Re: FF 107.0 scratch builds - just for fun
FF 107.0 shipped in all current Fedora releases a while ago. You can find all that in bodhi. If you mean 107.0.1, that will depend on the FF maintainers. Maybe they see no reason to respin, because the bugs fixed in that release are not something that is important in Fedora - not sure. -- Bojan ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On 12/3/22 22:41, Bojan Smojver via devel wrote: > 107.0.1 build for > F37/x86_64: https://copr.fedorainfracloud.org/coprs/bojan/FF/ > > If you want/need or are obsessive about version numbers, like yours > truly. ;-) When will FF107 actually ship in Fedora? -- Sincerely, Demi Marie Obenour (she/her/hers) ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
107.0.1 build for F37/x86_64: https://copr.fedorainfracloud.org/coprs/bojan/FF/ If you want/need or are obsessive about version numbers, like yours truly. ;-) -- Bojan ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
Dne 22. 11. 22 v 20:41 Adam Williamson napsal(a): On Tue, 2022-11-22 at 12:48 +0100, Vít Ondruch wrote: Would it be possible to develop a way to better manage updates of some interconnected packages? FF + NSS would be one case, but when we are doing Ruby on Rails update, it always involve more packages. Or probably gcc + annobin are pair of packages which needs to always go together (unless I am mistaken). E.g. the build of NSS would automatically triggered side creation and waited for updated FF. well...there's always room for improvement, but it strikes me that would be rather complicated. It's not the case that *every* rebuild of NSS requires a rebuild of Firefox, so whatever is implementing this would need to be quite smart to know when it's necessary and when it isn't. It could be just simple waiver. Frankly, the existing tools are fine for the purpose. It is not hard to create a side tag, nor to put builds in it. Multiple other maintainers and teams manage this just fine, with much larger sets of packages: the desktop and KDE teams both do this very well, all the time, with dozens of packages. Bluntly, I don't think there is really a tooling problem here, there is a "getting the maintainers to understand the requirements and use the tooling properly" problem. Tooling can do this indeed. Unfortunately, sometimes the information about the tooling capabilities just does not reach the right people. Other times it is just silly mistake. I'm just thinking how to make it more robust. Vít OpenPGP_signature Description: OpenPGP digital signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On Tue, 2022-11-22 at 12:48 +0100, Vít Ondruch wrote: > > Would it be possible to develop a way to better manage updates of some > interconnected packages? FF + NSS would be one case, but when we are > doing Ruby on Rails update, it always involve more packages. Or probably > gcc + annobin are pair of packages which needs to always go together > (unless I am mistaken). > > E.g. the build of NSS would automatically triggered side creation and > waited for updated FF. well...there's always room for improvement, but it strikes me that would be rather complicated. It's not the case that *every* rebuild of NSS requires a rebuild of Firefox, so whatever is implementing this would need to be quite smart to know when it's necessary and when it isn't. Frankly, the existing tools are fine for the purpose. It is not hard to create a side tag, nor to put builds in it. Multiple other maintainers and teams manage this just fine, with much larger sets of packages: the desktop and KDE teams both do this very well, all the time, with dozens of packages. Bluntly, I don't think there is really a tooling problem here, there is a "getting the maintainers to understand the requirements and use the tooling properly" problem. -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On Tue, Nov 22, 2022 at 6:48 AM Vít Ondruch wrote: > > > Dne 21. 11. 22 v 18:56 Adam Williamson napsal(a): > > On Mon, 2022-11-21 at 12:43 -0500, Demi Marie Obenour wrote: > >> On 11/21/22 09:23, Simo Sorce wrote: > >>> On Sun, 2022-11-20 at 19:24 -0500, Demi Marie Obenour wrote: > On 11/20/22 17:40, Simo Sorce wrote: > > On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: > >> On 11/20/22 07:24, Bojan Smojver via devel wrote: > >>> Now that nss 3.85 has been built, I thought I'd have a go at building > >>> FF 107.0, given that's been out for a few days and original builds > >>> failed in koji, because nss was too old at the time. > >> Has switching to bundled NSS been considered? For browsers anything > >> that holds up an update is very, *very* bad. > > Casually handling crypto libraries is very, *very* worse. > Has there ever been a case where Fedora’s NSS was not vulnerable to > something that the bundled NSS was vulnerable to? To be clear, I am > referring to the NSS shipped by Mozilla as a part of Firefox. > Another option would be to ensure that NSS is promptly updated. > >>> NSS is generally updated in order to release Firefox, I am not aware of > >>> a chronic issue here. > >>> > >>> We compile NSS differently than what Mozilla does, for example we use > >>> the Fedora OS trust anchors, and the Fedora Crypto-Policies, etc.. it > >>> is not just about vulnerabilities, system integration