https://bugzilla.redhat.com/show_bug.cgi?id=1597287 --- Comment #9 from Igor Gnatenko <i.gnatenko.brain@xxxxxxxxx> --- (In reply to Jonathan Dieter from comment #7) > (In reply to Igor Gnatenko from comment #5) > > So the licensing is complicated here: > > * It should be BSD and MIT and Public Domain > > * Provides: bundled(buzhash) = VERSION OF BUZHASH > > I had to modify the original code, so it can't really be unbundled. I'll go > ahead and add the provides. > > > There seems to be some bundled code about multipart parsing... > > There was, but it didn't do what I needed, so I had to start from scratch. > I obviously forgot to delete the original README.md, so I'll take care of > that Why did you do that? Any reason not to use some other dependency which meet your needs? > > * Provides: bundled(something) = VERSION OF THIS SOMETHING > > * Provides: bundled(sha1) = … > > * Provides: bundled(sha2) = … > > > > But please, can you unbundle those? > > These were bundled to keep dependencies at a minimum because I see zchunk as > having universal use, even in places where openssl might not be available. > > Having said that, if you feel strongly about this, I will change zchunk so > openssl is an optional dependency, that, if available, will provide the > hashing functions rather than the built-in hashing functions. > > Do you feel that that would be worth the effort? Just saying that it can't be dependency of dnf because in enterprise any crypto-related code has to be checked and certified. While if you use openssl, this is already done. So yes, please use openssl. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx/message/4J32GCAEC5IHOZ4VHNIOBSBXDTX3O6KP/
