On 2025-04-13 at 17:29:53, Chris Hofstaedtler wrote: > BTW, could somebody clarify why git upstream has this ./configure > option: > > --with-openssl use OpenSSL library (default is YES) > ARG can be prefix for openssl library and headers > > ..., and defaulting to YES? > > It looks like git upstream -expects- to be linked to OpenSSL. But if > the position of upstream committers is that this would produce > something undistributable, that would be very surprising.
This is totally fine if I'm building against the distro OpenSSL and I'm not distributing OpenSSL. For instance, a company I'm familiar with shipped Git linked against the distro OpenSSL and distributed only Git, but not OpenSSL. The system library exception states this: However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. In Debian's case, the component (OpenSSL) accompanies the executable (Git) on the mirrors and on install media, so it doesn't apply. In the case of that company, they could avail themselves of the distro OpenSSL since they were not distributing it, only Git. So for most people building Git for local use, this is a fine default. Also, as a practical matter, nobody upstream actually uses the configure script and if it breaks (which is not infrequent), the direction is just to use the Makefile with a `config.mak` file to set the settings you want. The configure script tends to be maintained by one-off patches from people and it is not reflective of what upstream actually thinks you should use, especially since it doesn't control many of the options available in the Makefile. All of the contributors configure a local `config.mak` file with various options (such as using clang in order to get LSP support) and it's expected that most others will as well for various reasons. For instance, Debian Policy §3.4.1 prohibits hardlinks in packages, which are the default for placing files in `/usr/lib/git-core`. For most people, the default of using hardlinks is fine, but Debian must configure `NO_INSTALL_HARDLINKS` to comply with policy. So the defaults are not necessarily designed for every use, or even to please distros by default. -- brian m. carlson (they/them) Toronto, Ontario, CA
signature.asc
Description: PGP signature
