GNU bug report logs -
#55903
[PATCHSET] Adding aerc
Previous Next
Reported by: "(" <paren <at> disroot.org>
Date: Sat, 11 Jun 2022 09:07:01 UTC
Severity: normal
Tags: patch
Done: Raghav Gururajan <rg <at> raghavgururajan.name>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
On Sun Jun 12, 2022 at 1:53 PM BST, Maxime Devos wrote:
> we can refuse to package impacted packages until things improve.
I'm not sure boycotting packages is a good idea... If we did that, there'd
be a _lot_ of useful Rust and Go packages that we'd be refusing to package.
Anyway, I think it'd probably just drive people even further away from
distribution package management towards the "modern" (read: insecure,
bloated, and inherently flawed) stuff like Docker and Flatpak.
> Or if upstream is unmaintained, point the go-golang-org-x-crypto package
> at the protonmail fork.
Seems a little risky just to avoid packaging one fork. It's possible the two
have diverged since the protonmail version was created, too.
> Go packaging needs to become less cracy. We don't have to participate
> in spreading the dependency hell.
I agree! It's an awful situation created by fundumentally borked dependency
management systems. But I don't see anything we can do about it other than
try to convince people that carelessly adding dependencies is Not A Good
Idea.
This bug report was last modified 2 years and 175 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.