On Thu, Sep 10, 2020 at 04:03:46PM +0200, Petr Pisar wrote: > In non-modular Fedora all packages that we have in Fedora build system (Koji) > are tagged into Fedora repositories and made available to all users on their > computers for any purpose. That implies that all packages in Fedora build system > must be fully supported including addressing all security issues. > > In modular Fedora that's (effectively) not true. Packages that only exist > for the sake of building other packages (i.e. build-only dependencies) can be > retained in the Fedora build system and never left it. That means those > packages are never made available to Fedora users and thus a service level for > them is significantly lower. E.g. no security fixes, not bug fixes, no > integration, not tests, no API/ABI stability. The only requirement is that > they can be built and used for building other packages. So, if user wants to locally rebuild the package, they won't be able to do it? Because BuildRequired packages won't be available? -- Tomasz Torcz “Funeral in the morning, IDE hacking tomek@xxxxxxxxxxxxxx in the afternoon and evening.” - Alan Cox _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx