Re: Clarifications regarding GNOME Online Accounts





On 17 Feb 2019, at 04:04, mcatanzaro gnome org wrote:

On Sat, Feb 16, 2019 at 2:57 PM, Nathan Graule via desktop-devel-list <desktop-devel-list gnome org> wrote:
A solution would be for distribution package maintainers to use the
binary tarball as a base instead of sources - this way the build can be
done with secrets (ie. using GitLab CI and environment variable
secrets) and sent to distributions for packaging. This certainly puts
GNOME in a unique position in the landscape, though it allows for GNOME
to control the build process in such a way that build secrets become
possible.
Though if this is the way it goes, be sure to be prepared for all the
"GNOME forbids people to build their software stack" headlines,
followed by a "actually the reason is that they needed to handle
secrets in their builds in order to support client keys for the various
integrations in the software" in the third paragraph.

Well yeah... but distros will never allow that.

It’s also against the GPL (and the LGPL, depending on where the secrets gets stored)


Michael

_______________________________________________
desktop-devel-list mailing list
desktop-devel-list gnome org
https://mail.gnome.org/mailman/listinfo/desktop-devel-list



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]