On 1/12/20 3:19 PM, Marius Schwarz wrote:
Am 10.01.20 um 17:36 schrieb Pierre-Yves Chibon:
> Good Morning Everyone,
>
> This is not a new idea, it has been presented at flock last year and
spoken
> about on this very list this fall, so I'd like to push it a
little
further.
>
> Do we want to drop release and changelog from our spec file?
Vote: no.
The correct releases and changelogs in the rpms are important to check
for security patches made. This need of any admin will override
any argument for a removal, as it's the most important source on a
working system to gather it's security state.
Finally the reply I was looking for! As someone who relies the changelog
of the RPM for security reasons this whole thread has me worried.
On 1/12/20 3:38 PM, Miro Hrončok wrote:
It would stay in the RPM, we would just populate it differently and
it
would no longer be hardcoded in the spec file in our infrastructure.
How will it be populated? Will it ensure that the information that is
important for security minding end users is still available? Sorry in
advance if I missed the details of how it would still be managed and
included for end users to consume?
Thanks!
Joe
--
Joe Doss
joe(a)solidadmin.com