On 1/12/20 3:19 PM, Marius Schwarz wrote: > Am 10.01.20 um 17:36 schrieb Pierre-Yves Chibon: >> Good Morning Everyone, >> >> This is not a new idea, it has been presented at flock last year and spoken >> about on this very list this fall, so I'd like to push it a little further. >> >> Do we want to drop release and changelog from our spec file? > Vote: no. > > The correct releases and changelogs in the rpms are important to check > for security patches made. This need of any admin will override > any argument for a removal, as it's the most important source on a > working system to gather it's security state. Finally the reply I was looking for! As someone who relies the changelog of the RPM for security reasons this whole thread has me worried. On 1/12/20 3:38 PM, Miro Hrončok wrote: > It would stay in the RPM, we would just populate it differently and it > would no longer be hardcoded in the spec file in our infrastructure. How will it be populated? Will it ensure that the information that is important for security minding end users is still available? Sorry in advance if I missed the details of how it would still be managed and included for end users to consume? Thanks! Joe -- Joe Doss joe@xxxxxxxxxxxxxx
Attachment:
pEpkey.asc
Description: application/pgp-keys
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
