On Friday September 09 2016 09:27:31 Lawrence Velázquez wrote: >> I know there's been talk about making at least parts of "base" updateable as >> a port; this could be an easy alternative. > >If our release process is too cumbersome and infrequent, we should change >that. I don't see reason to divide base's functionality more than it already >is.
In my perception, "base" updates usually come with a lot of updating installed ports and quite the share of stress if everything is going to work like before. There should indeed be no need for that; it should usually be possible just to update a file or two, at least as far as the Tcl library is concerned. >And I would definitely not want any security-related functionality to be >implemented in a portgroup, which is immediately pushed to all users. Who said everything about immediately, before it's well tested? The only thing that I'm taking into consideration is the fact that we may not hit the ideal implementation immediately that has all the required functionality and flexibility. > We have no evidence either way, so appealing to an invisible mass of > developers is not a convincing line of argument. It would just be a pity if that evidence starts coming in when people start complaining about things that are no longer as feasible as before. But I know I've probably raised an issue that's going to oblige me to start jumping through all kinds of additional hoops . > Apple provides developer certificates that can be used for signatures. Yes they do. But usually that's between Apple and the developer who pays to sign his/her software. In MacPorts it means that basically anyone with commit access can start using that certificate for free. And yes, revoking was exactly the risk I was thinking about. Either way, I'm just thinking aloud. If it's all FUD, so much the better. R. _______________________________________________ macports-dev mailing list macports-dev@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/macports-dev
