| 1 |
On 10/17/2016 01:43 AM, Ian Stakenvicius wrote: |
| 2 |
> |
| 3 |
> There is also no particular policy that I am aware of for ensuring |
| 4 |
> packages are designed to be built from source first and foremost. |
| 5 |
|
| 6 |
If all you're looking for is something to cite, then binary packages run |
| 7 |
afoul of most of our existing QA and security guidelines: |
| 8 |
|
| 9 |
* There are no USE flags to govern optional dependencies. |
| 10 |
|
| 11 |
* CFLAGS, LDFLAGS, etc. are not respected. |
| 12 |
|
| 13 |
* Certain compiler features (for example, stack-smashing protection) |
| 14 |
are sidestepped. |
| 15 |
|
| 16 |
* Dependencies are bundled or statically linked. |
Archives