From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 49799138334 for ; Sun, 9 Sep 2018 15:02:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6462DE096C; Sun, 9 Sep 2018 15:02:32 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 10010E0968 for ; Sun, 9 Sep 2018 15:02:32 +0000 (UTC) Received: from localhost (unknown [46.148.226.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: bircoph) by smtp.gentoo.org (Postfix) with ESMTPSA id 609AC335CC2 for ; Sun, 9 Sep 2018 15:02:28 +0000 (UTC) Date: Sun, 9 Sep 2018 18:02:24 +0300 From: Andrew Savchenko To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Changing policy about -Werror Message-Id: <20180909180224.192c223243c474040d4cb870@gentoo.org> In-Reply-To: <714b75ba-ba46-c11b-c559-f9c6e60309a7@gentoo.org> References: <20180909143221.21d784d02f51623e8c57c545@gentoo.org> <714b75ba-ba46-c11b-c559-f9c6e60309a7@gentoo.org> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.30; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="PGP-SHA512"; boundary="Signature=_Sun__9_Sep_2018_18_02_24_+0300_looPuymR3ve.WClm" X-Archives-Salt: 72c35bc2-1ada-4ea1-aa6a-3cc036009af7 X-Archives-Hash: a4a8b3d12b7214f79075b88bcdfeef26 --Signature=_Sun__9_Sep_2018_18_02_24_+0300_looPuymR3ve.WClm Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, 9 Sep 2018 15:03:11 +0200 Thomas Deutschmann wrote: > Hi, >=20 > I disagree. Either discuss to drop the entire policy about "-Werror" or > don't but please do _not_ enter the game of differentiating between > "normal" and something you call "security-orientated" packages. You got me wrong. I'm not trying to build special rules for security packages (since there is no margin between them and other packages and you rightfully pointed out that any vulnerability may play a role in a chained attack); they were just an example. What I'm trying to do is to allow maintainers to keep -Werror if they really want to do this, understand what they are doing and have enough manpower to support this. As can be seen from aforementioned bugs right now developer and upstream support this to their best and yet QA team tries to enforce -Werror drop using the brute force and ignoring active best effort support. This should not happen. Best regards, Andrew Savchenko --Signature=_Sun__9_Sep_2018_18_02_24_+0300_looPuymR3ve.WClm Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE63ZIHsdeM+1XgNer9lNaM7oe5I0FAluVNgAACgkQ9lNaM7oe 5I1m0BAArxQSE1AHha9D2qY875PHSBs/p/iDw5pxu27xWrpLL+z9ROQx4vzJkvnV Afei21CJ1cewcbPNG/wzyvCpTJeSg7SqQOZ7FPL1dH7jdC91/1nsc5DkuQ0qrMQ5 Y7bT7LHtm10rCzw0Y6MU2oCu0QqY/9zRmktKVIAfZI3neyblvbObGROVAY/CksBl +cUZDsp7zgSmt1CIUVn6vgD5mNcGjwe3jJjez31OfmJ01O1kobTbPi/AZRuXx3Gk EqPHbawccFSdIYMW2UwI2U3IkiQVQNQvcuzXeSWFX+JrkcxFuFV99SFai6IQT9wL 2h2SDSZ5PBPWPedlJ43bstW3ypuyYqY2YnLxLY4RsXEyj+nIgjGuzNh/7u/yd4GQ oRvVSdB+ucEV+xGqkWp9hMeW6VAL4TyKnsvTwX1+bLgB/sdMlK0AnyshE4XCWzcv G2Pywxsu144HH8xjODywuGVyBnoTry/hb/gN8LmeTbqwWddT4GGS2Tn+FTPW2rO/ uYPV/a1thh6QL05Er3citxUkQL3WRoxgLDIypbBLuAfX/KQlPxpjc8EjODatRBJa ctPWq+TRyPEvG2VP73wcFcmhKUb55k4QAgLIGIC8auBNk7DVWcmNud3nV5fycLBh tFGmI8Zv8lndiREXQ6lWqPokbok+kIY1GSp3oPpeuTRnCsFLMPs= =lIrK -----END PGP SIGNATURE----- --Signature=_Sun__9_Sep_2018_18_02_24_+0300_looPuymR3ve.WClm--