1 |
On 10/17/2016 01:43 AM, Ian Stakenvicius wrote: |
2 |
> |
3 |
> There is also no particular policy that I am aware of for ensuring |
4 |
> packages are designed to be built from source first and foremost. |
5 |
|
6 |
If all you're looking for is something to cite, then binary packages run |
7 |
afoul of most of our existing QA and security guidelines: |
8 |
|
9 |
* There are no USE flags to govern optional dependencies. |
10 |
|
11 |
* CFLAGS, LDFLAGS, etc. are not respected. |
12 |
|
13 |
* Certain compiler features (for example, stack-smashing protection) |
14 |
are sidestepped. |
15 |
|
16 |
* Dependencies are bundled or statically linked. |