Bug#865720: libconfig-model-dpkg-perl: hard-codes the list of virtual packages, mistake in recent update
Paul Wise
pabs at debian.org
Sun Jun 25 02:02:02 UTC 2017
On Sat, 2017-06-24 at 19:24 +0200, Dominique Dumont wrote:
> I find YAML easier to write by hand.
I would strongly suggest never using YAML if you can avoid it. The
parsers in multiple languages (at least Perl, Python) default to unsafe
loading that allows loading arbitrary code in some situations. This
makes YAML parsing a sharp edge that should be avoided when possible.
> That, YAML or JSON may be overkill to store only a list of package names.
For the virtual package names, a \n separated package list seems best,
since it is easy to implement code for loading it in every language.
For the sections, I guess you will be wanting a dict/hash structure, so
I suggest surveying the packages that hard-code the section information
and then deciding the right format based on what languages they use and
what libraries they use and how they store the info already.
https://wiki.debian.org/NewArchiveSections
Personally, I like the deb822 format. It is easy to write by hand for
the most part and has a number of implementations already.
--
bye,
pabs
https://wiki.debian.org/PaulWise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20170625/fcd5bed6/attachment.sig>
More information about the pkg-perl-maintainers
mailing list