On Wed, Dec 30, 2009 at 8:05 AM, Ralf Corsepius <rc040203@xxxxxxxxxx> wrote: > Well, I disagree: If they want to use "their auditied version", they haven't > understood how open source works. They qualify as jerks who prefer to use > proprietary forks instead of "paying back" to "upstream" and the wider > user-base. Um - the audited version is just frozen. It's not hidden, it's not proprietary, and it would be nice if you look at things before calling people jerks. TomsFastMath ( http://tfm.libtomcrypt.com/ ) has been a public FOSS project for a while, it is packaged in a number of distros (FreeBSD seems to carry a version, Debian has it, etc). The special "frozen" version we carry is publicly available in our git repo, and AFAIK the upstream author was 100% involved in our audit process. The results are definitely openly available too. So put down the pitchfork already. Let's focus on the important bit: we need a frozen version of a library (that, btw, is useful, and is not in Fedora yet :-) ). What's the best practice for that? I don't see why we'd need to embed it statically anywhere (except OFW of course). cheers, m -- martin.langhoff@xxxxxxxxx martin@xxxxxxxxxx -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
