Nicolas Mailhot via devel wrote:
> And Go has all build dependencies in the release where they are used
> (not like rust, with magic ephemeral rawhide-only packages)
Ephemeral Rawhide-only packages mean the builds cannot be reproduced in a
release, which is a clear violation of our packaging guidelines. What if a
security update is needed? (Yes, I know the language claims to be totally
secure by design. But that is at most true for a small number of security
vulnerability classes, such as buffer overflows.) And if the software is
under the GNU GPL or a similar strong copyleft license, it is also a
violation of the license.
Kevin Kofler
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
