[question] stb components - Githubissues

conan-io / conan-center-index

Recipes for the ConanCenter repository

https://conan.io/center

MIT License

901 stars 1.61k forks source link

[question] stb components #20167

Open Nekto89 opened 7 months ago

Nekto89 commented 7 months ago

What is your question?

Hi,

I've noticed that stb package contains components that have their own versions. And some of them might even have security vulnerabilities. Example: stb_image https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe%3A2.3%3Aa%3Anothings%3Astb_image.h%3A2.27%3A*%3A*%3A*%3A*%3A*%3A*%3A https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe%3A2.3%3Aa%3Astb_project%3Astb%3A2.27%3A%3A%3A%3A%3A%3A%3A

Maybe it would be better to have separate package for each library/header?

SpaceIm commented 7 months ago

All package managers provide all headers of stb in one package. It seems overkill (and tedious) to create one recipe per header (21 !). Not fundamentally against that, but is it worth the effort?