Publish a static build #9

Open
opened 2 years ago by p · 0 comments
p commented 2 years ago
Owner

Once we get rid of cURL, our dependencies will be as trivial as libssl, libcrypto, libjansson, libev, libreadline and libncursesw. Possibly libz as well if we go for it.

Any security risk is likely negligible within this extent.

Use Debian, as it represents the most common denominator and provides static libraries for all the dependencies. Include the build script within the repository--it isn't necessary to use CMake but we need to extract the release number (though git tags may be used). Sign the binary with my PGP key, pin it to a release as an attachment and mention this in README.adoc.

Enforcing static linking: see sdn's Makefile

It's not going to be exceptionally portable. Linking libc statically isn't a good idea because of NSS modules.

Once we get rid of cURL, our dependencies will be as trivial as libssl, libcrypto, libjansson, libev, libreadline and libncursesw. Possibly libz as well if we go for it. Any security risk is likely negligible within this extent. Use Debian, as it represents the most common denominator and provides static libraries for all the dependencies. Include the build script within the repository--it isn't necessary to use CMake but we need to extract the release number (though git tags may be used). Sign the binary with my PGP key, pin it to a release as an attachment and mention this in README.adoc. Enforcing static linking: see [sdn's Makefile](https://git.janouch.name/p/sdn/src/branch/master/Makefile) It's not going to be exceptionally portable. Linking libc statically isn't a good idea [because of NSS modules](https://stackoverflow.com/a/57478728/76313).
p added this to the v1.3.0 milestone 2 years ago
p self-assigned this 2 years ago
p added a new dependency 2 years ago
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Depends on
Loading…
There is no content yet.