MIR: explain when a MIR is needed #104
Conversation
Thanks for the review @s-makin , it helped me to undertand the ref/[] and term usage better - and your wording was obviously better than mine. All integrated now! |
|
The Can we capture this idea? |
cpaelzer
force-pushed
the
mir-when-is-it-needed
branch
from
1decfdd to
7da64b5
Compare
Hi @setharnold , but we only do expect those that end in code that runs at runtime.
Where is boost there? Also FYI: rebased to adapt to latest changes in the repo |
|
My recollection of the boost family of useful things are headers that are compiled into the project much like golang code. It executes actual code on user computers but doesn't show up in Depends: lines, only Build-Depends: lines. |
|
Also from meeting - Lukas Märdian (slyon): Just gave my +1 on this (IMO is good as-is). But: I agree we can further improve/refine that section telling about packages that are generating code used elswere in "main" should go through MIR, too. But that might be a separate PR. I was thinking mostly about compilers, like GCC or Rustc. They are not really a runtime dependency of anything, but we certainly what to have them supported in "main" |
|
OK, with that I can refine it |
|
The compilers is a good thought, which toolchains are available in which releases places constraints on what the Ubuntu Security Team can maintain. |
Fixes: #42 Signed-off-by: Christian Ehrhardt <[email protected]>
Apply wording suggestions and ref/term usage style from review Co-authored-by: Sally <[email protected]>
Not in an official dictionary, but per [1] still well defined and known in that context. [1]: https://en.wiktionary.org/wiki/userbase Signed-off-by: Christian Ehrhardt <[email protected]>
Signed-off-by: Christian Ehrhardt <[email protected]>
cpaelzer
force-pushed
the
mir-when-is-it-needed
branch
from
ee498b9 to
30cd7a2
Compare
|
@setharnold the last paragraph now goes into more detail of these "not a dependency but code that runs". |
Fixes: #42