Bug#860302: libmbedtls-dev: please provide static lib in dev package

2017-04-14 Thread SJ Zhu 
Yes, I agree there's disadvantage for static linking.
My use case is to send a copy of the program to others for testing, so
the users don't need to bother the version of the library  and focus
on testing the program itself.
When the program is ready for distrubution, it's better to build a
deb/rpm package and link it dynamically.

On Fri, Apr 14, 2017 at 6:38 PM, James Cowgill  wrote:
> Control: severity -1 wishlist
>
> Hi,
>
> On 14/04/17 10:45, Shengjing Zhu wrote:
>> Package: libmbedtls-dev
>> Version: 2.4.2-1
>> Severity: important
>>
>> Dear Maintainer,
>>
>> In debian/rules, you set -DUSE_STATIC_MBEDTLS_LIBRARY=OFF, but static
>> library is useful in development, and .a file should be put in -dev
>> package according to debian policy 8.3
>
> I'll think about it, but I see a lot of disadvantages with statically
> linking a security library with few advantages. Why would static /
> dynamic linking matter during development?
>
> James
>



-- 
Regards,
Shengjing Zhu

Bug#860302: libmbedtls-dev: please provide static lib in dev package

2017-04-14 Thread James Cowgill 
Control: severity -1 wishlist

Hi,

On 14/04/17 10:45, Shengjing Zhu wrote:
> Package: libmbedtls-dev
> Version: 2.4.2-1
> Severity: important
> 
> Dear Maintainer,
> 
> In debian/rules, you set -DUSE_STATIC_MBEDTLS_LIBRARY=OFF, but static
> library is useful in development, and .a file should be put in -dev
> package according to debian policy 8.3

I'll think about it, but I see a lot of disadvantages with statically
linking a security library with few advantages. Why would static /
dynamic linking matter during development?

James



signature.asc
Description: OpenPGP digital signature

Bug#860302: libmbedtls-dev: please provide static lib in dev package

2017-04-14 Thread Shengjing Zhu 
Package: libmbedtls-dev
Version: 2.4.2-1
Severity: important

Dear Maintainer,

In debian/rules, you set -DUSE_STATIC_MBEDTLS_LIBRARY=OFF, but static
library is useful in development, and .a file should be put in -dev
package according to debian policy 8.3

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libmbedtls-dev depends on:
ii  libmbedcrypto0  2.4.2-1
ii  libmbedtls102.4.2-1
ii  libmbedx509-0   2.4.2-1

libmbedtls-dev recommends no packages.

Versions of packages libmbedtls-dev suggests:
pn  libmbedtls-doc  

-- no debconf information


signature.asc
Description: PGP signature