2015-10-08 10:55 GMT+02:00 Tomas Mraz <tmraz@xxxxxxxxxx>: > On Čt, 2015-10-08 at 00:06 +0200, Kevin Kofler wrote: >> Stephen Gallagher wrote: >> > * #1483 Decision on bundling policy in the Fedora Package Collection >> > (sgallagh, 18:11:40) >> > * LINK: http://paste.fedoraproject.org/276064/44243383/ is sgallaghs >> > proposal without the critpath distinction (nirik, 18:43:49) >> > * AGREED: Adjust the packaging policy as described in >> > http://paste.fedoraproject.org/276064/44243383/ (+5, 3, -1) >> > (sgallagh, 18:57:44) >> > * ACTION: tibbs|w to inform FPC and work on removing the anti-bundling >> > stuff from the guidelines (sgallagh, 18:59:17) >> >> Ewww! :-( >> >> This opens the door to all kinds of duplication, waste of disk space, waste >> of RAM, symbol conflicts and unfixed security issues! >> >> "Thanks" for making Fedora worse! > > Yes, it seems the quantity over quality view won. :( > Also the haste with which it was pushed is seriously disappointing. > > -- > Tomas Mraz > No matter how far down the wrong road you've gone, turn back. > Turkish proverb > (You'll never know whether the road is wrong though.) > Not that I'm 100% happy with the way it happened but this has been a very long-lived topic. To some, it'll be a hasty decision, to others, it's already a late one. Please keep in mind, that Fesco is aware this is not a perfect solution, and we''ll gladly review any proposals to improve this policy. But we can keep discussing this for years, or try to solve this issue incrementally. We chose the latter. No we didn't chose quantity over quality, it will only have a marginal impact on the former. It doesn't prevent you to do unbundling, track bundled libraries, request FPC or peers feedback if you want. Pretending that the now-previous guidelines that many packages (including recent ones) did not respect were preventing issues was giving a false impression of security, that was *harmful*. You're free to rant or work with us to improve the now-current policy. Regards, H. PS: I won't reply to private answers on that topic. It's either on the list or it'll go to /dev/null PPS: I encourage people complaining to participate more actively in the reviewing pipeline, best way to prevent bundled libraries to be sneaked in. Sloppy reviews and the lack of regular reviewing process for current packages are a far more serious issue. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
