Differences between revisions 8 and 9
Revision 8 as of 2020-08-12 13:46:14
Size: 1837
Comment: Add item around security, minor rephrasing.
Revision 9 as of 2022-05-15 11:16:55
Size: 2044
Comment: Add links
Deletions are marked like this. Additions are marked like this.
Line 7: Line 7:
 * You can be sure that all your dependencies will receive security updates from Debian even if the upstream developers do not provide any.  * You can be sure that all your dependencies will receive security updates from Debian even if the upstream developers do not provide any.    * It protects developers and users from supply chain attacks. See [[https://arxiv.org/pdf/2005.09535.pdf|paper]] and [[https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html|examples]]

This page list advantages for a software project to be packaged in Debian:

  • Your users can install your software like any other Debian software with the package manager they're used to. They will be able to trust that the software has been reviewed and signed by Debian Maintainers.
  • You can be sure that all your dependencies will be available in Debian for the whole Debian LTS lifetime, and they will not change and break compatibility.
  • You can be sure that all your dependencies will receive security updates from Debian even if the upstream developers do not provide any.
  • It protects developers and users from supply chain attacks. See paper and examples

  • Administrators of larger installations can install your software from the official archive and don't need to make special effort to provision your software. Often, large organizations have lengthy approval processes for new software for legal (licensing) and security reasons, yet well-known distributions receive a blanket approval.
  • It's easier to keep the dependency list of your software current if your software is in the archive. The Debian QA scripts will automatically find problems in the dependencies.
  • Debian Maintainer ensure that your software fits as well as possible into the larger system, playing nicely with things like system startup, logging, file types, network setup, desktop environment, sandboxing, and many more.
  • You get a cost-free quality and security review by an external developer with knowledge about other projects, best practices and free software guidelines.
  • Packages in Debian are also automatically available in all Debian derivatives like Ubuntu.

  • Your software will be built and tested on many architectures other than x86.

If you want your software to be packaged for Debian, then you might be interested in Debian's Upstream Guide.