Gentoo Archives: gentoo-dev

From: Stuart Herbert <stuart@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Revisiting GLEP 19
Date: Wed, 21 Jul 2004 15:36:50
In Reply to: Re: [gentoo-dev] Revisiting GLEP 19 by
1 On Wednesday 21 July 2004 16:25, aeriksson@××××××××.fm wrote:
2 > I second that feeling. If what we're trying to achieve is to have a
3 > way to signal to the sysadmins that a security update is present, why
4 > not just add a [S] entry to 'emerge -pv'?
6 Two things. First off, I'd hope to achieve a lot more than just adding a [S]
7 entry to emerge -pv.
9 Secondly, where do you think Portage will get the information from to decide
10 whether or not to add the [S]? Right now, the design of the glsa toolset is
11 to bolt this information onto the side. With XML-based changelogs, the
12 information could be stored where it belongs - in the list of what has
13 changed and why.
15 > That way the community
16 > packaging gentoo can stay on step with the development of the upstream
17 > project (low cost), and the sysadmin was to decide (and take the cost)
18 > for doing the upgrade of his installed packages with security holes.
20 Done well (ie, providing a tool so that devs don't *have* to hack XML files by
21 hand), XML Changelogs should add no extra cost. They would also make
22 third-party GUIs like Porthole and much simpler to write
23 and maintain.
25 Best regards,
26 Stu
27 --
28 Stuart Herbert stuart@g.o
29 Gentoo Developer
32 GnuPG key id# F9AFC57C available from
33 Key fingerprint = 31FB 50D4 1F88 E227 F319 C549 0C2F 80BA F9AF C57C
34 --