On Sat, Mar 30, 2024 at 09:09:35AM -0400, Neal Gompa wrote: > And in CMake's favor, there's a huge ecosystem of helpers and > integrations that make it easier for people to understand what CMake > is doing as it's being developed, built, and shipped. That is actually a weakness: On Sat, Mar 30, 2024 at 01:38:45PM +0000, Tim Landscheidt wrote: > Kevin Kofler wrote: > > Well, I have been arguing against this exception (exempting prebuilt > > autotools output) from the "no prebuilt blobs" rule for years, and it > > saddens me that something like this had to happen for Fedora to finally > > realize that that exception has always been a bad idea. > CMIIW, but it would not have made any difference as the > source code had been shipped as part of the tar ball and > auto(re)conf would have happily integrated it into the next > build. I suspect that a modification to CMakeLists.txt and > its includes would not have been detected either; even a > daring, but obvious change in the 30000+ lines of source > itself might have gone unnoticed. CMake for many years fought against pkgconf and pushed people towards copying those scripts into sources. It is still very common for projects using CMake to come with a whole directory of badly written detection scripts that each replace a single-line pkgconf invocation. And of course nobody has time to look into those scripts, making it easy to smuggle something through there. Zbyszek -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
