On Wed, Oct 5, 2016 at 3:53 PM, Adam Williamson <adamw...@fedoraproject.org> wrote:
> I honestly think GNOME has this exactly right for the 'general' user: > the safe thing to do is to strongly encourage offline updates, i.e. > don't offer any online update mechanism through the desktop. In a > completely practical sense, given the current state of the tools and > the fact that we know bugs like this crop up - not *often*, but more > than *never* - I think it's a more responsible approach than running > the update process inside the desktop session. > > Could KDE perhaps look into making it so the update process runs > outside of the desktop session somehow, if it's not going to go to > full-on offline updates 'any time soon'? I know this decision has its > own complexities, though. > OK, I just think we need to do a reality check here. I initially was trying to find out exactly what was the risk... all the posts I read was more or less 99% of the time you'll be fine, but "be afraid, be very afraid". I then asked for more clarification.... "oh, it is too big to clarify, but be afraid, be very afraid... this is a serious issue". (Oh but by the way, most of the people who claim it is a serious issue go ahead and do online updates anyway...) OK, I can see the value in offline updates, so I create a RFE to DNF, which I thought was suppose to be THE STANDARD FEDORA SOLUTION. The response, which I completely understood and agreed with was basically, yeah, this is a good idea... but it is a low priority. The implication is that they believe there are more important items which demand their attention. First of all, if this was such a serious issue, Fedora completely failed in making it known. From what I gather the target audience for "offline" updates was novice users. What follows are rhetorical questions: Where was the campaign to communicate this "serious issue" to the Fedora community? Do you think you're going to get the message out by posting to the development mailing lists? Where was this discussion when we went from YUM to DNF if it was such an issue? If this is such a huge issue, why doesn't the DNF team consider it a higher priority? Why are we asking that each DE reinvent the wheel on this when we have DNF? That just seems to be a complete waste of resources. Every software has risks. I have yet to have an issue using YUM or DNF for online updates. The only time I have experienced an issue (which BTW was a complete PITA) was with PackageKit. So much for that... If Fedora collectively believes this is a serious enough issue then get the DNF team to change their priorities - otherwise people need to consider the risk in association with the exposure. Everything that I have read indicates that it is minimal. That isn't to say it shouldn't be done... what I am saying is people need to stop being alarmist and be worried about more serious issues.
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
