Re: How to handle embedded javascript/php libraries in WebApps
On Sun, Apr 1, 2012 at 1:44 PM, Vasudev Kamath wrote:
> Friendica modifies the php library it is depending on heavily so it
> ships the embedded php library source along with it. Also it
> uses tinymce which is also highly modified version so If I symlink
> debian's version of tinymce it will render friendica useless. Same
> goes for embedded PHP libraries. But lintian barks at me saying I'm
> voilating policy by shipping these libraries along with friendica
> package.
>
> So I require some suggestion on how I can handle this situation.
Do the usual things for embedded code copies:
Take a look at policy and this wiki page:
http://wiki.debian.org/EmbeddedCodeCopies
Notify the security team so they can fix any duplicate security issues
caused by the duplicated code.
Work with the relevant upstreams to unfork things.
--
bye,
pabs
http://wiki.debian.org/PaulWise
Reply to: