Gentoo Archives: gentoo-dev

From: Jean-Michel Smith <jsmith@××××.com>
To: Wout Mertens <wmertens@g.o>, gentoo-dev@g.o
Subject: Re: [gentoo-dev] Apache security hole and ebuild
Date: Thu, 20 Jun 2002 09:52:25
Message-Id: 200206200958.14395.jsmith@kcco.com
In Reply to: Re: [gentoo-dev] Apache security hole and ebuild by Wout Mertens
1 On Thursday 20 June 2002 06:46 am, Wout Mertens wrote:
2
3 >
4 > But that is exactly what Changelog is for, notifying the user about what
5 > changed. Although I admit it doesn't have a lot of visibility, we might
6 > want to do something about that, like an option on emerge that shows the
7 > changelogs since your version...
8
9 that is a great idea! i would only add that some indication of severity (with
10 appropriate colorized output perhaps?) would be nice, so that mundane changes
11 (new incremental version update, no big changes) would be in white, while
12 more significant changes that might require configuration changes and/or
13 break a current running setup (like apache) would be in yellow, while
14 signficant changes (like major version update or very incompatible changes, a
15 la db3 -> db4 or the recent libpng update) would have a higher severity that
16 would print out in bright red! :-)
17
18 Then one could to an 'emerge -u -p world --show-changelog' (or whatever the
19 switch ends up being) and see right away, with a casual glance, which changes
20 are likely to be the most worrisome.
21
22 Jean.