[squeak-dev] Smalltalk images considered harmful
Colin Putney
cputney at wiresong.ca
Thu May 22 02:06:41 UTC 2008
On 21-May-08, at 2:34 PM, Bert Freudenberg wrote:
> Etoys was being considered to get into Debian. Now it may be
> rejected, because an image file is not "transparent enough" (see
> below). It was suggested to discuss this issue on the debian-devel
> list.
>
> Do any of you have ideas how to respond? Are there perhaps other
> Debian packages that have a similar issue of accountability?
I think it's important to establish what level of transparency Debian
is looking for. Apparently they want to be able to compare different
versions of the package and see what has changed. In reviewing those
changes, what would they be looking for? Objectionable content?
Malware? Copyright violations? Material that carries a license
incompatible with the GPL? Insecure code? Bugs? Spelling mistakes?
Depending on what they want to know we might be able to provide a way
to provide that information.
Also, Andreas is right - it's probably possible to distribute Etoys
such that it can be "built" by filing "source code" into a base image
of some kind. If the base image didn't include Etoys itself (as
distinct from Squeak) that would provide the kind of transparency that
Debian is used to, at least as far as Etoys is concerned. That would
make the debian version be different from the upstream distribution,
which would presumably still be based on images.
Or it could be done in reverse - Etoys would be distributed as an
image, but would have a way of spitting out textual representations
that could be fed into the debian process. That might mean more than
just filing out Smalltalk code. It could also mean spitting out files
that represent other types of media: images, sounds, hierarchies of
Morphs, whatever is deemed important.
Colin
More information about the Squeak-dev
mailing list
|