra. And Infra in the person of |
33 |
Robin is okay with this policy as it was planned anyway. |
34 |
|
35 |
-- |
36 |
Diego Elio Pettenò — Flameeyes |
37 |
http://blog.flameeyes.eu/ |