Follow

Looks like this whole debacle is going to be hard to address due to Java practices consisting in shipping binaries (jars) of unknown provenance.

Glad the one in is built from source, and now fixed:
git.savannah.gnu.org/cgit/guix

@civodul
$ ls /gnu/store/*java*
/gnu/store/8ywz51wd7mkq2ngiqy8i9mj0h5javas0-at-spi2-core-2.34.0.drv
/gnu/store/akmdwfx9fvipjavalnn00yp5n4g8l1m6-libspiro-dist-20200505.tar.gz.drv
/gnu/store/wpvapm1wpfmgqq6m70xrjavahhklakf9-ghc-persistent-postgresql-2.13.2.1-guile-builder
/gnu/store/ycdmlw7sidjavabfy5as7p9rsiw1ki19-python-pygments-2.7.4.drv

whew, the four "java"s that appear in my /gnu/store are just part of a hash :)

> practices consisting in shipping binaries (jars) of unknown provenance

this fits in with an article I'm thinking of writing, about various undesirable consequences to software freedom of some recent software packaging trends. thanks for providing me with yet another undesirable consequence to mention
Sign in to participate in the conversation
Mastodon (Aquilepouet)

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!