Web lists-archives.com

Bug#907051: Say much more about vendoring of libraries

Package: debian-policy


On Thu 23 Aug 2018 at 12:27PM +0200, Alec Leamas wrote:

> https://fedoraproject.org/wiki/Packaging:Guidelines#Bundling_and_Duplication_of_system_libraries

Thank you for sharing this link -- it seems like Fedora have thought
harder about this than we have, at least at the level of the whole

We can't jump straight to something as involved in that, but threads
like this on -devel suggest to me that Policy's discussing of vendoring
needs to be expanded.

In particular, Policy should explain /why/ bundling is best avoided, and
the consensus that it sometimes has to happen should be noted, along
with mention of registering bundled copies with the security team where

Sean Whitton

Attachment: signature.asc
Description: PGP signature