On Sun, Feb 16, 2020 at 11:08 AM John M. Harris Jr <johnmh@xxxxxxxxxxxxx> wrote: > > On Thursday, February 13, 2020 1:34:32 PM MST Chris Murphy wrote: > > But the contra argument is, well what if there is an urgent security fix? > > > > The repo metadata, I guess, needs some way of distinguishing urgent vs > > non-urgent security updates, so that GNOME Software knows whether to > > notify the user accordingly. But is there a reliable way of > > distinguishing between urgent and non-urgent security updates? I'd > > informally suggest "urgent" is something that should be applied today > > or tomorrow. Anything else can wait a week or two. > > That's an entirely subjective thing. I'd recommend prompting to install ALL > security updates immediately, but why not just give the user an option for > security updates? This is what Mac and Windows do, and it makes sense because > it's really the user's opinion of security updates that matter on their > system. Windows has a weekly security and virus definitions update, not every day. Windows Home has no user visible opt out. macOS separates minor version updates and security updates, security updates aren't more often than every few weeks. There's a very rare category of critical security updates that Apple can forcibly push onto user's machine without consent. The complaint on Fedora Workstation relates to frequent, sometimes daily, update notifications because a package has a security related update. The question is how to reduce this to once a week. -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
