On 2015-09-13, 20:23 GMT, Haïkel wrote: > The Java world is definitively not moving in the right direction. https://en.wikipedia.org/wiki/Java_Module_System is IMHO The Right Thing™ and it is still on the list of deliverables for Java 9 (still to be feature complete on 2015-12-10). > Recently, the new trend among python developers is to follow > Kenneth Reitz stupid habit to bundle all dependencies in > his modules though we have pip and ability to pin versions! Sigh ... Why I am not surprised? I thought that python-requests (or how to replace half and hour of reading documentation with 1MB bundled with your app) is the only silly thing he did to the Python world. > If you care about purity, I care about all those hidden bundled > libs carrying CVE shipped in Fedora that are not properly referenced > and tracked security team. Is it http://is.gd/FRkDhs or do you have any more of them? Yes, you are right, we should do something about these. Best, Matěj -- http://www.ceplovi.cz/matej/, Jabber: mcepl@xxxxxxxxxx GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC SCSI is *not* magic. There are *fundamental* *technical* reasons why you have to sacrifice a young goat to your SCSI chain every now and then. -- John F. Woods -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
