[Pkg-xfce-devel] Bug#654468: Bug#645191: update on waf binary data

Carsten Hey carsten at debian.org
Sat Mar 17 01:45:04 UTC 2012

waf scripts are not cleanly divided into python and data, but instead
the python part contains also two two byte sequences (found using brute
force whilst building the waf script).  My original plan was to ship two
scripts debian/waf-unpack and debian/waf-repack to provide an easy way
to edit the waf sources and document this in README.source. Due to the
above mentioned mix of header information and python source code this
can not be done in a clean way, so there so there is nothing to review
for ftpmaster.

http://bugs.debian.org/660193 (search for the string waf) contains
snippets, based on what Tolimar pointed to in his mail, you just need to
paste into the midori package and some additional notes.  The remaining
part is IMHO to document this in README.source.  One thing I forgot to
mention in my mail to #660193 is that the reason to remove the blob from
the used waf script is to ensure that the unpacked waf source is used.

If requested I could provide a less hackish script to extract the
tarball embedded in a waf script.  It is finished, but it is probably
useless because there is no reliable way to put a new tarball into a waf
script without using ugly hacks or being waf itself.

* Yves-Alexis Perez [2012-03-15 21:26 +0100]:
> To be honest, I didn't even wanted to spend any time on this, as I
> consider the decision bad.

If a security update would require any changes in the packages build
system, using waf the way upstream intended it to be used would cause
the security team a lot of work and reviewing even simple changes
related to the build system would be a mess to review by the release
team during freeze.  Some .jar files also contain their source, should
we in your opinion start to just ship them instead of rebuilding them?
(this was of course a rhetorical question)


More information about the Pkg-xfce-devel mailing list