1 |
On 4/19/20 3:41 PM, Samuel Bernardo wrote: |
2 |
>> |
3 |
>> EGO_SUM is not a legitimate approach to packaging. You have to create |
4 |
>> packages for each package. I know, it sounds crazy when you say it. |
5 |
>> |
6 |
> I understand what you mean, but deem this dependencies as internal |
7 |
> project dependencies where those libraries doesn't worth the effort to |
8 |
> package them all. I mean, most of these projects have an immutable |
9 |
> deployment approach that are not feasable to be packaged. The problem |
10 |
> starts from upstream... |
11 |
|
12 |
You can do whatever you want in an overlay, but you can't introduce |
13 |
security vulnerabilities and license issues into thousands of peoples' |
14 |
homes and businesses through ::gentoo because it makes your life a tiny |
15 |
bit easier. |
16 |
|
17 |
The job description of distribution developer is, ultimately, to fix all |
18 |
the dumb things that upstream does before packaging the result so that |
19 |
your users get a consistent, usable, reliable, and secure product. But |
20 |
the first step isn't optional. Re-packaging garbage is easy -- that's a |
21 |
service nobody needs. |
22 |
|
23 |
Using ebuilds this way is also simply a waste of your time. If you're |
24 |
not going to package the dependencies, then you're better off using the |
25 |
upstream bundling tool. At least then you can update the hundreds of |
26 |
bundled dependencies afterwards. With an ebuild that's not possible. |
27 |
|
28 |
I don't mean to discourage you any more than necessary. I'm glad you |
29 |
want to help. But please quit looking to Go as an example of anything |
30 |
anyone should be doing. |