On Mon, Jan 13, 2020 at 2:02 PM Przemek Klosowski via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > On 1/10/20 8:14 PM, Michael Catanzaro wrote: > > On Fri, Jan 10, 2020 at 9:46 pm, Richard W.M. Jones > > <rjones@xxxxxxxxxx> wrote: > >> OpenSUSE proved years and years ago that dropping %changelog is > >> possible, easy and desirable. We should do that IMHO. > > > > They still have %changelog at the bottom of each spec file, but as the > > last line of the file. The actual changelog is stored as a separate > > .changes file. That's a *lot* better than what Fedora does now, > > because it makes it way easier to scroll through the spec file. But > > getting rid of the changelog entirely would be even nicer. :) > > changelogs often include CVE information, especially useful when the > fixes are backported rather than included as part of the regular > update/release process. > > How could the CVE info be available in the absence of changelogs? In Fedora, this information has always been available as part of updateinfo, just like with RHEL. Only CentOS seems to still not have updateinfo published for advisories and including security information. That said, the information could *still* be in changelogs if the packager deems so. -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
