* Omair Majid: >> It is desirable that the packaging guidelines be updated to describe >> the security hardening features examined by annocheck. (If they are >> not already mentioned in the guidelines). > > https://docs.fedoraproject.org/en-US/packaging-guidelines/#_compiler_flags > has some of this, but not all. It seems to me like annocheck is more > strict than the current packaging guidelines.
annocheck verifies against the Fedora build flags defined in redhat-rpm-config and documented here: <https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/master/f/buildflags.md> The part of the Packaging Guidelines you quote has largely been obsoleted by the Harden All Packages change in Fedora 23, and subsequent changes in the flags are not reflected there, either. Thanks, Florian _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
