RFR: 8u: 8076475: Misuses of strncpy/strncat
Andrew Dinn
adinn at redhat.com
Thu May 28 08:31:08 UTC 2020
On 27/05/2020 19:06, Andrew Hughes wrote:
> I'm struggling to see where we disagree here.
I think we are mostly disagreeing over emphasis -- which always risks
straying into the arena of angels dancing on pinheads (or, to add a dash
of Bertrand Russell to Rumsfeld's epistemological categories, unknowable
unknowns -- which in epistemic terms implies a very pink-about-the-gills
type of fish).
Rather than enter that arena might I suggest we restate our agreement
over, and *emphasize* for future reference, this one key maxim regarding
backporting of dependent upstream fixes:
Downstream fixes should normally only presume the presence of a
dependent upstream fix if there is a compelling need to have that
dependency /in its own right/. If not then the default assumption has to
be that a downstream fix should be sought without relying on that
upstream dependency.
That's not absolute because we are all reasonable people and need to
allow for and accept well reasoned arguments. However, it does mean
pulling in extra patches needs to be provided with such good reasons (in
an RFC thread).
regards,
Andrew Dinn
-----------
More information about the jdk8u-dev
mailing list