From mboxrd@z Thu Jan 1 00:00:00 1970 From: N Subject: Re: IceWeasel-UXP and IceDove-UXP Date: Tue, 23 Jul 2019 07:07:58 +0000 Message-ID: <20190723070758.zvxqu7cnjzh2zqet@uptimegirl> References: <20190721080708.6x2sfpwugrowik5x@uptimegirl> <20190722230806.55499802@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:37110) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hpouE-0000ds-1K for guix-devel@gnu.org; Tue, 23 Jul 2019 03:08:15 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hpouC-00040d-M0 for guix-devel@gnu.org; Tue, 23 Jul 2019 03:08:13 -0400 Received: from aibo.runbox.com ([91.220.196.211]:55204) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hpouC-0003yd-Fw for guix-devel@gnu.org; Tue, 23 Jul 2019 03:08:12 -0400 Received: from [10.9.9.204] (helo=mailfront22.runbox) by mailtransmit03.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1hpou8-00074i-IS for guix-devel@gnu.org; Tue, 23 Jul 2019 09:08:08 +0200 Received: by mailfront22.runbox with esmtpsa (uid:892961 ) (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) id 1hpotz-0005OK-Od for guix-devel@gnu.org; Tue, 23 Jul 2019 09:08:00 +0200 Content-Disposition: inline In-Reply-To: <20190722230806.55499802@gmail.com> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org Jesse Gibbons transcribed 3.1K bytes: > On Sun, 21 Jul 2019 08:07:16 +0000 > N wrote: > > > > As I wrote on IRC, I'm sceptic about the -uxp projects in hyperbola. > > They can be imported here and be watched in the long-term. > > > > There are a couple of problems to looks at: > > > > - The committer list of uxp upstream and its hostile way to approach > > brand defense (been there, dealt with it off-list, but was lucky > > enough to read the complete license exeptions before contacting them. > I'll keep that in mind. > > > look at freebsd who got shouted at in github for even daring to have > > a public work-in-progress package and then asking). > I'm having a bit of difficulty finding what you're talking about here. > What are some keywords to search? I've tried "freebsd controversy" and > "freebsd github" and "freebsd trademark" and variants, but I have not > found anything like that. Sorry, openbsd. https://github.com/jasperla/openbsd-wip/issues/86 Can't remember if FreeBSD got the same problem at some point. > > - The people who work on it in Hyperbola are far less than for example > > people paid to do the work in Firefox (or Thunderbird, though I'm > > not sure if TB is paid for). Money matters, and I can fully > > understand why so few people with so few patches work on the 2 > > projects in hyperbola. > It looks like the developers at hyperbola are committing frequently to > their icedove-uxp git repo. > https://git.hyperbola.info:50100/software/icedove-uxp.git/log/ I have read it, and it still is nothing compared to Thunderbird, Firefox or any Webbrowser with more than 1 person dedicated to it. My abscence of mentioning that they regularly commit to it does not indicate that I doubt that they commit the time they have to it. > > Which leads me to: > > > > - My experience in Guix about packaging and accepted packages is that > > it is not only about licensing and ensuring software freedom beyond > > what upstream intended to, but also about ensuring user security (see > > the countless hours invested by our Icecat maintainer in backporting > > patches from Firefox, etc). Given that Hyperbola is an Operating > > System, do they hold their own software accountable to the same > > standards they check external CVEs (etc) for? > > With Mozilla and downstreams of Mozilla, we get at least the > > dedication to checking for bugs and ensuring they get fixed. > Another issue worth checking out. > > > > - Decisions in Hyperbola I read which argue for why this was done are > > questionable from my personal point of view. It is easy to fall into > > the "Rust is bloat" trap. To mention it as one of the main arguments > > why this fork exists is odd. Okay, and here I stop reading and replying. It's not my duty to deliver arguments to you about languages. You miss the point about it, and twist my words around. > guix says Rust is over 200MB (which du says nearly all of it is the > lib/rustlib directory where rust is installed), and mozilla apps worked > fine before they had rust, so although I haven't run any benchmarks, I > do not think calling it bloat based on its size is inaccurate. > > Since bloat takes up a large amount of resources, be it RAM or CPU, it > is good to cut out the bloat if it can make an app smaller and faster. > Thus, if rust is bloat, it is probably good to remove it. > > As for it being a main argument for the uxp packages to exist, it is a > good idea to have a browser that uses less resources than the > alternatives. I do not find it an odd argument at all. > > If you could provide a cogent argument for keeping rust (i.e. for > security reasons) I would be interested in looking into it. If you > think rust is not bloat, I would be interested in your arguments to > that end as well. > > > > > > Closing note: please decide to post to one list, not 2 or more :) > >