1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Brian Harring wrote: |
5 |
> On Mon, Aug 22, 2005 at 11:59:54PM +0200, Marius Mauch wrote: |
6 |
> |
7 |
>>On 08/22/05 Brian Harring wrote: |
8 |
>> |
9 |
>> |
10 |
>>>On Mon, Aug 22, 2005 at 11:33:23PM +0200, Marius Mauch wrote: |
11 |
>>> |
12 |
>>>>Theoretical discussions about this are pointless IMO without |
13 |
>>>>numbers/facts to back things up. |
14 |
>>> |
15 |
>>>I'd posit theroetical discussions about this are pointless without |
16 |
>>>getting ebuild dev's to give a yay/nay on whether they want it or not; |
17 |
>>> |
18 |
>>>not much for trying to force it down their throats if they don't want |
19 |
>>>it (more work, essentially). |
20 |
>> |
21 |
>>That too. But providing them with some numbers will certainly have an |
22 |
>>effect on their decision (especially if it shows that it doesn't really |
23 |
>>affect them ;) |
24 |
> |
25 |
> Rather hard to back it up though, without specialized knowledge in |
26 |
> (effectively) the whole tree- either we do it, or we ask nicely those |
27 |
> who are supposed to have such knowledge :) |
28 |
> |
29 |
> I can rattle off a couple of env vars that screw things up, but how |
30 |
> many of us are aware that an exported ARCH screws with kernel builds |
31 |
> fex? |
32 |
> |
33 |
> I'd punt it to them, and find out what they think (tiz the route I |
34 |
> took when I brought this up last). |
35 |
> |
36 |
> Explicit whitelisting is great for getting closer to deterministic |
37 |
> builds, but it's a helluva overhead on a side note. |
38 |
> ~harring |
39 |
|
40 |
I'm kinda with genone on implementing both ( since they are similar ). |
41 |
If it's decided that blacklisting is easier to maintain, I can always |
42 |
make up my own whitelist for pkg-foo and apply it and if it works submit |
43 |
it as a bug ( or even some other whitelist database? ) and thus can |
44 |
gaurentee that my package was built 'correctly'(TM). I think this would |
45 |
be important in fex, an enterprise distribution type deal where the |
46 |
build env is important to some. Put the whitelists in the tree and have |
47 |
them --excluded by default, so only the users that use them have to |
48 |
downlaod them. |
49 |
|
50 |
Regardless I'd like to see what actual people who write and manage |
51 |
ebuilds think, I've only written a few and I don't have much experience |
52 |
in that area. ( Spanky, solar, etc... the crazy ones ) :) |
53 |
|
54 |
- -Alec Warner (antarus) |
55 |
-----BEGIN PGP SIGNATURE----- |
56 |
Version: GnuPG v1.4.1 (GNU/Linux) |
57 |
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org |
58 |
|
59 |
iQIVAwUBQwpTUmzglR5RwbyYAQKPOA/+PbhtDYbbasHP9ZDa2SwTN+YVQRfXEfBt |
60 |
QwqjmtmdSyGSsLJL7C5PtASL/lLUK0z6uI2LmCniHctvIzvHd7/dAZO8deq4Hqcb |
61 |
18CgXZucwqvGnLhPIC23Z7CTXb3dUf60WTbwjkP4vTmywRtWr3eOqGIZ03pgjrBr |
62 |
GDtb+onEGn8lSMxdqRuUxCvFnyz+QIaX2ysOahH/qKRIcJXh4w/zFQrDy+9olSpy |
63 |
CAkaZLrOplRKZSSkz5i/W1dpKioa7fa3FXD43a7uWXzoRsLNxivyhNqtJJ34rnPI |
64 |
UexjElpelGlnw4zdDGzq5waYDpwUPfme8vz4pHEZ0MtqGQZ7OCsl3Pnz5q44Z7Vd |
65 |
cwN5+limQGN0dg55kYgbx+pOm0TRi5u9iAHMdlLojxD9e29AeGpRijeaWfm6ZuRk |
66 |
MEQrBJMFkhm4BaOuZ8+lcmaso1SxsfdQnlEnwXBVnjt2uoqy/G14wGPxye+gb3tL |
67 |
kUqBhB+DNH8RMO6Sgu+DDTsLT2vx7w7MV7XMQorBD6g4nvIxdl5OR13sI0Yo+gnt |
68 |
RF6BlM7eShMrx9aYx9Xr97F9XuBH8tIOKzpSqPK+O/cevJVVu6IwSU8VyPW2o0Rr |
69 |
rKCwS04vrYSwkfpvNgChNHSqhk08NKcBIQD4sLvrMZpp70OyGXgMTvryUxjzgejA |
70 |
Tb1Woep3gYk= |
71 |
=Q3sT |
72 |
-----END PGP SIGNATURE----- |
73 |
-- |
74 |
gentoo-portage-dev@g.o mailing list |