matters too. > >>> > >>> But we *have* released patches for security vulnerabilities in NSS w/o > >>> requiring also a full recompile and retesting of Firefox. > >> In that case, can NSS be pushed out to stable immediately, along with > >> the new Firefox? Several days is too long a delay already. > > One factor that sometimes holds things up is that the involved > > maintainers never bundle updates properly. When there is a new Firefox > > build and a new nss build that should go together, these should be > > bundled in a single update, but they almost never are. This sometimes > > causes the openQA tests to fail (if there's a hard version dependency > > involved), which causes one or other update to be gated. If they were > > properly bundled, this would not happen. > > > > I have been leaving comments on Firefox updates for years asking for > > this to be addressed, but it never happens. Most recent example: > > https://bodhi.fedoraproject.org/updates/FEDORA-2022-1f8312716f > > > > It does seem like there is a weirdly low level of co-operation between > > nss and firefox maintainers, given that firefox is by a long way the > > most significant and intertwined user of nss. It feels like there is > > scope for improvement there. > > > Would it be possible to develop a way to better manage updates of some > interconnected packages? FF + NSS would be one case, but when we are > doing Ruby on Rails update, it always involve more packages. Or probably > gcc + annobin are pair of packages which needs to always go together > (unless I am mistaken). > > E.g. the build of NSS would automatically triggered side creation and > waited for updated FF. > *mumbles about automatic rebuild + submit updates of reverse dependencies again* "If only, if only," the woodpecker cries... -- 真実はいつも一つ!/ Always, there's only one truth! ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
Dne 21. 11. 22 v 18:56 Adam Williamson napsal(a): On Mon, 2022-11-21 at 12:43 -0500, Demi Marie Obenour wrote: On 11/21/22 09:23, Simo Sorce wrote: On Sun, 2022-11-20 at 19:24 -0500, Demi Marie Obenour wrote: On 11/20/22 17:40, Simo Sorce wrote: On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: On 11/20/22 07:24, Bojan Smojver via devel wrote: Now that nss 3.85 has been built, I thought I'd have a go at building FF 107.0, given that's been out for a few days and original builds failed in koji, because nss was too old at the time. Has switching to bundled NSS been considered? For browsers anything that holds up an update is very, *very* bad. Casually handling crypto libraries is very, *very* worse. Has there ever been a case where Fedora’s NSS was not vulnerable to something that the bundled NSS was vulnerable to? To be clear, I am referring to the NSS shipped by Mozilla as a part of Firefox. Another option would be to ensure that NSS is promptly updated. NSS is generally updated in order to release Firefox, I am not aware of a chronic issue here. We compile NSS differently than what Mozilla does, for example we use the Fedora OS trust anchors, and the Fedora Crypto-Policies, etc.. it is not just about vulnerabilities, system integration matters too. But we *have* released patches for security vulnerabilities in NSS w/o requiring also a full recompile and retesting of Firefox. In that case, can NSS be pushed out to stable immediately, along with the new Firefox? Several days is too long a delay already. One factor that sometimes holds things up is that the involved maintainers never bundle updates properly. When there is a new Firefox build and a new nss build that should go together, these should be bundled in a single update, but they almost never are. This sometimes causes the openQA tests to fail (if there's a hard version dependency involved), which causes one or other update to be gated. If they were properly bundled, this would not happen. I have been leaving comments on Firefox updates for years asking for this to be addressed, but it never happens. Most recent example: https://bodhi.fedoraproject.org/updates/FEDORA-2022-1f8312716f It does seem like there is a weirdly low level of co-operation between nss and firefox maintainers, given that firefox is by a long way the most significant and intertwined user of nss. It feels like there is scope for improvement there. Would it be possible to develop a way to better manage updates of some interconnected packages? FF + NSS would be one case, but when we are doing Ruby on Rails update, it always involve more packages. Or probably gcc + annobin are pair of packages which needs to always go together (unless I am mistaken). E.g. the build of NSS would automatically triggered side creation and waited for updated FF. Vít OpenPGP_signature Description: OpenPGP digital signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On Mon, 2022-11-21 at 12:43 -0500, Demi Marie Obenour wrote: > On 11/21/22 09:23, Simo Sorce wrote: > > On Sun, 2022-11-20 at 19:24 -0500, Demi Marie Obenour wrote: > > > On 11/20/22 17:40, Simo Sorce wrote: > > > > On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: > > > > > On 11/20/22 07:24, Bojan Smojver via devel wrote: > > > > > > Now that nss 3.85 has been built, I thought I'd have a go at > > > > > > building > > > > > > FF 107.0, given that's