Wait I'm a little lost, sorry if I'm misunderstanding. Packages aren't just ...

Why Nostr? What is Njump? Join Nostr

npub15v…0eqxv

2025-03-20 02:28:01 UTC

in reply to nevent1q…a97j

Wait I'm a little lost, sorry if I'm misunderstanding. Packages aren't just statically linked on a system. The job of a maintainer is introducing the newer versions of a package and keeping an eye out to make sure nothing breaks. If they need to patch a library, they don't go and patch every package on the system that relies on that library, they just patch that library and watch for regressions. At least as far as I know.

:neodog_googly_shocked:

Flatpak runtimes are a bundle of libraries that applications need to run. Adwaita apps usually need the GNOME runtime, while Qt apps generally use the KDE runtime. They include a lot more than just Qt, so it's considered best practices to keep up with non-EOL runtimes. Whether or not there was a specific security patch, Fedora considers EOL runtimes to be a security issue.

That said, I could be entirely wrong about what Fedora didn't like about OBS's package. It was a bit ago and I haven't gone back and actually read through the trouble ticket.

Author Public Key

npub15vh0yjah58hnw5hgfepvffnsrswpzk90jvqpal4g262crr2jr52qs0eqxv

Show more details

Published at

2025-03-20 02:28:01 UTC

Kind type

1 Short Text Note

Event JSON

{ "id": "cb9e9a1b6485553046301fb7510d9f76f3b64da3e41959676bb262149cefcb2f", "pubkey": "a32ef24bb7a1ef3752e84e42c4a6701c1c1158af93001efea85695818d521d14", "created_at": 1742437681, "kind": 1, "tags": [ [ "e", "443f636fef0b6b230f854d249adfd459c091835a1b93c42fc7391e18b66a0e81", "", "root", "a32ef24bb7a1ef3752e84e42c4a6701c1c1158af93001efea85695818d521d14" ], [ "emoji", "neodog_googly_shocked", "https://media.cubhub.social/custom_emojis/images/000/102/277/original/c461466ae3777142.png" ], [ "e", "06afb7594217eb47d95889d379a1e9167c7bccb476ec2f5bf76621045a967e49", "", "reply", "d36fcbde63c68307f703986da5f1031af5ba08f7f81b73c0c2134faebcb2b427" ], [ "proxy", "https://cubhub.social/@Rusty/114192395884982370", "web" ], [ "p", "a32ef24bb7a1ef3752e84e42c4a6701c1c1158af93001efea85695818d521d14" ], [ "p", "d36fcbde63c68307f703986da5f1031af5ba08f7f81b73c0c2134faebcb2b427" ], [ "proxy", "https://cubhub.social/users/Rusty/statuses/114192395884982370", "activitypub" ], [ "L", "pink.momostr" ], [ "l", "pink.momostr.activitypub:https://cubhub.social/users/Rusty/statuses/114192395884982370", "pink.momostr" ], [ "-" ] ], "content": "Wait I'm a little lost, sorry if I'm misunderstanding. Packages aren't just statically linked on a system. The job of a maintainer is introducing the newer versions of a package and keeping an eye out to make sure nothing breaks. If they need to patch a library, they don't go and patch every package on the system that relies on that library, they just patch that library and watch for regressions. At least as far as I know. :neodog_googly_shocked:\n\nFlatpak runtimes are a bundle of libraries that applications need to run. Adwaita apps usually need the GNOME runtime, while Qt apps generally use the KDE runtime. They include a lot more than just Qt, so it's considered best practices to keep up with non-EOL runtimes. Whether or not there was a specific security patch, Fedora considers EOL runtimes to be a security issue. \n\nThat said, I could be entirely wrong about what Fedora didn't like about OBS's package. It was a bit ago and I haven't gone back and actually read through the trouble ticket.", "sig": "819059cab82bb2181aa9c22ea14df3e5c75c947c6e7aed997879791cdd376acf20678dd370a67abdf2ab786b89ee097139cf7f1c4ec8595867611bc1037c5697" }