Michael Catanzaro wrote:
> On Fri, Feb 24 2023 at 12:00:40 AM +0100, Björn Persson
> <bj...@xn--rombobjrn-67a.se> wrote:
>> There are also other dangers with installing only security fixes. If a
>> bugfix is released and packaged, and later it's discovered that the
>> bug
>> had security implications, then no security update will be made
>> because
>> the fix is already packaged. It might be possible to set a security
>> flag on the update after the fact, but nobody will bother with that.
>>
>> I would therefore advise against using --security. If one can't
>> install
>> all the updates continuously, then one should use a more stable
>> distribution than Fedora.
>
> tbh I'd go so far as to propose that this functionality should not be
> reimplemented in dnf5 at all.
I would personally not miss --security, but what is really useful is the
--advisory=… flag that used to be implemented by the same plugin. (They are
now both built in in DNF.) That is invaluable to test individual updates
from updates-testing. I would consider the absence of --advisory=… a
dealbreaker.
Kevin Kofler
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
