on 7-8-2008 11:42 AM Axel Thimm spake the following:
I think a big problem comes when a repo wants to build packageX, but it requires fancywidgetv2.1. But the base system only has fancywidgetv1.9. How would you get packagex without the possibility of breaking something unless fancywidgetv2.1 has backwards compatibility with fancywidgetv1.9?On Tue, Jul 08, 2008 at 11:33:24AM -0700, Florin Andrei wrote:Johnny Hughes wrote:Client filtering is not recommended by some people ... but highly recommended by others :-DIt's a good idea on important systems - but then you shouldn't open those machines to outside repositories anyway.But if you don't do client-side filtering, you're helping the repositories to fix their problems and become cleaner. Everyone benefits in the long run.There is no "one true answer to rule them all" in this case. Use client-side filtering on the machines that must not break under any circumstances. Relax the policy in the other cases. Use common sense.Just to present an example from Fedora: clamav within Fedora was and is considered rather cumbersome packaged and many users turn to 3rd party repos to get clamav installed. If you place a filtering upon them, then some clamav subpackages will come from the 3rd party repo and some from Fedora base leading to a system that will possibly allow viruses to pass by. So actually the filtering will be destabilizing your setup instead of protecting them. The true answer to this is cooperating/merged repos and we're targeting this on rpmrepo.org. Join up and be part of the solution :)
-- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
