[arch-general] arch health
Francisco Barbee
tifrav at inbox.lv
Thu Apr 20 10:14:08 UTC 2017
> On 20 April 2017 at 03:23:04, Ralf Mardorf wrote:
> I would be concerned, if too many security
features not everybody needs,
> would become default. Why not dropping security
features completely and
> instead making real-time optimised features the
default? This is a
> rhetorical question, but actually I would prefer
the latter.
Did you know those security features were
extensively tested for performance, with many
peoples involved?
See: https://github.com/pid1/test-sec-flags/wiki
It's 2017, security doesn't mean unoptimized.
There was attempt to bring in more optimizations
already used in Clearlinux project like pgo and
lto to makepkg but it's still on sidelines due to
lack of time from devs.
See
https://aur.archlinux.org/packages/makepkg-optimize2/
> On 20 April 2017 at 10:32:32, Jelle van der Waa
wrote:
> PIE is blocked by upstream because of this bug
iirc. [1]
> [1]
https://sourceware.org/bugzilla/show_bug.cgi?id=21090
Did you know this bug was reported by concerned
user because dev hadn't time for it for a half of
year? Plus nobody ever explained why minor bug in
testsuite should be a blocker here. Also there are
more security flags to be enabled, trivial to add
and blocked only by lack of time/lack of will,
even when other devs explicitly asked for this.
> On 20 April 2017 at 10:43:03, David C. Rankin
wrote:
> Taking the needed time to git it done correctly
the first time is NOT an
> indication of poor health -- just the opposite.
I would rather have packages
> stay in testing an additional 30 days and have
all problems addressed than
> have it called "good enough" in some arbitrary
rush that results in more
> problems and bug reports down the line.
I agree with the above but it's not the case here.
Packages doesn't stay in testing for extended
period because actual problems are resolved but
because everyone who did his/her job has to wait
for someone who didn't. See
https://www.archlinux.org/todo/openssl-rebuild-take-2/
. Everything is done except one package and
nothing changed for weeks.
It's not about blaming anyone because I believe
everybody do what they can. It's about finding a
way to help those who struggle. When some users
are asking about how they can help, answering WE
DON'T NEED HELP isn't very appropriate. Even if
you don't care at all about it please don't try to
discourage those who care.
More information about the arch-general
mailing list