[Buildroot] [PATCH] polarssl: deprecate on security grounds
Peter Korsgaard
peter at korsgaard.com
Wed Oct 12 22:30:32 UTC 2016
>>>>> "Arnout" == Arnout Vandecappelle <arnout at mind.be> writes:
Hi,
>> > In fact, amusingly, with our process, "deprecating" a package means
>> > that it blindly disappears for users.
>>
>> Yeah, that isn't really good. Perhaps we need to add a 'select
>> BR2_NEEDS_DEPRECATED' to everything depending on BR2_DEPRECATED and add
>> some logic to warn if BR2_NEEDS_DEPRECATED && !BR2_DEPRECATED?
> That doesn't work. If you keep the dependency on BR2_DEPRECATED, then the
> symbol won't be selectable without BR2_DEPRECATED so it will be silently removed
> from .config. If you remove the dependency on BR2_DEPRECATED, then the package
> stays user selectable. In that case, the BR2_DEPRECATED option becomes a bit
> useless (it just hides the warning comment), and it's easy for users to
> accidentally select a deprecated package.
Ahh yes, true.
> You can task me with deprecating BR2_DEPRECATED during the devel
> days - mainly documentation updates.
Ok, sounds good to me!
--
Venlig hilsen,
Peter Korsgaard
More information about the buildroot
mailing list