[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: yum --skip-broken update by default?

On Fri, Dec 12, 2008 at 10:42 AM, John Ellson <john ellson comcast net> wrote:
> How about just within the current Fedora collection?

You missed the point.

If we make skip-broken work silently by default and do not notify
users about the crap being skipped... then our users who have 3rd
party repos installs will be missing Fedora updates.   That means..
they will silently fail to receive Fedora signed security updates. Not
cool. We can't just turn a blind-eye to that because they have 3rd
party repos enabled if we deliberately choose a default setting which
does that sort of thing silently.

Then there is also crap like locally installed packages..which were
downloaded from outside a repository structure.  Poeple do it. We make
it easy for them to do via a url handler in Firefox. There's no bloody
way a team of testers can catch that.

You can not possibly hit all the in the wild cases where someone is
going be affected by a broken dep chain which prevents them from
getting a Fedora signed security update with a small team of testers
who dedicate their very existence to testing for depchain breakage.
We have to notify users as its happening on their systems. I've no
problem giving them a choice to skip once they are notified.. but they
absolutely must be notified that updates are being skipped and whether
those updates are considered security or critical.  To silently ignore
that those updates aren't being installed, is a failure to adequately
notify users so they can make informed choices.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]