-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ CC-ing d-security could give more feedbacks ]
Hello, a little summary: I'm packaging jedit which uses a modified version of bsh (already in Debian and team maintained). Building jedit against current Debian bsh is not possible and uploading a new Debian bsh with jedit changes is not a good idea because changes are only needed by jedit. I looked for Debian binary packages which contain sources and I found the following ones (maybe other exist) mush-src (non-free, AFAIU binary redistribution not permitted) qmail-src (non-free, AFAIU binary redistribution not permitted) maxima-src erlang-src openjdk-6-source sun-java6-source For example openjdk-6-source: source code is in both orig tarball and openjdk-6-source binary package. This is a duplication, isn't it? Regarding jedit, what about adding the creation of bsh-src binary package, adding bsh-src to jedit's Build-Depends and applying jedit patch at build time? To take a look to the current jedit package which includes Debian bsh tarball and applies jedit patch: http://mentors.debian.net/debian/pool/main/j/jedit/jedit_4.3.1+dfsg-1.dsc Thread on d-java: <4b858f27.9030...@gmail.com> Thanks for your attention. Gabriele On 03/18/2010 03:27 PM, Michael Tautschnig wrote: >> On Thu, Mar 18, 2010 at 2:43 PM, Torsten Werner <twer...@debian.org> wrote: >>> Hi Gabriele, >>> >> Hi Torsten, >> >>> Gabriele Giacone schrieb: >>>> But in order not to duplicate code, in which way could I get bsh sources? >>> >>> embedding our own copy bsh into jedit is duplication. Do we have a >>> chance to avoid embedding bsh? >> The ideal would be getting bsh _sources_ at build time treating them >> as Build-Depends. Is it possible? Similar cases in the past? >> > > [...] > > jedit requires modified bsh sources; could these changes be included in > standard > bsh and jedit just use bsh jars, or do these patches break standard bsh? > > Best, > Michael > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkuzzRYACgkQp3cdCbVcnCvPbQCfehG1i9F5A2kJOAANqlSfqTpV uaQAn1f1wceyJExU6Cy6XOunVuj0ENmz =awyR -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bb3cd1c.8000...@gmail.com
