[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NPM and trusted binaries
From: |
Mike Gerwitz |
Subject: |
Re: NPM and trusted binaries |
Date: |
Wed, 07 Sep 2016 22:45:46 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.0.92 (gnu/linux) |
On Tue, Sep 06, 2016 at 18:50:48 +0200, Pjotr Prins wrote:
> On Tue, Sep 06, 2016 at 11:48:04AM -0400, Thompson, David wrote:
>> This violates a core principle of Guix: reproducible builds. I don't
>> support patches that encourage using pre-built binaries.
>
> In principle I agree. We want to be able to read the code.
>
> Still, I think Guix would benefit from a somewhat more relaxed stance
> in this.
If a user is able to build from source, shouldn't Guix be able to? And
if neither can, how can we guarantee that the provided binary is even
free and actually corresponds to the given source?
From a software freedom perspective, the source code _is_ the
program. If that is unworkable, then so is the software itself.
--
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: 2217 5B02 E626 BC98 D7C0 C2E5 F22B B815 8EE3 0EAB
https://mikegerwitz.com
signature.asc
Description: PGP signature
- Re: GSoC NPM, (continued)
- Re: GSoC NPM, Thompson, David, 2016/09/02
- Re: GSoC NPM, Jelle Licht, 2016/09/02
- Re: GSoC NPM, Jan Nieuwenhuizen, 2016/09/04
- Re: GSoC NPM, Thompson, David, 2016/09/06
- NPM and trusted binaries, Pjotr Prins, 2016/09/06
- Re: NPM and trusted binaries, Ludovic Courtès, 2016/09/07
- Re: NPM and trusted binaries, Jan Nieuwenhuizen, 2016/09/07
- Re: NPM and trusted binaries, Pjotr Prins, 2016/09/08
- Re: NPM and trusted binaries, Jelle Licht, 2016/09/08
- Re: NPM and trusted binaries,
Mike Gerwitz <=
- Re: NPM and trusted binaries, Jan Nieuwenhuizen, 2016/09/08
- Re: NPM and trusted binaries, Mike Gerwitz, 2016/09/08
- Re: NPM and trusted binaries, Jan Nieuwenhuizen, 2016/09/08
- Re: NPM and trusted binaries, Mike Gerwitz, 2016/09/08
- Re: NPM and trusted binaries, Ludovic Courtès, 2016/09/09
- Re: NPM and trusted binaries, Pjotr Prins, 2016/09/09
Re: GSoC NPM, Christopher Allan Webber, 2016/09/06
Re: GSoC NPM, Catonano, 2016/09/06