On 12/02/2015 03:46 PM, Vít Ondruch wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Dne 2.12.2015 v 15:30 Stephen Gallagher napsal(a):
In accordance with the bundling policy, it *is* carrying a virtual
Provides to allow us to identify whether it is affected by discovered
CVEs.
This brings me to interesting question, how to actually know that one
should be looking for some bundled library? I don't think this was ever
addressed,
c.f. the section
"Bundling and Duplication of system libraries"
in https://fedoraproject.org/wiki/Packaging:Guidelines
but I believe it'd be useful to have some page where we can
see what is bundled and where is it bundled. I don't think that
"repoquery" is the answer, since this does not give good enough overview
nor statistics, etc.
repoquery has been rendered widely unusable by dnf.
Ralf
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
