Jesse Keating (jkeating@redhat.com) said:
For the case where you have some shared, some static with matching shared, and some static only:
If you put the static only in -devel, we can't reasonably detect all the things that link against the static library. We'd have to investigate anything that BRs the -devel package. If you put the static only in with the other statics in -static you then have all the statics in the chroot and run the risk that spot talks about of accidentally statically linking to things that have shared alternatives.
The only way this can happen (AFAIK) is if they're linked by:
- explicitly listing %{_libdir}/libfoo.a on the link line - explicitly passing -Wl,-bstatic
Either of these things should be auditable.
Bill