Subject: Re: binary packages with vulnerabilities removed from ftp - a bad
To: Frederick Bruckman <fredb@immanent.net>
From: Todd Vierling <tv@duh.org>
List: tech-pkg
Date: 01/31/2005 10:16:58
On Sun, 30 Jan 2005, Frederick Bruckman wrote:
> > If the @blddep is not there (maybe because it was rm'd for sekurity
> > reasons) and an updated @dep is available, that can be used just fine.
>
> How could you know that the ABI of the @blddep library didn't change?
Because we're supposed to bump the BUILDLINK_RECOMMENDED if it does, and the
bulk build should rebuild it. This doesn't help binary packages much, but
until we have a soname-based provides/requires type of thing, it's the best
we can do.
Please *don't* remove anything based solely on @blddep. That obviates the
whole point of dewey dependencies.
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com>