[tor-bugs] #12869 [Onionoo]: protocol api separation
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 20 07:42:30 UTC 2014
#12869: protocol api separation
-------------------------+----------------------
Reporter: iwakeh | Owner: iwakeh
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Onionoo | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-------------------------+----------------------
Comment (by iwakeh):
About the java api situation/libs in git (might be a little of topic):
Is there a discussion thread about the development guidelines?
I assume, I'm not the first to ask some of these questions.
What are your concerns about binaries in git? I know older vcs couldn't
handle
binaries correctly, but a modern git is fine.
Of course, the guidelines for developing tor-services discourage providing
your own libs. But debian java libraries are - in some cases - really
ancient.
This might hinder good design which also provides security.
A third party library in git is easier to verify than drawing it from some
third party repo.
The involved tor java project would have a clear responsability
and tight control.
Providing all dependencies via git would remove the necessity for debian
packages
other than plain java, hence make base system set-up easier.
A java (standalone) service could be provided in one jar which also
simplifies deployment.
In order to only use verified java libs I think it needs some other
mechanism than debian package management.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12869#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list