https://bugzilla.redhat.com/show_bug.cgi?id=1597287 --- Comment #10 from Jonathan Dieter <jdieter@xxxxxxxxx> --- (In reply to Igor Gnatenko from comment #9) > (In reply to Jonathan Dieter from comment #7) > > (In reply to Igor Gnatenko from comment #5) > > > So the licensing is complicated here: > > > * It should be BSD and MIT and Public Domain > > > * Provides: bundled(buzhash) = VERSION OF BUZHASH > > > > I had to modify the original code, so it can't really be unbundled. I'll go > > ahead and add the provides. > > > > > There seems to be some bundled code about multipart parsing... > > > > There was, but it didn't do what I needed, so I had to start from scratch. > > I obviously forgot to delete the original README.md, so I'll take care of > > that > > Why did you do that? Any reason not to use some other dependency which meet > your needs? I looked, but couldn't find anything that would do it. I don't think many pieces of software use multiple range requests in a single http request, so I just wrote the code myself. > > > * Provides: bundled(something) = VERSION OF THIS SOMETHING > > > * Provides: bundled(sha1) = … > > > * Provides: bundled(sha2) = … > > > > > > But please, can you unbundle those? > > > > These were bundled to keep dependencies at a minimum because I see zchunk as > > having universal use, even in places where openssl might not be available. > > > > Having said that, if you feel strongly about this, I will change zchunk so > > openssl is an optional dependency, that, if available, will provide the > > hashing functions rather than the built-in hashing functions. > > > > Do you feel that that would be worth the effort? > > Just saying that it can't be dependency of dnf because in enterprise any > crypto-related code has to be checked and certified. While if you use > openssl, this is already done. So yes, please use openssl. Ok, will do -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx/message/DGJQQRRCZZUTV4SZASQKKAHKOFZ7MYPW/