[Fedora-packaging] Re: No pre-built applications rule

Ralf Corsepius rc040203 at freenet.de
Mon Sep 18 01:57:32 UTC 2006

On Sun, 2006-09-17 at 11:58 -0500, Rex Dieter wrote:
> Paul Howarth wrote:
> > On Sat, 2006-09-16 at 22:08 -0700, Toshio Kuratomi wrote:
> >> Hey guys,
> >> It's come to my attention that we don't have a "Packages must be built
> >> from source, no precompiled binaries" rule in the current guidelines.  I
> >> think this is an oversight as the Binary Firmware section:
> >> http://www.fedoraproject.org/wiki/Packaging/Guidelines#BinaryFirmware
> >>
> >> implies this for the specific case of firmware.
> >>
> >> How about something like:
> >>
> >> "Packages must be built from source code.  Including pre-built programs
> >> or libraries is strictly forbidden.  A select few exceptions are made
> >> for binary firmware.  Please see
> >> http://www.fedoraproject.org/wiki/Packaging/Guidelines#BinaryFirmware
> >> for details."
> >>
> >> And on ReviewGuidelines:
> >> "Must: The package must be built from source.  No pre-built programs or
> >> libraries are acceptable."
> >>
> >> Thoughts, opinions welcome.
> > 
> > Might another exception be needed for the bootstrapping procedures for
> > new compilers, e.g. some of the lisp/haskell compilers in Extras?
> bootstrapping is kinda a separate problem.  The proposal here is that
> *Packages* must be built from source, which I tend to I agree with, in
> principle.  The "source" in question, can potentially include binary
> bits (for bootstrapping, whatever).
You can't separate these problems, because problems in bootstrapping are
primary the reason (Typically either circular deps large dependency
chains) or for open-source packages to contain binaries (of open-sourced

A classical example for such cases are emulators: They typically need a
some "k-byte piece of Firmware", having to be compiled by a
cross-toolchain. I.e. to rebuild them from scratch, you'd first have to
have this cross-toolchain. If your're lucky such a cross-toolchain is
buildable, but several 100MB in size. If you're out of luck, such a
toolchain doesn't exist for linux, but only for some other OS 
(Open source != Linux; Open-source != buildable by open source).

Packagers often circumvent this "ugly dependency chain", by shipping

Now consider pdf or ps documents - People often use foreign tools to
write them - They are binaries having been built from closed source,
aren't they?


More information about the Fedora-packaging mailing list