Hi Tobias, Tobias Geerinckx-Rice writes: > I didn't check all the bundled packages, but at least freetype2 and > libpng are trivial to unbundle (not patched in any way) and probably > the most important to, security-wise, so things are looking good even > if upstream wouldn't cooperate. I believe they're already unbundled in the 'aseprite' package I'm inheriting. #+BEGIN_SRC scheme (arguments '(#:configure-flags ;; Use shared libraries instead of building bundled source. (list "-DWITH_WEBP_SUPPORT=1" "-DUSE_SHARED_CURL=1" "-DUSE_SHARED_GIFLIB=1" "-DUSE_SHARED_JPEGLIB=1" "-DUSE_SHARED_ZLIB=1" "-DUSE_SHARED_LIBPNG=1" "-DUSE_SHARED_LIBLOADPNG=1" "-DUSE_SHARED_LIBWEBP=1" "-DUSE_SHARED_TINYXML=1" "-DUSE_SHARED_PIXMAN=1" "-DUSE_SHARED_FREETYPE=1" "-DUSE_SHARED_ALLEGRO4=1" "-DENABLE_UPDATER=0" ; no auto-updates (string-append "-DFREETYPE_INCLUDE_DIR=" (assoc-ref %build-inputs "freetype") "/include/freetype2")))) #+END_SRC #+BEGIN_SRC jakob@Epsilon ~/Code/guix/gnu/packages $ ldd $(which libresprite) | grep freetype libfreetype.so.6 => /gnu/store/66db1c64qm8ar4d7qjxsyl3xvjqjpgj7-freetype-2.9.1/lib/libfreetype.so.6 (0x00007fa317cd7000) jakob@Epsilon ~/Code/guix/gnu/packages $ ldd $(which libresprite) | grep libpng libpng16.so.16 => /gnu/store/c7sm7sn3yccffpggxrrfipqcn4wz3vfw-libpng-1.6.37/lib/libpng16.so.16 (0x00007f5715956000) #+END_SRC > Now, I'd say it needn't be added to the description either. We > generally don't note the often chequered ancestry of our packages, nor > the fact that they are ‘free’ or ‘open source’, and this is just a > combination of the two. But at least description space is cheaper if > you disagree. ;-) I just thought it'd be a little tacky if I kept the old description, since it uses the name "Aseprite" twice. Regards, Jakob