Hi, On 06-12-2021 20:43, Noah Meyerhans wrote:
One lesson we may take from Mint, though, is that it's not worth trying to patch Chromium as much as we'd like. Anything that we can do to simplify the Chromium packaging will help us keep the package up-to-date, which in turn will help us keep our users safer. In my opinion, we should be pretty aggressive about dropping as many of the Chromium patches as possible, even if that means we link against bundled/vendored dependencies. Legal/licensing considerations are still important and I don't know if we actually *can* ship builds based on the bundled stuff. But based on the number of patches we have to disable various things [2] or build against system dependencies [3], I can't help but think we'd have an easier time keeping this package fresh if we could drop some of those.
I have good experience with some of my upstreams where they supported me by adapting their build system to enable building without the bundled/vendored dependencies. Has this been tried? Would it be worth pursuing?
Paul
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature