Re: Allegro 5 review (Was: can somebody package libalfont ?)

To: debian-devel-games@lists.debian.org
Subject: Re: Allegro 5 review (Was: can somebody package libalfont ?)
From: Guillem Jover <guillem@debian.org>
Date: Wed, 18 Jul 2012 02:53:34 +0200
Message-id: <[🔎] 20120718005334.GA7839@gaara.hadrons.org>
Mail-followup-to: debian-devel-games@lists.debian.org
In-reply-to: <[🔎] 4FF77B6C.4080103@gmx.de>
References: <[🔎] CADdDZRnLqg64e=K+6ZB73My1z7gW9NhKyVHD66-G2qXy09gndA@mail.gmail.com> <[🔎] CAKTje6GH5bdO9-J43-giTnedE7i=uPShGRP_zJZkkF=FgnNzew@mail.gmail.com> <[🔎] 4FF14E4C.5040306@redhat.com> <[🔎] CAKTje6GsoUQTtpTbbSMnm=4iRp_jy_2HPcjrR2BsmXReZD2Kng@mail.gmail.com> <[🔎] 4FF1C640.8010508@gmx.de> <[🔎] CAKTje6EQAgzASoptSdrhV8dhO2cQzyJx3CT1AsZyui1_23zwDg@mail.gmail.com> <[🔎] CAKTje6FT630POZ_cDwLHtiXWcAL7_+n2MSOtowOia+Se8+h5UQ@mail.gmail.com> <[🔎] 4FF77B6C.4080103@gmx.de>

Hi!

On Sat, 2012-07-07 at 01:57:32 +0200, Tobias Hansen wrote:
> Am 04.07.2012 00:59, schrieb Paul Wise:
> > lots of warnings from dpkg-shlibdeps.
> 
> Building with -Wl,--as-needed flag now.

Please take into account this is (most of the time) just working around
the real problems in the build system. The correct fix is to track
down why and where the unneeded libraries are being linked from. It
could be that some of the dependencies wrongly leak libraries from a
foo-config script, .la or .pc filess, the package build system is
unneedingly linking against transitive dependencies, etc. The only
case where --as-needed *might* be appropriate (after all the previous
has been fixed) is with libraries that leak their transitive
dependencies “by design”, like it's the case with gtk+ and friends.

> > lintian warnings:
> >
> > W: liballegro-image5.0: hardening-no-fortify-functions
> > usr/lib/x86_64-linux-gnu/liballegro_image.so.5.0.6
> > W: liballegro5.0: hardening-no-fortify-functions
> > usr/lib/x86_64-linux-gnu/liballegro.so.5.0.6
> > W: liballegro5.0: hardening-no-fortify-functions
> > usr/lib/x86_64-linux-gnu/liballegro_color.so.5.0.6
> > W: liballegro-ttf5.0: hardening-no-fortify-functions
> > usr/lib/x86_64-linux-gnu/liballegro_ttf.so.5.0.6
> > W: liballegro-acodec5.0: hardening-no-fortify-functions
> > usr/lib/x86_64-linux-gnu/liballegro_acodec.so.5.0.6
> 
> That are false positives as in #673112. I added lintian overrides.

I'd think that if lintian is producing tons of false-positives then
that should be fixed there, and not just overridden on every and each
package.

thanks,
guillem

Reply to:

Follow-Ups:
- Re: Allegro 5 review (Was: can somebody package libalfont ?)
  - From: Tobias Hansen <tobias.han@gmx.de>

References:
- can somebody package libalfont ?
  - From: shirish शिरीष <shirishag75@gmail.com>
- Re: can somebody package libalfont ?
  - From: Paul Wise <pabs@debian.org>
- Re: can somebody package libalfont ?
  - From: Hans de Goede <hdegoede@redhat.com>
- Re: can somebody package libalfont ?
  - From: Paul Wise <pabs@debian.org>
- Re: can somebody package libalfont ?
  - From: Tobias Hansen <tobias.han@gmx.de>
- Re: can somebody package libalfont ?
  - From: Paul Wise <pabs@debian.org>
- Re: can somebody package libalfont ?
  - From: Paul Wise <pabs@debian.org>
- Allegro 5 review (Was: can somebody package libalfont ?)
  - From: Tobias Hansen <tobias.han@gmx.de>

Prev by Date: Re: RFP: desurium -- Desura is a gaming client that allows a user to one click download and install games and game modification.
Next by Date: Re: Allegro 5 review (Was: can somebody package libalfont ?)
Previous by thread: Allegro 5 review (Was: can somebody package libalfont ?)
Next by thread: Re: Allegro 5 review (Was: can somebody package libalfont ?)
Index(es):
- Date
- Thread