1 |
On 06/01/22 17:47, Mikey wrote: |
2 |
> On Sunday 22 January 2006 16:56, Marius Mauch wrote: |
3 |
> |
4 |
> > > > That's not really what you want. |
5 |
> > > > -s updates might (will) be overlaid with version or revision bumps |
6 |
> > > > from time to time, for this to be of any use it has to happen at the |
7 |
> > > > resolver level (visiblity filter). |
8 |
> > > |
9 |
> > > "Normal" emerges would take -s2 over -r1 or -s1. The change is |
10 |
> > > transparent when not in "glsa-only" mode. |
11 |
> > |
12 |
> > You didn't understand what I said. If you just play around with the |
13 |
> > output info you'll miss updates. |
14 |
> |
15 |
> How will I miss updates? "Standard" actions (system world) or myfiles would |
16 |
> work the exact same as they do now, they just consider a new revbump |
17 |
> specifier in the digraph calculation. |
18 |
> |
19 |
> The "non-standard" action that I am proposing, call it "emerge glsa-only", |
20 |
> would take the output from emerge -Du world and filter out anything from |
21 |
> the resulting package list except for -s packages. I will only "miss" |
22 |
> updates that are not strictly security related. If there is no |
23 |
> security-only related update, i.e. I have to upgrade to the next version, |
24 |
> glsa-check will report it and I will have to manually update. |
25 |
|
26 |
The problem with your reasoning is that portage only reports the |
27 |
"highest" upgrade (from it's point of view). So if you have package |
28 |
A-1.0 installed and two possible upgrades, say A-1.0-s1 and A-1.1, then |
29 |
portage will chose the "highest" of the two. So the output from that |
30 |
command would be: |
31 |
|
32 |
| These are the packages that I would merge, in reverse order: |
33 |
| |
34 |
| Calculating world dependencies ...done! |
35 |
| [ebuild U ] the-cat/A-1.1 [1.0] ...... |
36 |
|
37 |
It will not output the following: |
38 |
|
39 |
| These are the packages that I would merge, in reverse order: |
40 |
| |
41 |
| Calculating world dependencies ...done! |
42 |
| [ebuild U ] the-cat/A-1.0-s1 [1.0] ...... |
43 |
|
44 |
|
45 |
So you _will_ miss upgrades if you only filter the output of emerge in |
46 |
your solution and expect to get all security related upgrades relating |
47 |
to the package you're using. |
48 |
|
49 |
-- |
50 |
/ Patrick Börjesson |
51 |
\ ------------------- |
52 |
/ () The ASCII Ribbon Campaign - against HTML Email |
53 |
\ /\ and proprietary formats. |