tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Default to fetching from CDN first?

On Sun, Sep 08, 2019 at 06:45:47PM +0100, Ottavio Caruso wrote:
> On Sun, 8 Sep 2019 at 17:49, Thor Lancelot Simon <> wrote:
> >
> > Setting mk.conf like this:
> >
> >
> > Radically speeds up package builds for me.  Note that fall back to the
> > upstream listed in the package Makefile if the CDN doesn't have it still
> > seems to work fine.
> >
> > Is there some reason we shouldn't set this as a default?
> Yes, it might speed up fetch time, but I don't see why it should be
> set as default for everybody.

Uh, because fetches being very fast instead of, typically, 1980s-slow,
is a more appropriate default than something that might work better for
package developers, who could be reasonably expected to run non-default

> It might give a false sense of security, especially if the original
> source were to be removed from the master site because (and the
> example given is not exhaustive) serious bugs or exploits had been
> found, or because the project is simply not there anymore.

Isn't this supposed to be dealt with at a different layer, to wit, in
the Makefiles or in the vunerabilities file?

> For the same reason, I'm not comfortable with MASTER_SITE_BACKUP defaulting to:
> This might well please the end user who wants, like you said, faster
> fetch time, but is misleading for someone who wants to debug a
> package, for the reasons explained above.

In a shipping system, defaults should be chosen for the convenience of
end users, not developers.  Isn't that a pretty widely held opinion?


Home | Main Index | Thread Index | Old Index