Vaeth ha scritto:
On Tue, 16 Sep 2008, Stroller wrote:
The risk is that you want to install X that depends upon Y.
The ebuild for X states that version >1.2.3 of Y must be used because
there's a bug in 1.2.2.
The new version of Y fails to compile, so when X is compiled it only
has the old version of Y to work with. It may compile OK but not work
or feature a security bug.
That's not the real risk: Since any sane user will of course check which
packages have failed and make sure that the upgraded version will be
installed, this will not leave you with an inconsistent system
(the next emerge -NaDu world - which of course also any sane user would
do afterwards - would even tell you the problem, and in case of an ABI
change you would be informed by revdep-rebuild).
Well, that's exactly the point where ciaranm and others accused r0bertz
(and implicitly me, usually doing the same) of being... well, the title
of my original post is clear.
"(mlangc) if your "update" script leaves your system unusable you would
not even have a clue what went wrong ....
[...]
(zhllg) mlangc, i can find which packages are broken
(zhllg) just run emerge -tavuDN world again immediately after running
that script
[...]
(ciaranm) idiot is too mild a term for this one"
Harsh tones/awkward social skills apart :) , the guys seem to imply this
kind of check is not enough.
The only case I can think of where _really_ problems might arise is the
(very rare) situation which I had described: That the ./configure script
of X builds X without errors but also without support for Y if only 1.2.2
of Y is installed:
Then neither later upgrading of Y nor revdep-rebuild will show anything
suspicious, although X does not behave in the intended way.
Very clear, thanks.
This is, technically, a bug in the ./configure ,however, isn't it?
m.
