Date: Mon, 12 Mar 2018 14:42:34 -0600 From: Adam Weinberger <adamw@adamw.org> To: Yuri <yuri@rawbw.com> Cc: "ports@freebsd.org" <ports@freebsd.org>, ports-secteam@FreeBSD.org Subject: Re: sysutils/ipfs-go downloads pre-built binaries while sources are available Message-ID: <B7C49CA0-0C1C-4829-ABE1-FA0629FC355C@adamw.org> In-Reply-To: <d69ab122-00be-6ed5-cd01-673003700695@rawbw.com> References: <d69ab122-00be-6ed5-cd01-673003700695@rawbw.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 12 Mar, 2018, at 11:30, Yuri <yuri@rawbw.com> wrote: > > There should be no reason to download prebuilt executables for open > source software. Binaries present security risk. > > It violates chapter 5.4 of PHB which mentions that MASTER_SITES/DISTNAME > refers to "source archive", and for sysutils/ipfs-go it isn't a source > archive. > > > This port should be either deleted or reworked. While source is preferred over binary, we don’t delete ports just because they have binary blobs. # Adam -- Adam Weinberger adamw@adamw.org http://www.adamw.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B7C49CA0-0C1C-4829-ABE1-FA0629FC355C>