Simon Josefsson <si...@josefsson.org> writes: > Thanks for the finding! Is that building from tarball or from git?
It is the same as the other CI written by Bruno Haible, so from git. > But please, let's not add more copies of external tools to version > control sources. That is a software supply-chain nightmare. How would > we keep this copy of help2man synchronized with upstream, which could > warrant quick action in case security bugs? Who will spend time > auditing this? [...] > There is no need for these .x-* files anymore, put exceptions in cfg.mk > instead. Sounds good. I reverted the commit [1], and will just use the tarball from ftp.gnu.org where the package isn't available on the system. Collin [1] https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9ab1f527c1ef9e93fe04f6e6ace64c6b82be8433
