Hi Ricardo,
Am 09.08.19 um 10:54 schrieb Ricardo Wurmus:
> Whenever an input is changed the package will be rebuilt, because we
> can’t know if the presence of a package will affect the build or not.
>
> In the case of patching references the presence of the input *will*
> affect the output (as a reference to the absolute file name will be
> recorded). In the case of propagated inputs it’s really the same,
> expect that the package will also be installed into the target profile.
My concerns are not about building, but about installing. A concrete
example:
* Ansible is a Python program running ssh via a path to
/gnu/store/…-openssh-8.0p1/bin/ssh
* Mary installs ansible.
* Now openssh shows a serious bug and Mary updates openssh using "guix
-u openssh"
Obviously this will *not* update ansible, and ansible will still use the
old, vulnerable version of openssh.
OTOH, if ansible would run ssh via $PATH, ansible would pick up the new
version of openssh.
FWIW: some way to install openssh automatically along with ansible,
while not specifying a specific version of openssh to be used, thus if
openssh is updated (but ansible is not), ansible will pick up the new
version.
--
Regards
Hartmut Goebel
| Hartmut Goebel | h.goe...@crazy-compilers.com |
| www.crazy-compilers.com | compilers which you thought are impossible |
