From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 71C8E1396D9 for ; Sat, 28 Oct 2017 02:41:42 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 537D2E0DAC; Sat, 28 Oct 2017 02:41:26 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 07FE6E0D92 for ; Sat, 28 Oct 2017 02:41:26 +0000 (UTC) Received: from [172.16.0.17] (cpe-72-227-68-175.maine.res.rr.com [72.227.68.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: desultory) by smtp.gentoo.org (Postfix) with ESMTPSA id B83A33402FE for ; Sat, 28 Oct 2017 02:41:24 +0000 (UTC) Subject: Re: [gentoo-dev] [RFC] GLEP 74: Full-tree verification using Manifest files To: gentoo-dev@lists.gentoo.org References: <1509048745.18656.6.camel@gentoo.org> <20171027234804.535f6e13@pc1> From: Dean Stephens Message-ID: Date: Fri, 27 Oct 2017 22:41:22 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <20171027234804.535f6e13@pc1> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: 992e7db7-36bf-47c4-92e8-0b4cd98e451f X-Archives-Hash: 0624a802698ea1ea1182bf37a4ecbd12 On 10/27/17 17:48, Hanno Böck wrote: > Should a package manager reject a sync if it is too old? or not install > packages if a sync hasn't happened for some time? What is considered > "outdated"? I think that should be clarified how exactly it's supposed > to work. > If such a rejection is to be the default, an override option should be required as part of the spec. There are use cases where using an "old" repository would be necessary, even if only temporarily.