1 |
On 02/03/2017 01:33 PM, Patrick McLean wrote: |
2 |
> |
3 |
> We might as well go back to before IUSE defaults then. Part of the |
4 |
> advantage of IUSE defaults is maintainers don't all have to fiddle with |
5 |
> the profiles, everything can be self-contained in the ebuild. This |
6 |
> drastically complicates maintenance, having two locations to track and |
7 |
> change rather than just one. |
8 |
|
9 |
You still retain the benefit for IUSE defaults that actually belong in |
10 |
the base profile, just not for upstream defaults or the ones that you |
11 |
personally prefer. |
12 |
|
13 |
|
14 |
> I suspect that there is a small subset |
15 |
> of people interested in this, and perhaps those people could maintain a |
16 |
> "minimal" profile that unsets IUSE defaults. |
17 |
|
18 |
Then every IUSE default gets recorded twice: once when the maintainer |
19 |
puts it in the ebuild, and once when I add it (negated) to the minimal |
20 |
profile. That's a bad design even if we pretend that I can solve the |
21 |
problem of tracking every IUSE change in the tree. |
22 |
|
23 |
|
24 |
> Also, I would just point out that the particular IUSE default that |
25 |
> you objected to in your original email does not really affect this |
26 |
> "minimalist" ideal that you seem to hold. The "hpn" USE flag on |
27 |
> openssh does not actually pull in any extra dependencies, it just |
28 |
> adds some optimizations to the network code to make it faster. |
29 |
> |
30 |
|
31 |
Yeah, that. OpenSSH is probably the most security-critical package on |
32 |
our systems. OpenSSH is maintained upstream by a talented team of |
33 |
security-conscious people. The HPN patch is, |
34 |
|
35 |
a) a third-party patch... |
36 |
b) that has been rejected by the talented security-conscious team... |
37 |
c) and is useless for most people. |
38 |
|
39 |
So why are we deciding for our users that they must have it? |