2010/9/18 Adrian Bunk <[email protected]>: > Assume I'm providing 5 applications using SDL, each in an own > repository. > > Then I'll dump the upstream SDL souces into each of the 5 source > packages, and each of them will build a libsdl package that will > then be available in the repository of this application. > > If there's a security bug in SDL, I have to manually update the SDL > sources in each application. > > Is that a correct understanding of your proposal?
No, my hope is that compliance would discourage this behaviour and make people push APIs to Staging and take responsibility for them instead (security fixes, updates, etc) > > Also note that it is possible that for legal and/or political reasons > the library cannot be included in MeeGo Core or MeeGo Profile > repositories (consider e.g. audio/video codecs and software patents). Agreed, but this would be typically be a problem for app stores too. We would have to rely on frameworks as GStreamer to deal with codecs, I would guess. Can an application that relies on MP3 codec be MeeGo compliant as not all MeeGo installs will have it? :) Best regards, Carsten Munk _______________________________________________ MeeGo-dev mailing list [email protected] http://lists.meego.com/listinfo/meego-dev
