On Wed, Apr 22, 2020 at 1:33 PM Michael Orlitzky <
mjo@gentoo.org> wrote:
On 4/22/20 2:24 PM, Michael Jones wrote:
>
>
> On Wed, Apr 22, 2020 at 1:19 PM Michael Orlitzky <mjo@gentoo.org
> <mailto:mjo@gentoo.org>> wrote:
>
> How do you plan to update all of your programs when there's a security
> vulnerability in, say, OpenSSL?
>
>
> Is there some reason why all packages that depend on OpenSSL,
> transitively, could not be recompiled?
If you statically link more than a few things, this is emerge -e @world
twenty times a day.
Why would I need to emerge world? Portage knows the full list of packages that depend on openssl, transitively.
Unless you're generalizing to say that (almost) everything depends on openssl, I suppose.
Also, didn't the handbook, at one point, say not to sync portage more than once a day? So why would package installations happen 20 times per day?