[Wolfi Package Request]: lib-only version of zbar #78658
Description
What software would you like us to add to wolfi-os. Ideally include a URL to the project and its source.
Currently, I am using the zbar package to enable pyzbar. It pulls in the whole suite of graphical libraries, including GTK-3 and GTK-4. I install with RUN apk add --no-cache --no-scripts zbar because of a recent breakage with lag on updating glibc (pytorch had 2.42, apk packages were updated to 2.43), and I'm only copying libzbar and deps like so:
COPY --from=build \
/usr/lib/libX11.so* \
/usr/lib/libXau.so* \
/usr/lib/libXdmcp.so* \
/usr/lib/libXext.so* \
/usr/lib/libXv.so* \
/usr/lib/libdbus-1.so* \
/usr/lib/libsystemd.so* \
/usr/lib/libxcb.so* \
/usr/lib/libzbar.so* \
/usr/lib/
A library-only package that only pulls in something like the above would reduce the attack surface by default, and reduce the chance of hitting internal incompatibilities.
which versions of the software should we include?
latest
Add some justification for why this specific package and versions are important.
libzbar / pyzbar are go-to libraries for QR code scanning. You already package zbar, so (I belive) you would not be including any additional potential CVEs.
Please check all that apply
- This package has an un-restrictive license
- The package/versions proposed are actively maintained upstream
- I am interested in adding this package to Wolfi OS myself
- I am willing to help maintain this package