pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: HEADS UP: security/audit-packages removal

Matthias Scheler wrote:

On 8 Jan 2008, at 13:41, Greg Troxel wrote:
I don't think you really answered the question, but I interpret your
answer as "no".  My point is that withdrawing audit-packages without a
forced upgrade to pkg_install that brings it back seems unfriendly.

I completely agree.

The old "audit-packages" package should not be removed before a "pkg_install"
which includes the "audit-packages" has been pulled up into at the least
the "netbsd-4" branch.

    Kind regards

Are we all talking about the same thing here ?

I was under the impression that Greg's issue was that we are depreciating security/audit-packages but not forcing an upgrade to an pkg_install version that has the replacement functionality. But here you're talking about an import into the NetBSD base system. What about all the non-NetBSD pkgsrc users ?

All that aside, this issue is easy enough to resolve, we simply bump PKGTOOLS_REQD when security/audit-packages is removed from CVS, then everyone gets it. I don't have a major objection to this. As far as I'm concerned the less ppl have to do, to get it up and running, the better.

But, to me, it does seem a bit counter user-friendly. In the past AFAIK security/audit-packages was always optional, it was never forced on anyone. But now, we are saying "because we're replacing it we're making the upgrade of pkg_install mandatory". I prefer to leave it optional just like the install of security/audit-packages always was. If people want the functionality they know where it is.

Just remember what I said initially too, although the package will be removed from CVS we will continue to update the pkg-vulnerabilities file for it until *at least* 2008Q1 is cut.


Home | Main Index | Thread Index | Old Index