Travis Wrightsman wrote: > What are the team's thoughts on how to move forward? Do people agree > that packaging the Minetest Irrlicht fork is reasonable? I am disappointed that game developers using irrlicht are not able to collaborate and fix the issues in irrlicht upstream that they are coming across that are leading to the forks. I note the security team's tracker says that supertuxkart has an embedded modified version of irrlicht (aka another fork). https://wiki.debian.org/EmbeddedCopies https://salsa.debian.org/security-tracker-team/security-tracker/raw/master/data/embedded-code-copies I note irrlicht has had one security issue in the past, it is likely that it has other issues that are as yet undiscovered. So if it enters Debian, ensure you get the minetest irrlicht fork recorded in the Debian security team code copies file. https://security-tracker.debian.org/tracker/source-package/irrlicht https://salsa.debian.org/security-tracker-team/security-tracker/raw/master/data/embedded-code-copies It might be worth attempting to build minetest against upstream irrlicht just to see how much breakage there is. If that ends up as too much breakage, then packaging the fork seems reasonable for now. I think the binary package names in src:minetest-irrlicht should be irrlicht-minetest to indicate this is a fork of irrlicht rather than an irrlicht plugin for minetest. Also they need to fit the standard Debian naming conventions for libraries etc. -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part