> I was - as naddy pointed out - very outspoken on this issue during c2k6. > And I still am. > > I am against ports that download pieces of code that do not have their > source form in /usr/ports/distfiles. > > I want at least to be able to see what the program does by inspecting > the sources. And I do not want to rely on any third party webpage to > get at the sources. I want it in distfiles. And, I want to be able to > apply patches, if needed. > > We do not hurt our users by requiring the availability of source code. > It's only the package builders that need the jdk installed. Our users > are told to use packages anywas. They just install the package. > > But the port should never, ever, rely on precompiled stuff. Not for > Java, not for Python, not for Ruby. And not for anything else. > > Source code should always goto distfiles, be unpackaged, compiled on the > porters machine and be transferred to a package. > > What's next? Binary only software with NOT_FOR_ARCHES set so it runs > only the arch the binary is for? > > It's pervert to have a STOP BLOB release theme and then importing > exactly BLOBS in the ports tree. There is absolutely no need to do so, > nothing suffers from going throught the source, besides, maybe these > ports are a little bit harder to do. > >
You are 100% correct, I support You. All binary-only software should be limited as much as possible. Sources can be analyzed, patched, changed, audited, ported to other platform. Why, why use binary blob if we have a choice. Today we have choice. In the future, if nobody wants sources, vendors will provide only obscure binaries. Do we all want it? -- Pozdrawienia/Regards Tomasz Zielinski ---------------------------------------------------- Oglądaj -> Wydarzenia.wp.pl -> Wiesz, co najważniejsze! Najbardziej aktualne materiały filmowe - Kliknij: http://klik.wp.pl/?adr=www.wydarzenia.wp.pl&sid=821
