[Fedora-packaging] No pre-built applications rule

Toshio Kuratomi a.badger at gmail.com
Sun Sep 17 18:43:36 UTC 2006

On Sun, 2006-09-17 at 07:53 +0200, Ralf Corsepius wrote:
> On Sat, 2006-09-16 at 22:08 -0700, Toshio Kuratomi wrote:
> > Hey guys,
> > It's come to my attention that we don't have a "Packages must be built
> > from source, no precompiled binaries" rule in the current guidelines.  I
> > think this is an oversight as the Binary Firmware section:
> > http://www.fedoraproject.org/wiki/Packaging/Guidelines#BinaryFirmware
> > 
> > implies this for the specific case of firmware.
> > 
> > How about something like:
> > 
> > "Packages must be built from source code.  Including pre-built programs
> > or libraries is strictly forbidden.  A select few exceptions are made
> > for binary firmware.  Please see
> > http://www.fedoraproject.org/wiki/Packaging/Guidelines#BinaryFirmware
> > for details."
> > 
> > And on ReviewGuidelines:
> > "Must: The package must be built from source.  No pre-built programs or
> > libraries are acceptable."
> -1
> > Thoughts, opinions welcome.
> IMO, both rules above are a mistake.
By both, do you mean the sections for Packaging/Guidelines and for
Packaging/ReviewGuidelines or the new proposal and the pre-existing
BinaryFirmware Guidelines?

> In my understanding the original intend was to force "rebuildability" on
> LINUX code, i.e. all Linux code to be open-sourced.
> I.e. you'd first have to define what you understand as "Linux code".
> A native firmware to be applied by a running Linux kernel would
> definitely qualify as such. But a firmware (as being applied by
> emulators)

I'd place this under the BinaryFirmware Guidelines so it's not covered
in this new guideline.

>  or foreign libraries (as being required by cross compilers)
> are cornercases.
Meaning the libraries built for the foreign architecture?  So these do
not execute on the host OS?  If that's the case, then it could be
considered data for the cross-toolchain rather than a library or
program.  I haven't thought about that case enough to know if that's a
good idea or not, though.

If it's a special build of a library that the cross toolchain uses to
run on the host OS, then I think it does need to be rebuilt from source.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-packaging/attachments/20060917/85235fd7/attachment.sig>

More information about the Fedora-packaging mailing list