On Sat, 21 Nov 2015 03:25:00 +0600 Denis Fateyev <denis@xxxxxxxxxxx> wrote: > Hello there, > > I'm going to package CryptX Perl module [1] soon. > > The only concern is that it contains a lot of XS-based code of > ciphers and hashes that can be probably considered as bundled. Mostly > the used routines, including sha1, sha2 and md5 implementations, are > based on LibTomCrypt library [2, 3]. > > Neither this library components nor all algo related are mentioned in > Bundled library policies [4]. So the question is: should we threat > this very case as bundled libs presence? Are there any objections > against this module to be packaged "as is", in its current state? > > Thanks, > > [1] https://metacpan.org/pod/CryptX > > [2] http://www.libtom.net > > [3] https://github.com/libtom/libtomcrypt > > [4] > https://fedoraproject.org/w/index.php?title=Packaging:No_Bundled_Libraries&oldid=406058 As a data point of interest, I unbundled libtomcrypt from python-crypto when it became possible: https://bugzilla.redhat.com/show_bug.cgi?id=1087557 Paul. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
