On Sun, 2003-12-07 at 20:26, Jeff Smelser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sunday 07 December 2003 01:56 pm, Eric Paynter wrote: > > Nobody said they have to apply every change. You really only need to > > apply the security patches. As for the rest, read the changelog and > > see if there is any benefit to updating - often there isn't. I've > > seen a lot of packages go from, for example, version-x-r3 to > > version-x-r4 and the only change in the changelog is "marked stable > > on platform y", when it's not even installed on platform y. So it's > > just a recompile for nothing. > > Your right, you don't.. But lets says package A comes out with a security fix. > After this box has been up for year, most of this stuff the server has, is > probably gone. Hell, 6 months is a long time in gentoo world. He tries to > update and it says he has to upgrade 50 others because gentoo has grown since > then.. Why should he have to upgrade the 50 others?? Do a one shot or nodeps > you say? Then your taking a chance the ebuild/build process will fail due to > the fact the other packages are 'old'.. > > Its not as that far off, since it happened to people running gentoo. The > gentoo tree it highly depended on you keeping up with it.. >
I think that there is a high degree of probability that portage-ng(-ng(-ng)) ;) will include some form of tree selection. I personally would like to see something like this. Either pointing to a completely different rsync server set, or having a extended set of architecture definitions. I prefer the latter, as in x86-server, ~x86-server, x86-desktop, x86-testing and the like. Security updates would of course need to penetrate all types here. Maybe ~x86 and x86 simply isn't enough of a split between what is stable and what isn't anymore, especially because enterprise server people are looking at Gentoo. Just my 2p... -- Tom Wesley
signature.asc
Description: This is a digitally signed message part