been out for a few days and original builds > > > > > > failed in koji, because nss was too old at the time. > > > > > > > > > > Has switching to bundled NSS been considered? For browsers anything > > > > > that holds up an update is very, *very* bad. > > > > > > > > Casually handling crypto libraries is very, *very* worse. > > > > > > Has there ever been a case where Fedora’s NSS was not vulnerable to > > > something that the bundled NSS was vulnerable to? To be clear, I am > > > referring to the NSS shipped by Mozilla as a part of Firefox. > > > Another option would be to ensure that NSS is promptly updated. > > > > NSS is generally updated in order to release Firefox, I am not aware of > > a chronic issue here. > > > > We compile NSS differently than what Mozilla does, for example we use > > the Fedora OS trust anchors, and the Fedora Crypto-Policies, etc.. it > > is not just about vulnerabilities, system integration matters too. > > > > But we *have* released patches for security vulnerabilities in NSS w/o > > requiring also a full recompile and retesting of Firefox. > > In that case, can NSS be pushed out to stable immediately, along with > the new Firefox? Several days is too long a delay already. One factor that sometimes holds things up is that the involved maintainers never bundle updates properly. When there is a new Firefox build and a new nss build that should go together, these should be bundled in a single update, but they almost never are. This sometimes causes the openQA tests to fail (if there's a hard version dependency involved), which causes one or other update to be gated. If they were properly bundled, this would not happen. I have been leaving comments on Firefox updates for years asking for this to be addressed, but it never happens. Most recent example: https://bodhi.fedoraproject.org/updates/FEDORA-2022-1f8312716f It does seem like there is a weirdly low level of co-operation between nss and firefox maintainers, given that firefox is by a long way the most significant and intertwined user of nss. It feels like there is scope for improvement there. -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On Mon, Nov 21, 2022 at 12:45 PM Demi Marie Obenour wrote: > > On 11/21/22 09:23, Simo Sorce wrote: > > On Sun, 2022-11-20 at 19:24 -0500, Demi Marie Obenour wrote: > >> On 11/20/22 17:40, Simo Sorce wrote: > >>> On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: > On 11/20/22 07:24, Bojan Smojver via devel wrote: > > Now that nss 3.85 has been built, I thought I'd have a go at building > > FF 107.0, given that's been out for a few days and original builds > > failed in koji, because nss was too old at the time. > > Has switching to bundled NSS been considered? For browsers anything > that holds up an update is very, *very* bad. > >>> > >>> Casually handling crypto libraries is very, *very* worse. > >> > >> Has there ever been a case where Fedora’s NSS was not vulnerable to > >> something that the bundled NSS was vulnerable to? To be clear, I am > >> referring to the NSS shipped by Mozilla as a part of Firefox. > >> Another option would be to ensure that NSS is promptly updated. > > > > NSS is generally updated in order to release Firefox, I am not aware of > > a chronic issue here. > > > > We compile NSS differently than what Mozilla does, for example we use > > the Fedora OS trust anchors, and the Fedora Crypto-Policies, etc.. it > > is not just about vulnerabilities, system integration matters too. > > > > But we *have* released patches for security vulnerabilities in NSS w/o > > requiring also a full recompile and retesting of Firefox. > > In that case, can NSS be pushed out to stable immediately, along with > the new Firefox? Several days is too long a delay already. Unless people do karma brigades, that is not possible. There is no way to immediately push something to the stable updates channel. -- 真実はいつも一つ!/ Always, there's only one truth! ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On 11/21/22 09:23, Simo Sorce wrote: > On Sun, 2022-11-20 at 19:24 -0500, Demi Marie Obenour wrote: >> On 11/20/22 17:40, Simo Sorce wrote: >>> On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: On 11/20/22 07:24, Bojan Smojver via devel wrote: > Now that nss 3.85 has been built, I thought I'd have a go at building > FF 107.0, given that's been out for a few days and original builds > failed in koji, because nss was too old at the time. Has switching to bundled NSS been considered? For browsers anything that holds up an update is very, *very* bad. >>> >>> Casually handling crypto libraries is very, *very* worse. >> >> Has there ever been a case where Fedora’s NSS was not vulnerable to >> something that the bundled NSS was vulnerable to? To be clear, I am >> referring to the NSS shipped by Mozilla as a part of Firefox. >> Another option would be to ensure that NSS is promptly updated. > > NSS is generally updated in order to release Firefox, I am not aware of > a chronic issue here. > > We compile NSS differently than what Mozilla does, for example we use > the Fedora OS trust anchors, and the Fedora Crypto-Policies, etc.. it > is not just about vulnerabilities, system integration matters too. > > But we *have* released patches for security vulnerabilities in NSS