At last count, there are 281 packages in portage that support the ssl USE flag. However, in a production environment, gratuitously exporting USE="ssl" in global scope leads to situations where many packages are built with openssl support where it simply isn't necessary. Naturally, linking in external code where it isn't necessary leads to greater fragility of the system as a whole - particularly with regard to certain upgrade scenarios (as anyone who hangs around in #gentoo for longer than 5 minutes will be acutely aware of). Further, such an approach increases the potential 'surface area' in terms of potential bugs and security vulnerabilities. For this reason, some of us ensure that ssl (among other things) is not exported globally and employ package.use in order to enable it where we specifically need it. What on earth has this to do with wget, one might ask? Well, wget is - in a sense - a special case. My reasons for saying so are as follows: * It is of great importance, being used by portage by default * There are at least 60 packages that require the use of https (probably more) * Users of many different backgrounds may plausibly want to use wget directly in conjunction with URIs beginning with https:// * IUSE defaults are useful for setting important 'out-of-the-box' per-package defaults that are useful to the vast majority of the gentoo userbase (whether the user is of the Joe 'duh-what's-a-profile?' Sixpack variety, or an experienced sysadmin of many years standing) In summary, it seems difficult to envisage a plausible situation where anyone would want to deliberately exclude ssl support for wget, irrespective of their intended customisations. Because of that, and the above-mentioned points, I think it is a good candidate for having ssl defined as an IUSE default. It would certainly cause no harm, and would make experienced users happy as they would no longer need to define wget in package.use as a 'corner case' among the system package set.
i dont have a problem with IUSE=+ssl in wget, but you have to justify it first the profile defaults to USE=ssl. if you turn around and add USE=-ssl to your make.conf, then an IUSE default wont matter -- you've already stated your preference that you want ssl disabled by default. so why would IUSE=+ssl make any difference at all to this setup ?
That's a fair question. My answer is that, on the basis that I don't like the profile defaults, I do it the right way(tm) and drop "defaults" from USE_ORDER rather than exporting USE="-*" or USE="-foo -bar -baz -ad -nauseum". Specifically, I use: USE_ORDER="env:pkg:conf:pkginternal" Note that the effect of defining USE="-*" has changed at least once in the lifetime of portage [1]; adjusting USE_ORDER has a more predictable effect because it specifically nominates the sources from which USE flag policy is sourced. I've personally encountered a fair few people on IRC in my time who proudly profess to make use of USE="-*" and I always point that out to them that it's effect is not so well-defined or assured in the long term. I've also advised many poor souls in #gentoo-server who are having trouble getting a handle on flag creep to the same ends over the years. I know that people who customise in such a sophisticated manner are considered to be in a minority, but I think that's because we tend not to speak up much about such things through broad-ranging channels. There are more of us than many developers realise. Believe me, I'm very wary of abusing IUSE to fit a particular scenario - indeed, I think it is already used too heavily - and somtimes inappropriately - as it is [2]. I don't know what the policy is on pkginternal stuff, if indeed there is one, but I can't see how anyone would lose from the change I'm requesting. [1] I have a distinct recollection that it impacted upon package.use settings as well at one point although it was quite some time ago - can't recall the details off-hand [2] Was very sad to see profile-based USE defaults being deprecated (e.g. some flags would make more sense as defaults in targets/desktop/package.use rather than being forced upon everyone as pkginternal defaults)
Self-correction: "I don't like the profile defaults" --> "I don't like the profile defaults but understand the importance of - and value - the pkginternal defaults"
profile package.use might be discouraged, but it doesnt mean it isnt still fully supported for people to leverage however they like at any rate, sounds fine to me http://sources.gentoo.org/net-misc/wget/wget-1.12-r1.ebuild?r1=1.1&r2=1.2
Thank you for your consideration and understanding.
