Re: Porting question related to modifying original source code

On 2024-04-10 10:16, Chris wrote:
> On 2024-04-10 07:08, Brad D wrote:
>> I’m still pretty fresh to porting here and was given feedback about some 
>> security
>> and build concerns. I’ll be redoing my port and doing more testing (don’t 
>> mind
>> iterating and improving especially when my reviewer was very kind and 
>> helpful).
>> 
>> Is it uncalled for replacing problematic embedded libraries with equivalent 
>> ones
>> in a port as a dependency if the library is in the repo and well 
>> maintained? It’s
>> also not an essential part of the original app. An example of it being done 
>> if
>> it’s a normal practice would be welcomed. Thanks
> If I understand your question correctly;
> Generally speaking, internal libraries (to the port) are acceptable,
> especially as you seem to indicate, that they make the port more stable. As 
> far
> as security goes; if it's reasonably well maintained upstream with a decent
> security history. It shouldn't be a problem. Firefox might be a good example 
> here.
> It has a number of internal libraries, and while there have been security 
> issues
> in the past. They have been met with in a reasonable time frame.
> 
> HTH
OK it seems I misinterpreted the question. The answer Gleb provided was (of 
course)
the correct answer.
Sorry for the misunderstanding.

-- 
--Chris Hutchinson