Re: libzstd 1.1.2 contains embedded zlib fork
Hi Kevin, thanks for your email. >> I was looking to update libzstd to the current upstream version 1.1.2. >> Besides some minor changes to the patches I had to make, I also noticed that >> it now includes an embedded copy of some zlib code, which -- according to the >> inline comments -- was adapted to be ready to compile with the zlibwrapper. >> It wasn’t clear to me whether this was really necessary; when these files are >> removed from the affected Makefile (and some minor adjustments are made) the >> build still finishes fine. > > That's been there since 1.1 I think, and is AFAICT example code for an > alternative, non-packaged API that mimics the zlib API. It could be packaged > under libzstd-dev:usr/share/doc/libzstd-dev/examples or something, like I've > seen with a few development packages. Otherwise, I think nuking the sources or > just removing them from the makefile is fine. Though from memory, anything > compiled from these is not installed, so no action is probably also OK. OK. I've checked that the new packages contain (at least) the same files as the 1.1.1 version, which is the case. So this indeed doesn’t touch the installed contents and I also agree that there shouldn’t be a problem. […] > What does the DFSG say about sources that are > not compiled? They're in d/copyright anyway, IIRC FTPMASTER bounced me last > update for this exact issue, and I added them. There are some new sources in zlibWrapper/ under zlib license by M. Adler. They are actually new in 1.1.2 and also compiled in the Makefile — thats why I was asking about them as I disabled them. To be on the safe side license-wise have added them to d/copyright as well, so I guess we should be fine. Preparing an upload as we speak. Cheers Sascha signature.asc Description: Message signed with OpenPGP
Re: libzstd 1.1.2 contains embedded zlib fork
Hi all, On 16:50 13/01, Sascha Steinbiss wrote: > Hi Kevin, > > here on the Debian Med sprint Happy Sprint all! Shame I can't be there this year. > I was looking to update libzstd to the current upstream version 1.1.2. > Besides some minor changes to the patches I had to make, I also noticed that > it now includes an embedded copy of some zlib code, which -- according to the > inline comments -- was adapted to be ready to compile with the zlibwrapper. > It wasn’t clear to me whether this was really necessary; when these files are > removed from the affected Makefile (and some minor adjustments are made) the > build still finishes fine. That's been there since 1.1 I think, and is AFAICT example code for an alternative, non-packaged API that mimics the zlib API. It could be packaged under libzstd-dev:usr/share/doc/libzstd-dev/examples or something, like I've seen with a few development packages. Otherwise, I think nuking the sources or just removing them from the makefile is fine. Though from memory, anything compiled from these is not installed, so no action is probably also OK. > TBH I don’t feel I should upload this after consulting with you. I have > pushed my changes (tagged as UNRELEASED) and would be happy if you could take > a second look. AFAICT, running make in the package repo (i.e. unpatched upstream source) doesn't touch ./zlibWrapper, and none of the debian packages seem to have any trace of these sources. So I'm not sure, but I think any action (including doing nothing) should be fine, as these sources are inconsequential to any output, compiled or otherwise. What does the DFSG say about sources that are not compiled? They're in d/copyright anyway, IIRC FTPMASTER bounced me last update for this exact issue, and I added them. Happy hacking all! Cheers, K --- Kevin Murray signature.asc Description: PGP signature
libzstd 1.1.2 contains embedded zlib fork
Hi Kevin, here on the Debian Med sprint I was looking to update libzstd to the current upstream version 1.1.2. Besides some minor changes to the patches I had to make, I also noticed that it now includes an embedded copy of some zlib code, which -- according to the inline comments -- was adapted to be ready to compile with the zlibwrapper. It wasn’t clear to me whether this was really necessary; when these files are removed from the affected Makefile (and some minor adjustments are made) the build still finishes fine. TBH I don’t feel I should upload this after consulting with you. I have pushed my changes (tagged as UNRELEASED) and would be happy if you could take a second look. Many thanks Sascha signature.asc Description: Message signed with OpenPGP