lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 24 Oct 2016 17:27:54 -0400
From:   Jarod Wilson <jarod@...hat.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     Josh Boyer <jwboyer@...oraproject.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Greg Kroah-Hartman <greg@...ah.com>
Subject: Re: Linux-4.X-rcY patches can't be applied with git?

On Mon, Oct 24, 2016 at 02:10:30PM -0700, Linus Torvalds wrote:
> On Mon, Oct 24, 2016 at 2:02 PM, Josh Boyer <jwboyer@...oraproject.org> wrote:
> >
> > The benefit of tarballs and patches from a distribution standpoint is
> > purely size.
> 
> I wonder if you wouldn't be better off just generating your own diffs.
> 
> If you know the other end uses "git apply", then not only can you use
> "--binary", but you can also enable rename detection.
> 
> That will often shrink the diffs a *lot*.
> 
> So for _me_, the primary use of patches is for non-git people.
> 
> They are hopefully rare by now, but quite frankly, if they go away as
> an issue, then the solution for me isn't "start using fancier patches
> that rely on git", but "don't even bother with tar-balls and patches
> at all".
> 
> See?

Yes and no. What are these non-git people doing with the patches? Since
patch won't apply them, are they just reading them for personal
enlightenment? i.e., who really actually uses tarballs and the patches
anymore outside of distros for packaging, and for what? From a distro
standpoint, I think we'd like to at least continue to see release
tarballs, but we could quite easily make do with the "just don't even
bother" approach for RC patches.

> But if you want to see patches as a distribution format for a distro,
> then your issues are different, and you may well want to use
> "--binary" and "-M" to generate patches.
> 
> It's just that your reasons to use patches sound very different from
> _my_ reasons to use patches..

If "just generate your own" is the best answer, I'm okay with that for my
own use case, and I'll let Josh speak for the Fedora case. Just wanted to
make sure we weren't missing something obvious, and figured it couldn't
hurt to ask if it were simply a case of nobody having said there were
issues with them for what I imagine is one of their few remaining uses. :)

-- 
Jarod Wilson
jarod@...hat.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