forums, mailing lists and other tools

Mirko Boehm mirko at
Thu Jan 18 10:02:43 UTC 2018


> On 18. Jan 2018, at 10:45, Daniel Pocock <daniel at> wrote:
> The real questions:
> - can you trust a container to be available in the future the same
> extent that you can trust a package in a stable Linux distribution?
> - can you trust upstream developers to ensure they never put anything
> non-free into their container images or does somebody have time to
> verify the contents of those images on every update?
> When you take something from an official package, it has usually been
> looked at by a second set of eyes already.  If you cut that step out
> then how long is it before non-free stuff creeps in?

These are real questions. I don’t have any answers for them. To me the issue of JS in web services is separate from them, though.


Mirko Boehm | mirko at | KDE e.V.
FSFE Fellowship Representative, FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Discussion mailing list