https://bugzilla.redhat.com/show_bug.cgi?id=2291065 Heiko Schaefer <heiko.schaefer@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |heiko.schaefer@xxxxxxxxx --- Comment #3 from Heiko Schaefer <heiko.schaefer@xxxxxxxxx> --- Hello Fabio, Larvitz, I am a co-author of the crates in question. @Fabio, good point that from a packaging perspective depending on pre-release versions is not ideal, thanks. All current releases of the applications use stable dependencies (and going forward I won't make application releases with stable version numbers and pre-release dependencies). I see no reason why shipping both rPGP and Sequoia-PGP would be any different in principle to shipping both OpenSSL and GnuTLS. If you have additional pointers on why depending on rPGP is a problem for packaging, I'd appreciate your input. As context for onlookers: rPGP is a pure Rust implementation of the OpenPGP standard. It has received independent security audits (see https://github.com/rpgp/rpgp/blob/main/docs/SECURITY_STATUS.md), is loosely affiliated with the Rust Crypto project, and has seen long-term real world use in https://delta.chat/ by a significant user base, including at-risk populations. Thanks, Heiko -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2291065 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202291065%23c3 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
