Yes, I agree there's disadvantage for static linking. My use case is to send a copy of the program to others for testing, so the users don't need to bother the version of the library and focus on testing the program itself. When the program is ready for distrubution, it's better to build a deb/rpm package and link it dynamically.
On Fri, Apr 14, 2017 at 6:38 PM, James Cowgill <jcowg...@debian.org> wrote: > Control: severity -1 wishlist > > Hi, > > On 14/04/17 10:45, Shengjing Zhu wrote: >> Package: libmbedtls-dev >> Version: 2.4.2-1 >> Severity: important >> >> Dear Maintainer, >> >> In debian/rules, you set -DUSE_STATIC_MBEDTLS_LIBRARY=OFF, but static >> library is useful in development, and .a file should be put in -dev >> package according to debian policy 8.3 > > I'll think about it, but I see a lot of disadvantages with statically > linking a security library with few advantages. Why would static / > dynamic linking matter during development? > > James > -- Regards, Shengjing Zhu
