Conversation

Notices

Embed this notice
ilja (ilja@ilja.space)'s status on Sunday, 06-Aug-2023 00:58:30 JST ilja

is there any one smart enough to file an issue somewhere to get the Elixir release builds be static builds? So we don't need all these flavours any more and people can just drop the binary on w/e distro they have as long as the cpu architecture is good. (As I understand, that should be possible with static builds, right?)

I guess having dynamic builds makes sense for corporations who control their infra, but for floss projects, that just seems like a bother in a lot of cases...

I'm not smart enough. I don't know where to ask, how to ask, and if they want more information, I'll probably not even understand the question :/

In conversation Sunday, 06-Aug-2023 00:58:30 JST from ilja.space permalink
- lainy likes this.
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Sunday, 06-Aug-2023 00:58:24 JST Haelwenn /элвэн/ :triskell:
  in reply to
  
  @ilja Even if this would exists, I wouldn't do it as one of the dependency is OpenSSL (pulled by Erlang).
  
  In conversation Sunday, 06-Aug-2023 00:58:24 JST permalink
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Sunday, 06-Aug-2023 01:05:29 JST Haelwenn /элвэн/ :triskell:
  in reply to
  
  @ilja Yeah and while distros can get embargos for OpenSSL so they can at least prepare themselves, you're likely not going to.
  And OpenSSL is used for HTTPS requests, so pretty much directly network-facing and it can have rather nasty security vulnerabilities.
  
  In conversation Sunday, 06-Aug-2023 01:05:29 JST permalink
- Embed this notice
  ilja (ilja@ilja.space)'s status on Sunday, 06-Aug-2023 01:05:31 JST ilja
  in reply to
  - Haelwenn /элвэн/ :triskell:
  @lanodan what's the problem with that? Is it that OpenSSL needs to be easily/more quickly updateable?
  
  In conversation Sunday, 06-Aug-2023 01:05:31 JST permalink
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Sunday, 06-Aug-2023 01:23:06 JST Haelwenn /элвэн/ :triskell:
  in reply to
  
  @ilja Sadly OpenSSL is one of those doubly-annoying libraries that you both do not want to vendor *and* has regular ABI breaks.
  Distros should provide older/newer versions as compatibility but neither Debian nor Ubuntu are doing this (and of course they're also a pain to package for…).
  
  It's pretty much a stalemate kind of situation where the only thing you can do is make a bad choice. (And nearly be forced to it because Debian stale also means supporting nearly-EOL versions of Elixir…)
  
  My wish is for Debian to have a non-frozen or at least more up to date repository for things like applications, quite like what you get on the BSD side of things with base system being frozen for long term while ports are being regularly updated (either rolling or snapshots).
  
  In conversation Sunday, 06-Aug-2023 01:23:06 JST permalink
- Embed this notice
  ilja (ilja@ilja.space)'s status on Sunday, 06-Aug-2023 01:23:09 JST ilja
  in reply to
  - Haelwenn /элвэн/ :triskell:
  @lanodan Would an option to do "static except these specific things" make sense? :blobfoxthink: Or are we just back at square one then? Because if OpenSSL can be such a problem, I assume distros make sure they have the newest version any how, so it wouldn't create the compatibility issues we see now. Or am I seeing things too simplistic?
  
  In conversation Sunday, 06-Aug-2023 01:23:09 JST permalink

Public

Notices

Feeds