Re: Upstream Tracker
On 07/20/2010 06:58 AM, Jay Berkenbilt wrote:
> Andrey Ponomarenko <email@example.com> wrote:
>> - "Upstream Tracker". It may be helpful for analyzing risks of libraries
>> updating in the Debian Linux. The service includes more than 100
>> libraries at the moment: OpenSSL, ALSA, glib, cairo, libssh, fontconfig etc.
> I'd like to throw my voice in among those who think this is an excellent
> idea. I've often thought about implementing something like this as a
> checker for code I've worked with in a commercial environment, but
> somehow this idea never occurred to me. I hope it catches on.
>> Suggestions for libraries inclusion and feature/bug requests are very
>> welcome. Thanks!
> The tiff library has been notorious about introducing accidental ABI
> changes. I've sort of taken on the role as ABI police in recent years.
> Actually, I got my start as a Debian developer by managing a libtiff
> soname bump that was required as a result of an accidental ABI change.
> Analyzing the ICU library would also be interesting
> though less useful
> since they bump the soname to match the version number (not generally
> good practice, of course). They make an effort to keep most of their
> ABI stable, though there are interfaces marked "experimental" that
> change. I don't see how a tool like this could track that since it's
> just indicated in comments, though there are certainly possibilities
> that come to mind (like special markers, etc.).
> tiff: http://libtiff.maptools.org
> ICU: http://www.icu-project.org
Linux Verification Center, ISPRAS