Re: spatial stuff detail
- From: Guido Schimmels <guido schimmels freenet de>
- To: desktop-devel-list gnome org
- Subject: Re: spatial stuff detail
- Date: Wed, 24 Sep 2003 14:38:06 +0200
Am 24.09.2003 10:51:57 schrieb(en) Ross Burton:
On Wed, 2003-09-24 at 00:12, Guido Schimmels wrote:
> Because those 50M is not the download size of the fixed apps, but
> results from the chain reaction triggered by the uncounted cross-
> dependencies of Debian's messed up dependency graph. That is one of
the
> reasons for the increasing popularity of source based distros. Of
> course source based distros are like waving the white flag and
admit
> that Linux is doomed a geek toy.
Erm, what are you smoking?
If the ABI of a library changes, everything which links to it needs
to
be recompiled.
...which in turn means you have to recompile a lot of other things
which depend on it. There are library to library dependencies, not only
library to application dependencies. And with a source based distro you
can limit such library to library to dependencies to your personal
needs.
Having a source-based distribution may cure cancer
and
end world poverty, but it will not remove the fact that if a library
changes ABI, all applications which link to it need to be recompiled.
Of course, ABI changes don't happen often. For example, a new zlib
was
released not too long ago (last year?) which fixed a major security
hole. This did not change ABI. This did not force a recompile of all
software which would have lead to a huge download. It resulted in a
small download for a single library, which fixed all software. Try
doing that with a library which is contained inside each and every
AppFolder you have installed.
I'm getting sick of this strawman argument. Yeah, statically linking
zlib, libpng etc. would be silly. Where did I advocate something like
that? A 300M base system, a 300M base system, a 300M base system...
Please read the Cinelerra installation instructions and then tell me if
they are out of their mind. Or maybe, just maybe, have valid reasons.
What counts is that I can rely on my applications __now__ . When the
apps you are using are so hopelessly broken, that you expect having to
upgrade them weekly, that really should make you think.
Considering the codesize of OpenOffice, you should have to download a
security patch almost daily. Why is this not the case? But suddenly, if
I link fribidi statically into Abiword, you folks want to make me
believe there is some dramatic probability my users will have to
upgrade the whole of Abiword because of a security hole found in
fribidi. The 4M application executable obviously is next to immune to
vulnerabilities. But the moment you split a few functions out into a
library, somehow magically the code of this new library experiences a
1000 fold increased likelyhood of buffer overflows.
No distributor is able to QA thousands of libraries. I would like to
know what __you__ are smoking if you believe that. I know I will trust
the application developer more to offer me a working package than some
underpaid packaging monkeys.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]