Hello Paul, On Sat, Feb 17 2018, Paul Wise wrote:
> I think the discussion we are having here is orthogonal to >containers/flatpaks. > > If Debian were to have a repository of containers/flatpaks, then it > should meet Debian standards. We cannot just say "here are some > containers, completely unsupported and might not up to our standards". > To achieve that, I think it would be best to automatically convert it > from Debian binary packages. Also, since we are already doing > packaging work, it makes sense to base any container efforts on that, > just like our cloud efforts have been. > > There is flathub, dockerhub etc for containers/flatpaks that may or > may not meet Debian standards. I should have been more specific. What I was suggesting was that providing a repository of containers/flatpaks/whatever would enable us to provide different versions of libraries which would not receive security support. By having them in flatpaks/etc. we would mitigate somewhat the need for this security support, and also draw a clear line between "this is the stuff that we provide security support for" and "this is the stuff we don't, but we've wrapped it up so it's a bit safer". -- Sean Whitton
signature.asc
Description: PGP signature
