| 1 |
On 06/01/22 17:47, Mikey wrote: |
| 2 |
> On Sunday 22 January 2006 16:56, Marius Mauch wrote: |
| 3 |
> |
| 4 |
> > > > That's not really what you want. |
| 5 |
> > > > -s updates might (will) be overlaid with version or revision bumps |
| 6 |
> > > > from time to time, for this to be of any use it has to happen at the |
| 7 |
> > > > resolver level (visiblity filter). |
| 8 |
> > > |
| 9 |
> > > "Normal" emerges would take -s2 over -r1 or -s1. The change is |
| 10 |
> > > transparent when not in "glsa-only" mode. |
| 11 |
> > |
| 12 |
> > You didn't understand what I said. If you just play around with the |
| 13 |
> > output info you'll miss updates. |
| 14 |
> |
| 15 |
> How will I miss updates? "Standard" actions (system world) or myfiles would |
| 16 |
> work the exact same as they do now, they just consider a new revbump |
| 17 |
> specifier in the digraph calculation. |
| 18 |
> |
| 19 |
> The "non-standard" action that I am proposing, call it "emerge glsa-only", |
| 20 |
> would take the output from emerge -Du world and filter out anything from |
| 21 |
> the resulting package list except for -s packages. I will only "miss" |
| 22 |
> updates that are not strictly security related. If there is no |
| 23 |
> security-only related update, i.e. I have to upgrade to the next version, |
| 24 |
> glsa-check will report it and I will have to manually update. |
| 25 |
|
| 26 |
The problem with your reasoning is that portage only reports the |
| 27 |
"highest" upgrade (from it's point of view). So if you have package |
| 28 |
A-1.0 installed and two possible upgrades, say A-1.0-s1 and A-1.1, then |
| 29 |
portage will chose the "highest" of the two. So the output from that |
| 30 |
command would be: |
| 31 |
|
| 32 |
| These are the packages that I would merge, in reverse order: |
| 33 |
| |
| 34 |
| Calculating world dependencies ...done! |
| 35 |
| [ebuild U ] the-cat/A-1.1 [1.0] ...... |
| 36 |
|
| 37 |
It will not output the following: |
| 38 |
|
| 39 |
| These are the packages that I would merge, in reverse order: |
| 40 |
| |
| 41 |
| Calculating world dependencies ...done! |
| 42 |
| [ebuild U ] the-cat/A-1.0-s1 [1.0] ...... |
| 43 |
|
| 44 |
|
| 45 |
So you _will_ miss upgrades if you only filter the output of emerge in |
| 46 |
your solution and expect to get all security related upgrades relating |
| 47 |
to the package you're using. |
| 48 |
|
| 49 |
-- |
| 50 |
/ Patrick Börjesson |
| 51 |
\ ------------------- |
| 52 |
/ () The ASCII Ribbon Campaign - against HTML Email |
| 53 |
\ /\ and proprietary formats. |
Archives