Review of kdev-python for move to extragear
Ben Cooksley
bcooksley at kde.org
Wed Dec 26 20:05:14 GMT 2012
On Thu, Dec 27, 2012 at 5:59 AM, Sune Vuorela <nospam at vuorela.dk> wrote:
> On 2012-12-25, Sven Brauch <svenbrauch at googlemail.com> wrote:
>> Also, I'm still not sure what exactly concerns you about security and
>> maintenance. Problems I see include increased build time, and
>> maintenance efforts for me personally in updating the fork, but none
>> really seem fatal. Can you elaborate a bit about which problems you
>
> One of the problems are that in a distribution like debian and/or
> ubuntu has around 60-70 patches against python2.7 to ensure it builds
> and works everywhere.
> All these patches might also be needed the extra copy - and given the
> extra copy is modified, then these patches might need to be adapted.
I see in that bug report that this was supposed to be referred to a
Python development mailing list as a result of the objections of a
single person in that bug. What was the result of that?
>
> Another of the problems is that if there is a security bug in libpython,
> then instead of just doing a security fix to python, one also needs to
> do one to kdev-python.
>
> The first problem is large amount of work for the distribution
> packagers, and the second problem is quite annoying for distribution
> security teams.
>
> All of this applies to every embedded library. And python is a quite big
> thing.
>
> /Sune
>
Regards,
Ben
More information about the kde-core-devel
mailing list