> The whole idea of "prevent people from distributing them" doesn't make much
> sense. You cannot build a package with --short-circuit "accidentally". It's a
> very long option that you need to insert in the right place. And I guess
> "otherwise" means "maliciously" here
Obviously you can't use --short-circuit accidentally, the accident refers to
distributing a binary built that way. Think of a lone developer uploading a
binary built on their own system to the net for others to use. That's not as
common these days as it once was, nowadays thankfully most people use actual
build systems.
The "otherwise" doesn't refer to malice, but ignorance. There have been people
wanting to distribute packages built with short-circuit, just to shorten their
build times basically.
But 14 years later (7583fcc3416e5e4accf1c52bc8903149b1314145) and hopefully a
bit wiser too: a gentler version would be simply to "watermark" short-circuited
builds somehow. It doesn't have to be a install-breaking dependency, just
something that you can check.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3091#issuecomment-2106778640
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/3091/2106778...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint