Hey rosh,
Thanks for all your ongoing work with the Android Tools packages! I wanted to
ask you something about the *-platform-tools package. After years of trying to
split out upstream source repos into Debian packages, Chirayu led the charge on
a new approach of building based on how upstream does it, with statically
linking in all the dependencies. Although this sucks compared to how Debian
manages dependencies, it has proven to be a ton of work to do things differently
with the Android Tools packages. Other packages with builds like this, Chromium
for example, now also do this. Otherwise, we can't keep up with updates from
upstream.
So we recently saw that you split out the boringssl dependency from the
-platform-tools package. boringssl is a classic example of why we have to build
like upstream does. boringssl does not have releases at all. Projects that use
boringssl pin to a specific commit, and all new work is just merged to the main
branch. That means that sharing boringssl binaries between projects could break
things, since the projects could require different commits of boringssl.
.hc
--
PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556
https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556