[Pkg-geany-team] Processed: retitle 654462 to Doesn't contain source for waf binary code ...
Jonas Smedegaard
dr at jones.dk
Wed Jan 4 11:34:25 UTC 2012
On 12-01-04 at 12:22pm, Daniel Svensson wrote:
> On Wed, Jan 4, 2012 at 12:18 PM, Jonas Smedegaard <dr at jones.dk> wrote:
> >> As I mentioned, this is a question of a compressed file, so sure
> >> it's binary encoded, but when you execute ./waf, it will decompress
> >> into the ".waf-1.6.7-b271784c448ab906d5606267fb7f92c0" directory in
> >> the top level directory.
> >
> > How can the Debian project rest assured that that the binary indeed
> > is (only!) unpacking itself when executed?
> >
> > Also, that it is the case for _every_ new upstream release, not only
> > once when you cared to investigate closely.
>
> Which is why I referred to the script that produces the compressed
> version so you can compress your own from waf upstream sources.
I believe you did not answer my question: I did not ask how the Debian
project can verify later on, but how it can rest assured that this
verification have already been done for packages using waf.
- Jonas
P.S.
Where is the thread on debian-devel at l.d.o about this mass-bugfiling?
Seems crazy to cross-post to a gazilion package maintainers.
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-geany-team/attachments/20120104/f91e7ada/attachment-0001.pgp>
More information about the Pkg-geany-team
mailing list