Help offered with xwax package
James Cowgill
jcowgill at debian.org
Tue Aug 16 10:47:23 UTC 2016
Hi,
On 16/08/16 11:05, Daniel James wrote:
> Hi Jaromír,
>
>> 1. Bump of standards version
>> 3. Use cgit for Vcs-Browser would be probably better.
>> 4. Is d/dir file needed ?
>
> Thanks for the review! I have pushed the above changes in
> https://anonscm.debian.org/cgit/pkg-multimedia/xwax.git/commit/?id=b26871620a6f5187d73907a684774477324f0045
>
>> 2. Fix of hardening
>
> As this is a real-time audio application, should hardening be applied if
> it has a performance penalty? Does it offer any genuine security
> advantage for a desktop application?
>
> https://lintian.debian.org/tags/hardening-no-pie.html says "PIE has been
> associated with noticeable performance overhead on i386. However, GCC-5
> has implemented an optimization that can reduce the overhead
> significantly."
bindnow has no runtime performance impact (a slight increase in startup
time).
pie has minimal performance impact on arches which support pc-relative
addressing (eg x86_64), but yes it does impact performance on old gcc
versions with i386.
IMO you should enable them unless the performance reduction is
noticeable. Being a desktop application doesn't mean there are no
security concerns. A security bug can still compromise files owned by
the user running the application.
> As jessie provides gcc 4.9.2 and my aim is to provide a backport, it
> seems like there could be a performance hit.
>
>> 5. Is parallel build now default or should be enabled?
>
> The debian/rules file is very customised, I don't see any parallel build
> options used there at the moment.
Parallel is only the default in debhelper 10 which is experimental. You
should enable it manually for the moment.
>> 6. I would add d/source/local-options file
>
> Is this file still needed even when the upstream source is no longer
> patched? The previous patch supporting avconv was now merged upstream.
local-options used to be useful when working with gbp, but now that the
defaults for dpkg-source have been changed (abort-on-upstream-changes is
now on by default, patches are unapplied automatically) it's now fairly
useless.
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20160816/88b82b5c/attachment.sig>
More information about the pkg-multimedia-maintainers
mailing list