Hans-Emil Skogh wrote:
>> We could maybe include the zlib, but OpenSSL is
>> just too big. It is bigger than TSVN itself, so
>> I really don't like to include it in our repository.
>
> Yeah, thought that might be a consideration... OpenSSL sure is one big
> fella. But on the other hand, once it's in the repository I guess it
> wouldn't grow that much?
>
>> Another thing is that when a new version comes out,
>> I'd have to check which files got deleted/moved and
>> do those steps in Subversion manually.
>
> Well, deleted yes, but moved? Only if we are interested in keeping
> correct version history of OpenSSL, which I guess we aren't. (There's
> the official repository for that.)
Related to this is the responsibility factor. If the repo contains
OpenSSL then the onus is on TSVN to keep on top of security issues. By
saying "go get OpenSSL" it reduces the necessity of always keeping on
top of that.
This issue does exist somewhat anyway, because the OpenSSL binaries are
shipped with TSVN, but it's easier than with the source (since anyone
can build source at any time, instead of just having to check at certain
fixed release dates).
> Ok, it was just a thought. I would welcome the inclusion of zlib in the
> repos, and I see the reasons for (behemoth) OpenSSL...
Same issues apply to zlib (security-wise), though excepting the more
recent 1.2.3 security fix zlib is pretty stable.
I'm not arguing either way, just noting there's more involved than just
the work of commiting the files.
-Nathan
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org
Received on Thu Aug 3 03:35:02 2006