Agustin Martin writes: > On Wed, Aug 18, 2010 at 09:50:21PM +0300, George Danchev wrote: > > Yavor Doganov writes: > > > ?????? ?????? wrote: > > > > Yes, I received that > > > > > > OK, sorry I got the opposite impression. > > > > > > > However, it doesn't strike me like extremely elegant design to ship > > > > a file with the package (to please certain design decisions taken in > > > > another package, dictionaries-common in that case) which will then > > > > be regenerated by the maintainer scripts. > > > > > > AFAICT, you don't have to ship an empty file in the package [1], you > > > just have to take care to remove it. It's just that Anton decided to > > > do this for bg.rws, so I followed the same approach for the other > > > file. > > > > > > [1] The manpage uses the mild words "You are also suggested to..." > > > > In opinion, that suggestion is suboptimal, if not entirely wrong. I > > believe the man-page should not recommend such approach at all, but > > let's see what the maintainer's comments on that matter. > > This has exactly the same security risks that handling everything from > maintainer scripts while has the advantage of knowing which package owns > the file and being more robust.
On the contrary, having knowing which package owns that file name, where hashsum mismatches or is not present at all, does not add any trust or robustness, but weirdness leading to suspicion, and a willingness to investigate what exactly is going on. Sure, we can abuse the system in various weird ways, but should we. -- pub 4096R/0E4BD0AB <people.fccf.net/danchev/key pgp.mit.edu> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
