Hi, > We would also need to consider what our committement is to security > updates when apps are bundling stuff, as the same reasons that make > unbundling huard, also make fixing security issues hard.
Note that in the go/rust world the unbundling does *not* make security updates much easier. Due to the static linkling it is not enough to update the buggy package. You have to rebuild packages depending on the updated package too. take care, Gerd -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
