Subject: Re: PKGSRC_PATCH_FAIL on unknown patch file (was Re: pkgsrc NetBSD 2.99.15/i386 bulk build results 2005-02-13)
To: Jeremy C. Reed <firstname.lastname@example.org>
From: Alistair Crooks <email@example.com>
Date: 02/16/2005 22:22:15
On Wed, Feb 16, 2005 at 02:08:18PM -0800, Jeremy C. Reed wrote:
> > > This will stop problem with impartial commits.
> > You're proposing that we fix a problem with "impartial commits" -
> > personally I don't mind who makes them :-) - but I'm not sure what
> > they are. Can you elaborate a bit for me, please?
> Developer adds some patches for security fix. And only commits part of his
> changes (accidently) at one time. Pkgsrc user builds new package that
> ignores patches which doesn't properly fix for security issue.
Well... the problem you outline above was noticed at the time, and
fixed. The driver for the patch files to be checksummed was a number
of PRs that were raised where old patch files existed and were being
applied automatically, and we thought that failing a whole build just
because there were some old files around was a bit harsh. If it comes
to that, I still do.
> I caused this problem a few months ago with Apache. It was mentioned at
> that time that PKGSRC_PATCH_FAIL on unknown patch file was a good idea by
> another developer. I just never got around to committing it and wanted to
> verify again.
I'm not sure it happens often enough to be worthwhile, pilot error may
be better served with more diligence - especially when committing
security fixes, and I'd like to keep the previous behaviour if at all
possible, please - aborting a build when there's no real reason to is
a bit harsh.
I wouldn't mind so much if PKGSRC_PATCH_FAIL could be set to warn and
continue, but it seems to be a straight "exit 1" in both cases.