From Fedora Project Wiki

< User:Tibbs

Revision as of 00:42, 8 October 2015 by Tibbs (talk | contribs) (Initial copy of the current guidelines)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Duplication of system libraries

A package should not include or build against a local copy of a library that exists on a system. The package should be patched to use the system libraries. This prevents old bugs and security holes from living on after the core system libraries have been fixed.

In this RPM packaging context, the definition of the term 'library' includes: compiled third party source code resulting in shared or static linkable files, interpreted third party source code such as Python, PHP and others. At this time JavaScript intended to be served to a web browser on another computer is specifically exempted from this but this will likely change in the future.

Note that for C and C++ there's only one "system" in Fedora but for some other languages we have parallel stacks. For instance, python, python3, jython, and pypy are all implementations of the python language but they are separate interpreters with slightly different implementations of the language. Each stack is considered its own "system" and can each contain its own copy of a library.

Some packages may be granted an exception to this. Please see the No Bundled Libraries page for rationale, the process for being granted an exception, and the requirements if your package is bundling.

For information on how to remove bundled libraries, see: Treatment Of Bundled Libraries.

Bundling of multiple projects

Fedora packages should make every effort to avoid having multiple, separate, upstream projects bundled together in a single package.

However, when this is unavoidable, packagers must apply for a Bundling Exception with the Fedora Packaging Committee. For more information on Bundling and applying for a Bundling Exception, please read Packaging:No_Bundled_Libraries.

Avoid bundling of fonts in other packages

Fonts in general-purpose formats such as Type1, OpenType TT (TTF) or OpenType CFF (OTF) are subject to specific packaging guidelines (1), and should never be packaged in a private application directory instead of the system-wide font repositories. For more information, see: Packaging:FontsPolicy#Package_layout_for_fonts.