tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: MESSAGE considered harmful

Tim Zingelman <> writes:

> I would ask instead that the binary package managers please learn how
> to show this information to users, because (at least in my opinion)
> where I have added them, they provide information that will avoid the
> potential for serious disappointment by the users.  Such as
> security/mit-krb5/MESSAGE and security/openssl/MESSAGE.SunOS

Agreed that if MESSAGE stays at all binary package managers should show

The first part of the mit-krb5 one is already in DESCR, which I think is
sufficient.  I can see the point of the second hunk, but at the same
time that's normal documentation.

I didn't find security/openssl/Message.SunOS (in 2014Q4)??

I think the heart of the issue is that upstream documentation doesn't
have a universal form, and also that there's a desire to warn people who
don't read documentation of things.  While I can see where that desire
comes from, I think we should optimize for people who do.

> If 'make install' leaves the software in an unsafe (default password)
> or unusable state, I think a MESSAGE is warranted.

That is more or less what I meant by "very limited circumstances where
there is an articulated reason why it really makes sense".  If MESSAGE
were only used for those situations, I wouldn't have commented.  In wip,
there are 258 MESSAGE files and 27 MESSAGE.* files.  I read a few of the
unsuffixed ones and skimmed the MESSAGE.* and didn't see anything that
needed to be shouted at the user vs just documentation.  In net/, there
are 90 MESSAGE files in 794 packages.  I skimmed those, and they seem
almost entirely normal documentation.   There are currently 1064 MESSAGE
files in my tree (mostly 2014Q4, some HEAD, including wip).   Without a
real basis, that seems like far more than are warranted.

Also, I'd say that if make install leaves the system in a bad state
(rather than with just extra software not being run), then the package
is buggy and should be fixed.

> The latter of my examples reminds me... what about all the platform
> specific MESSAGE.platform files?  Would you deprecate them too?

I would think so; those would be

Really I posted this becuase I perceived a trend that a lot of new
packages have MESSAGE, leading me to think people think it's a good
thing in general, rather than a place to put a very unusual caution.


Attachment: pgp559ZgpevoN.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index