-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 28/08/13 08:46 AM, hasufell wrote: > I want the council to make clear whether useflags that are: > > * unsupported by the maintainer * are known to break the build or > application at runtime * introduce security vulnerabilities > > are allowed to remain unmasked in stable packages. > >
How are USE flags unsupported by the maintainer? You mean, use flags that enable patches or alternative code that upstream doesn't intend/support? Do you have a few good examples? - ---- As per the rest, I see no reason why they shouldn't be allowed to be set in stable as long as #1 - they aren't enabled by default, #2 - they aren't a global USE flag, and #3 - there's something in metadata to say that they can break things and/or cause insecurity. Case in point -- dev-lang/spidermonkey-1.8.5 and above has USE="debug", which can cause lots of runtime breakage to rdeps that use the lib (mainly because upstreams don't bother to ensure their code is 100% compliant to the lib), but is a -very necessary- feature if anyone is developing code that uses spidermonkey in order to debug it (the reason for a segfault is impossible to find otherwise). I'd rather not mask that flag for stable. I suppose also #4 - rdeps shouldn't require the flag applies as well, but since the easiest way to enforce that would be to mask the flag i'm going to ignore that argument :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) iF4EAREIAAYFAlId/DsACgkQ2ugaI38ACPDLsQD/aIqvFTp7BLM8xlatd8iDDwJj bSWRhUYXzfJtsJuxhAcA/3osy8hVPeKlNcxpBrgKwcLh7ckLzmBu5QG8Y/8Bxb2B =V4Qf -----END PGP SIGNATURE-----
