| 1 |
Il giorno gio, 20/01/2011 alle 20.27 +0100, Matti Bickel ha scritto: |
| 2 |
> Not sure what you mean: if someone quickpkg's php and needs all the |
| 3 |
> source? Well, they already downloaded them. Better keep them around, |
| 4 |
> since it's *your* binary, not mine. |
| 5 |
|
| 6 |
We do distribute part of our packages as binaries already so we have to |
| 7 |
be compliant with their licenses to begin with. Better doing it with a |
| 8 |
single sweep than trying to come up with abstruse case-by-case points, |
| 9 |
no? |
| 10 |
|
| 11 |
> Same thing, as already pointed out in another message. I see the point |
| 12 |
> in making it easier for them. That's okay. So what you're saying is |
| 13 |
> we're upstream too and upstream's should provide their historical stuff. |
| 14 |
|
| 15 |
This is but _one_ reason, and just another thing to trickle down. I |
| 16 |
don't care if "FSF says it's their problem"; what is it costing us, |
| 17 |
really? The cost is minimal (as we need the archive anyway), and the |
| 18 |
gain is there for many people. |
| 19 |
|
| 20 |
Arguing against this is just getting to the point of arguing because |
| 21 |
somebody is doing what nobody did for a long time: taking decisions. |
| 22 |
|
| 23 |
> If you're reporting a security issue in a ebuild that's no longer in |
| 24 |
> tree (in php's case, chances are it got removed b/c of security :p), the |
| 25 |
> bug wouldn't be investigated, right? |
| 26 |
|
| 27 |
There are cases and cases there; in the case of _custom_ tarballs, I'd |
| 28 |
expect us to investigate if the security issues was found on our version |
| 29 |
and not in the upstream-provided one for instance. |
| 30 |
|
| 31 |
Once again, please tell me: what does it change to you? If anybody |
| 32 |
should complain about this request is Infra. And Infra in the person of |
| 33 |
Robin is okay with this policy as it was planned anyway. |
| 34 |
|
| 35 |
-- |
| 36 |
Diego Elio Pettenò — Flameeyes |
| 37 |
http://blog.flameeyes.eu/ |
Archives