From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 32617 invoked from network); 21 Jul 2004 15:38:20 +0000 Received: from smtp.gentoo.org (156.56.111.197) by lists.gentoo.org with AES256-SHA encrypted SMTP; 21 Jul 2004 15:38:20 +0000 Received: from lists.gentoo.org ([156.56.111.196] helo=parrot.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.34) id 1BnJAg-0006oZ-9f for arch-gentoo-dev@lists.gentoo.org; Wed, 21 Jul 2004 15:38:18 +0000 Received: (qmail 10747 invoked by uid 89); 21 Jul 2004 15:38:17 +0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 18567 invoked from network); 21 Jul 2004 15:38:17 +0000 Message-ID: <40FE8DE8.1090003@gentoo.org> Date: Wed, 21 Jul 2004 11:38:16 -0400 From: Lina Pezzella User-Agent: Mozilla Thunderbird 0.7.1 (Macintosh/20040626) X-Accept-Language: en-us, en MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org References: <20040721152507.296CE3F03@latitude.mynet.no-ip.org> In-Reply-To: <20040721152507.296CE3F03@latitude.mynet.no-ip.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [gentoo-dev] Revisiting GLEP 19 X-Archives-Salt: a17e1ff3-9da3-4261-911f-aa084b591dbb X-Archives-Hash: 24db164acf655ad5ef47f42694b80dbb aeriksson@fastmail.fm wrote: > >weeve@gentoo.org said: > > >>I personally would very much like to leave ChangeLogs as they are. >>We already have tools to make sure they are in the right format >>(though repoman doesn't check for it and yes developers can choose >>not to use these tools). I think changing them over to XML would >>be more overhead in file size and in required tools to parse them >>than is really necessary. If the problem is that people can't >>follow directions, then don't punish those of us who do. >> >> > >I second that feeling. If what we're trying to achieve is to have a >way to signal to the sysadmins that a security update is present, why >not just add a [S] entry to 'emerge -pv'? That way the community >packaging gentoo can stay on step with the development of the upstream >project (low cost), and the sysadmin was to decide (and take the cost) >for doing the upgrade of his installed packages with security holes. > >Doing this would put some stress on the ability to run different >packages from different eras together on the same box. The flexible >dependency system we have today _should_ prove useful to make that >happen, and if there are packages with too tight requirements on >versions of other packages it uses, we should bring that issue up with >the upstream project. Taking it upon ourselves to do backports etc is >just to costly, imho. > >/A > > >-- >gentoo-dev@gentoo.org mailing list > > > I agree completely with this suggestion. Personally at my workplace, my boss was considering going with debian because you could specify to only update for security reasons (through only placing security repositories in sources.list). Fortunately for me, he had a few bad experiences with debian developers and went with gentoo despite the lack of the security-updates-only option. Adding an [S] option to emerge -pv would certainly make our lives easier here, and at many corporations who don't see the need to update regularly. -j4 -- gentoo-dev@gentoo.org mailing list