Re: Adding functionality to a port

Reply: Kurt Jaeger : "Re: Adding functionality to a port"
In reply to: Kurt Jaeger : "Re: Adding functionality to a port"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Rob LA LAU <freebsd_at_ohreally.nl>
Date: Sun, 14 Nov 2021 19:16:50 UTC

Hi again,

On 14/11/2021 19:37, Kurt Jaeger wrote:
> I agree. The problem is that this is very difficult to codify
> into some policy.

I've done some digging. And actually, Fedora only needs a few words:

"All patches should have an upstream bug link or comment" [1]

This assures that packages stay close to their upstream projects.

Another rule could be

"Patches should only be applied to make the software run as intended by 
its developer. All additional functionality should be integrated 
upstream first or, if that's not possible or desirable, should be 
developed as a separate project which can then be ported alongside the 
first port."

Having rules for these situations means that tools can be created to 
verify and enforce those rules.

Not having these rules is an invitation to people with malicious intent 
to integrate backdoors, keyloggers, and what not into the ports. IMHO.

Rob

[1] 
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_all_patches_should_have_an_upstream_bug_link_or_comment

-- 

  https://www.librobert.net/
  https://www.ohreally.nl/category/nerd-stuff/