[SERVER-51675] Consider adding lzma to third party Created: 15/Oct/20  Updated: 08/Aug/23  Resolved: 08/Aug/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Daniel Moody Assignee: [DO NOT ASSIGN] Backlog - Server Development Platform Team (SDP) (Inactive)
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Development Platform
Participants:

 Description   

Currently libunwind will only use system installed lzma.

We may want to include building lzma in third party, as this will possibly allow us to standardize a version for which we test against, and remove a required dependency that is needed to be install by a given platform's package manager or similar.



 Comments   
Comment by Alex Neben [ 08/Aug/23 ]

Closing these issues and closing the containing epic. Please reopen if these are still a problem.

Comment by Andrew Morrow (Inactive) [ 05/Jan/21 ]

I can't really entirely justify my unease since this request models existing practice, but this idea makes me uneasy. I think, in general, we should attempt to vendor as few libraries as possible. Good reasons for vendoring include that we cannot deliver required functionality across all platforms without vendoring (think boost), or that persisted data has a hard dependency on a specific version (think icu), or that we require local modifications to make the package work for us (several). The compression libraries don't generally fall into any of these categories. In many cases I think we would be better off using the system version, as long as it was of a sufficient API/ABI rev to meet our programmatic needs. Any package we vendor becomes another for which we need to track and perform updates, backport those, deal with CVEs, etc. I wonder if the right way to go here is to actually go the other way and start making more use of system packages. Should we instead use the system libunwind if found to be a sufficient version, and which is probably configured correctly to use lzma if it is available on the system? The point about additional dependencies is true, but mitigated for all cases where users install via a package management system. Hopefully that is an increasingly large subset of our users.

Generated at Thu Feb 08 05:26:07 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.