w/o > requiring also a full recompile and retesting of Firefox. In that case, can NSS be pushed out to stable immediately, along with the new Firefox? Several days is too long a delay already. -- Sincerely, Demi Marie Obenour (she/her/hers) ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On Sun, 2022-11-20 at 19:24 -0500, Demi Marie Obenour wrote: > On 11/20/22 17:40, Simo Sorce wrote: > > On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: > > > On 11/20/22 07:24, Bojan Smojver via devel wrote: > > > > Now that nss 3.85 has been built, I thought I'd have a go at building > > > > FF 107.0, given that's been out for a few days and original builds > > > > failed in koji, because nss was too old at the time. > > > > > > Has switching to bundled NSS been considered? For browsers anything > > > that holds up an update is very, *very* bad. > > > > Casually handling crypto libraries is very, *very* worse. > > Has there ever been a case where Fedora’s NSS was not vulnerable to > something that the bundled NSS was vulnerable to? To be clear, I am > referring to the NSS shipped by Mozilla as a part of Firefox. > Another option would be to ensure that NSS is promptly updated. NSS is generally updated in order to release Firefox, I am not aware of a chronic issue here. We compile NSS differently than what Mozilla does, for example we use the Fedora OS trust anchors, and the Fedora Crypto-Policies, etc.. it is not just about vulnerabilities, system integration matters too. But we *have* released patches for security vulnerabilities in NSS w/o requiring also a full recompile and retesting of Firefox. Simo. -- Simo Sorce RHEL Crypto Team Red Hat, Inc ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
Dne 20. 11. 22 v 13:24 Bojan Smojver via devel napsal(a): PS. I am not the FF maintainer (obviously), so this is just for kicks. Feel free to use Copr for such experiments https://copr.fedorainfracloud.org/ Miroslav ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
Of course, relevant build overrides had to be provided, because required version of nss was not in stable at the time I started these scratch builds. Thought I'd mention it for completeness. -- Bojan ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On 20/11/2022 23:22, Demi Marie Obenour wrote: Has switching to bundled NSS been considered? For browsers anything that holds up an update is very,*very* bad. No. Bundling cryptographic libraries is a very, very bad idea. -- Sincerely, Vitaly Zaitsev (vit...@easycoding.org) ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On 11/20/22 17:40, Simo Sorce wrote: > On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: >> On 11/20/22 07:24, Bojan Smojver via devel wrote: >>> Now that nss 3.85 has been built, I thought I'd have a go at building >>> FF 107.0, given that's been out for a few days and original builds >>> failed in koji, because nss was too old at the time. >> >> Has switching to bundled NSS been considered? For browsers anything >> that holds up an update is very, *very* bad. > > Casually handling crypto libraries is very, *very* worse. Has there ever been a case where Fedora’s NSS was not vulnerable to something that the bundled NSS was vulnerable to? To be clear, I am referring to the NSS shipped by Mozilla as a part of Firefox. Another option would be to ensure that NSS is promptly updated. -- Sincerely, Demi Marie Obenour (she/her/hers) ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On Sun, 2022-11-20 at 17:22 -0500, Demi Marie Obenour wrote: > On 11/20/22 07:24, Bojan Smojver via devel wrote: > > Now that nss 3.85 has been built, I thought I'd have a go at building > > FF 107.0, given that's been out for a few days and original builds > > failed in koji, because nss was too old at the time. > > Has switching to bundled NSS been considered? For browsers anything > that holds up an update is very, *very* bad. Casually handling crypto libraries is very, *very* worse. Simo. -- Simo Sorce RHEL Crypto Team Red Hat, Inc ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On Sun, Nov 20, 2022 at 5:23 PM Demi Marie Obenour wrote: > > On 11/20/22 07:24, Bojan Smojver via devel wrote: > > Now that nss 3.85 has been built, I thought I'd have a go at building > > FF 107.0, given that's been out for a few days and original builds > > failed in koji, because nss was too old at the time. > > Has switching to bundled NSS been considered? For browsers anything > that holds up an update is very, *very* bad. No. Just don't even go there. Bundled crypto libraries are even more dangerous. -- 真実はいつも一つ!/ Always, there's only one truth! ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
On 11/20/22 07:24, Bojan Smojver via devel wrote: > Now that nss 3.85 has been built, I thought I'd have a go at building > FF 107.0, given that's been out for a few days and original builds > failed in koji, because nss was too old at the time. Has switching to bundled NSS been considered? For browsers anything that holds up an update is very, *very* bad. -- Sincerely, Demi Marie Obenour (she/her/hers) ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: FF 107.0 scratch builds - just for fun
Everything except F38 completed fine. -- Bojan ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue