Closed gobengo closed 6 years ago
paidforby
commented
6 years ago @gobengo I think I made that commit as a quick fix, then I realized (much later) we could just update the version number. I guess the thinking is that building off a specific version is better than building off latest? Depends how much you trust ubuntu's repos?
gobengo
commented
6 years ago @paidforby Thanks for the explanation.
IMO the ship has sailed on trusting ubuntu's repos... i.e. they could just change what any given version points to to do somethign malicious, regardless of whether we pin or not.
paidforby
commented
6 years ago Lol, good point. I'm not opposed to removing all the version numbers, if it solves this recurring problem.
gobengo
commented
6 years ago I don't like merging my own PRs with no explicit +1s, but going to do so now as this is harmless and will unblock travis building #140
The old version no longer exists so broke docker builds.
@paidforby I see you removed these version pins, then reverted the removal (https://github.com/gobengo/sudowrt-firmware/commit/cdeaf5e5329d4fbbe3c872bd7bbf1a29da7673bb#diff-3254677a7917c6c01f55212f86c57fbf). Why set versions and not just do 'apt-get install libssl-dev' ?