| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA512 |
| 3 |
|
| 4 |
On 06/12/2015 09:58 PM, William Hubbs wrote: |
| 5 |
> On Fri, Jun 12, 2015 at 11:18:29AM -0700, Patrick McLean wrote: |
| 6 |
>> On Fri, 12 Jun 2015 12:54:04 -0500 William Hubbs |
| 7 |
>> <williamh@g.o> wrote: |
| 8 |
|
| 9 |
|
| 10 |
.. |
| 11 |
|
| 12 |
> Since the Go compiler bundles all the necessary packages to compile |
| 13 |
> a go binary, I can't help but wonder if we really need manual |
| 14 |
> snapshots of packages that build only *.a files in the tree? |
| 15 |
> |
| 16 |
> Thoughts? |
| 17 |
> |
| 18 |
|
| 19 |
It gets even worse if you factor in security. With the static linking |
| 20 |
you really need a := dependency on all libraries used as you don't |
| 21 |
know whether an update is security related. |
| 22 |
|
| 23 |
That said, I understand the structure. I don't like it, but I |
| 24 |
understand it, given that it is primarily only intended to be used |
| 25 |
within container/docker environments. |
| 26 |
|
| 27 |
Good luck trying to get it to play nice with a package manager though... |
| 28 |
|
| 29 |
- -- |
| 30 |
Kristian Fiskerstrand |
| 31 |
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net |
| 32 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |
| 33 |
-----BEGIN PGP SIGNATURE----- |
| 34 |
|
| 35 |
iQEcBAEBCgAGBQJVezrYAAoJECULev7WN52FtWYH/i2nPEWAcUHjYP/i9DYqbrzJ |
| 36 |
pHFub2zZrdCyIqF0n/aYVtgdcU+uXz/iHD/+j/SaIVaGgWBO5kafqEt93Zyw2i4I |
| 37 |
yHWzZp5cUWMt4YfUBq63ZBGWQkaK4YsbP9TmuuUGe5ZhuOHBQhKtenue0VBqQ6Bl |
| 38 |
tiYZcByCFJ8HHeshCGdr0unAA8K85vIIaDdz/FkkA2rwlFudIWAfgaWhomc60oAV |
| 39 |
9aVKllOpqWsIoWn6GYKGuidSWmXMmN6J7EPyGENJENf01oF3Q/D7H5o3IN2uIB7m |
| 40 |
FUXtmdPji3eSS77mpyimh4xXi6fzy1x3kWGhmPHBo1PMDdaY9S/mKjy85NS5z2U= |
| 41 |
=hT4l |
| 42 |
-----END PGP SIGNATURE----- |
Archives