Subject: Re: CVS commit: pkgsrc/mk/bulk
To: None <email@example.com>
From: None <firstname.lastname@example.org>
Date: 11/21/2005 10:42:37
(appologies for any typos in quoted material, I pieced this together by hand)
> On 11/20/2005 Krister Walfridsson wrote:
> I definitely agree that you should not need to change you configuration
> as a result of changes in the infrastructure. My annoyance was because
The whole point of changing from ALLOW_VULNERABLE_PACKAGES is so you NEED
to change your configuration and you need to explicitly think about
which vulnerabilities you're going to allow. In this case I think it
is entirely appropriate to need to change you configuration due to
ALLOW_VULNERABLE_PACKAGES is replaced with ALLOW_VULNERABILITIES because
blindly allowing _all_ vulerabilities is a generally a bad thing.
> On 11/20/2005 Allistair Crooks wrote:
> I already have ALLOW_VULNERABLE_PACKAGES set in my /etc/mk.conf. That
> should be a hint that I don't want audit-packages to be run on bulk
> builds. Why do I have to set SKIP_AUDIT_PACKAGES as well?
It's not an additional setting. It was just renamed.
As far as I can tell, nothing in pkgsrc/mk currently, or previously
set ALLOW_VULNERABLE_PACKAGES, so builds, bulk or otherwise, perform
the audit-packages check. To me, that seems like the proper default
setting and the default for SKIP_AUDIT_PACKAGES is exactly the same.
I had figured, that with the number of messages about this
(both on this list and on tech-pkg, where I originally posted my changes
for review) people might notice that they would have to rename their
ALLOW_VULNERABLE_PACKAGES variable to SKIP_AUDIT_PACKAGES. (and if not
seen there, it's documented in mk/default/mk.conf and in the pkgsrc guide)