mackyle
commented
7 years ago On Jun 4, 2017, at 13:50, Alex Barker wrote:
There are a number of old and merged PR for this package as well as
a few unaddressed bugs that are impacting upstream distribution
maintenance for at least gentoo, and possibly other distributions.
Instead of maintaining yet another copy of the require patch sets
that are now required to compile, can we either merge the proposed
fixes and cut a build, or create a new official maintenance in a
fork repo?
There is only one man here to work on this and he's so overloaded with
things to do he's started referring to himself in the third person!
I don't know how this repository ended up as the canonical location
for xar source for several distributions, really I don't. This was
just a little hobby project some time back to see if I could make some
of the functionality from the extra little xar-sig.c utility from one
of the older darwin xar tarballs (xar-36.1) work. It was a feature
request (#76) to the "official" xar project on googlecode. I suppose
when that went away folks started wandering over here.
There are so many things that need to be addressed in this project the
submitted issues don't even begin to make a dent in the list.
None of the submissions have a Signed-off-by line. I know, I haven't
said I require one for contributions, but it works like Git's rules
except the license in question is the license used by xar. How else
can I possibly accept submissions without putting the floss status of
the project in jeopardy? Then there's the coding standard, I looked
at one of the patches and thought, "I can't possibly take that it's
using a nasty coding standard" and then I realized that's the same
standard most of the xar source files use except they only follow it
about 98% of the time. Yes, some of the one-liner fixes are obvious,
but I'd rather give credit to the submitter (again, missing Signed-off-
by) and take their nice explanations. I don't like it when folks
swipe my stuff without credit and I image those who've submitted
patches wouldn't either, but without confirmation it's submitted under
the terms of the xar license I can't really take it (the whole point
of a Signed-off-by line).
If I can respond relatively quickly to issue text via email (I try to
avoid the GitHub web UI whenever possible) you may see a response here.
If you want to fork it I would suggest you promote the "xar"
subdirectory to the top-level, discard everything else but the
changelong and license and similar, run the source code through
"indent" or your favorite equivalent, update the autotools source
files, add a suitable "CodingStandards" and "SubmittingPatches"
document and have at it.
That Cupertino OS (TCOS) company now uses "cms" signatures in its xar
files, they use a different XML tag and there's no support for that in
this version either. They also support some other hash formats now
that this version doesn't know about either.
It seems that no matter what the circumstance, one thing always
remains the same, there is never enough time.
So unless you happen to have a TARDIS available for loan, I'm afraid
this project just isn't going to see any more of my time for a while
(except, perhaps, if some of the obvious one-liner patches start
showing up with Signed-off-by lines in which case I'll just cherry-
pick + sign those onto master when I need to take a break from
something else, but that's about it).
--Kyle
xosevp
hamishmb
Hi,
There are a number of old and merged PR for this package as well as a few unaddressed bugs that are impacting upstream distribution maintenance for at least gentoo, and possibly other distributions. Instead of maintaining yet another copy of the require patch sets that are now required to compile, can we either merge the proposed fixes and cut a build, or create a new official maintenance in a fork repo?
Thanks, Alex