Publish a static build #9

New Issue

p · 2020-10-15T11:46:18+02:00

p commented

2020-10-15 11:46:18 +02:00

Once we get rid of cURL, our dependencies will be as trivial as libssl, libcrypto, libjansson, libev, libreadline and libncursesw. Possibly libz as well if we go for it.

Any security risk is likely negligible within this extent.

Use Debian, as it represents the most common denominator and provides static libraries for all the dependencies. Include the build script within the repository--it isn't necessary to use CMake but we need to extract the release number (though git tags may be used). Sign the binary with my PGP key, pin it to a release as an attachment and mention this in README.adoc.

Enforcing static linking: see sdn's Makefile

It's not going to be exceptionally portable. Linking libc statically isn't a good idea because of NSS modules.

Once we get rid of cURL, our dependencies will be as trivial as libssl, libcrypto, libjansson, libev, libreadline and libncursesw. Possibly libz as well if we go for it. Any security risk is likely negligible within this extent. Use Debian, as it represents the most common denominator and provides static libraries for all the dependencies. Include the build script within the repository--it isn't necessary to use CMake but we need to extract the release number (though git tags may be used). Sign the binary with my PGP key, pin it to a release as an attachment and mention this in README.adoc. Enforcing static linking: see [sdn's Makefile](https://git.janouch.name/p/sdn/src/branch/master/Makefile) It's not going to be exceptionally portable. Linking libc statically isn't a good idea [because of NSS modules](https://stackoverflow.com/a/57478728/76313).

p added this to the v1.3.0 milestone 2020-10-15 11:46:18 +02:00

p self-assigned this 2020-10-15 11:46:18 +02:00

p added a new dependency 2020-10-15 11:46:59 +02:00

#8 Lose the dependency on cURL

Sign in to join this conversation.