Hi, On 16/08/16 11:05, Daniel James wrote: > Hi Jaromír, > >> 1. Bump of standards version >> 3. Use cgit for Vcs-Browser would be probably better. >> 4. Is d/dir file needed ? > > Thanks for the review! I have pushed the above changes in > https://anonscm.debian.org/cgit/pkg-multimedia/xwax.git/commit/?id=b26871620a6f5187d73907a684774477324f0045 > >> 2. Fix of hardening > > As this is a real-time audio application, should hardening be applied if > it has a performance penalty? Does it offer any genuine security > advantage for a desktop application? > > https://lintian.debian.org/tags/hardening-no-pie.html says "PIE has been > associated with noticeable performance overhead on i386. However, GCC-5 > has implemented an optimization that can reduce the overhead > significantly."
bindnow has no runtime performance impact (a slight increase in startup time). pie has minimal performance impact on arches which support pc-relative addressing (eg x86_64), but yes it does impact performance on old gcc versions with i386. IMO you should enable them unless the performance reduction is noticeable. Being a desktop application doesn't mean there are no security concerns. A security bug can still compromise files owned by the user running the application. > As jessie provides gcc 4.9.2 and my aim is to provide a backport, it > seems like there could be a performance hit. > >> 5. Is parallel build now default or should be enabled? > > The debian/rules file is very customised, I don't see any parallel build > options used there at the moment. Parallel is only the default in debhelper 10 which is experimental. You should enable it manually for the moment. >> 6. I would add d/source/local-options file > > Is this file still needed even when the upstream source is no longer > patched? The previous patch supporting avconv was now merged upstream. local-options used to be useful when working with gbp, but now that the defaults for dpkg-source have been changed (abort-on-upstream-changes is now on by default, patches are unapplied automatically) it's now fairly useless. James
signature.asc
Description: OpenPGP digital signature
_______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers