-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-12-09 13:43, James Page wrote: > If we can ditch the requirement for v8 generally, then that will > make security vulnerability management for the mongodb juju package > a whole lot easier - and the Ubuntu Security Team a whole lot > happier! > > It will also make the packaging a bit simpler; MongoDB upstream use > a shim'ed scons build file for the embedded v8 which does not work > with arm right now; fixing that was on my list for this week. >
I don't have any idea what v8 actually does inside the Mongo binary, so I have very little to go on to say whether we need it or not. I know it is part of the 'map/reduce' syntax, which I don't think we use a lot of, and if that is the only use case, then it certainly sounds like we can avoid having it. According to this: http://blog.mongolab.com/2013/06/new-features-in-mongodb-2-4-2/#V8_JavaScript_Engine It affects mapReduce, group, eval and $where. And I'm pretty sure I've seen both eval and $where in our code. John =:-> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (Cygwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlKllEwACgkQJdeBCYSNAAOQtQCfehlnpxrDNXTwf2hx+qkwFjes /tAAnRMEz7J0U2y7Bm6yyV5IuAiBt7T2 =quef -----END PGP SIGNATURE----- -- Juju-dev mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju-dev
