On Sun, Sep 19, 2010 at 09:57:33AM +0200, Carsten Munk wrote:
> 2010/9/18 Adrian Bunk <[email protected]>:
> > Assume I'm providing 5 applications using SDL, each in an own
> > repository.
> >
> > Then I'll dump the upstream SDL souces into each of the 5 source
> > packages, and each of them will build a libsdl package that will
> > then be available in the repository of this application.
> >
> > If there's a security bug in SDL, I have to manually update the SDL
> > sources in each application.
> >
> > Is that a correct understanding of your proposal?
>
> No, my hope is that compliance would discourage this behaviour and
> make people push APIs to Staging and take responsibility for them
> instead (security fixes, updates, etc)
Can applications using non-OSS libraries from 3rd parties be compliant?
> > Also note that it is possible that for legal and/or political reasons
> > the library cannot be included in MeeGo Core or MeeGo Profile
> > repositories (consider e.g. audio/video codecs and software patents).
>
> Agreed, but this would be typically be a problem for app stores too.
>
> We would have to rely on frameworks as GStreamer to deal with codecs,
> I would guess. Can an application that relies on MP3 codec be MeeGo
> compliant as not all MeeGo installs will have it? :)
According to your rules, it just has to ship an MP3 GStreamer plugin.
What should happen when two applications from different repositories
ship the same MP3 GStreamer plugin?
> Best regards,
> Carsten Munk
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
_______________________________________________
MeeGo-dev mailing list
[email protected]
http://lists.meego.com/listinfo/meego-dev
