From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Daniel Mendler via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Newsgroups: gmane.emacs.bugs Subject: bug#74604: 30.0.92; FR: M-x package-upgrade - offer an option to show a diff on upgrade Date: Fri, 29 Nov 2024 16:39:27 +0100 Message-ID: <87h67quk0g.fsf@daniel-mendler.de> Reply-To: Daniel Mendler Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="6162"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: Philip Kaludercic To: 74604@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Fri Nov 29 16:40:18 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tH36Q-0001Q1-Hn for geb-bug-gnu-emacs@m.gmane-mx.org; Fri, 29 Nov 2024 16:40:18 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tH36C-0005GF-Pg; Fri, 29 Nov 2024 10:40:04 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tH36B-0005Ft-1B for bug-gnu-emacs@gnu.org; Fri, 29 Nov 2024 10:40:03 -0500 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tH36A-0008Lf-Og for bug-gnu-emacs@gnu.org; Fri, 29 Nov 2024 10:40:02 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:From:To:Subject; bh=BZSGb/Tq1EzCcQ6plhTjI+Q9vASbIa2lijBFW1IJ1tM=; b=MzKujzv8VY2iJHypAkvic64xgQ7/I/PV0H6IzQ3vGPVdHmGk6srzKfRRpR2G4I+LisAEft8JRRGlr7jtEcsW8ILcEHiRt14/aMdEXSwu8eNQiQ4XHvL6oL30sJbZC9WFmAINvWdp+KyTJKa0CjKXQK3xTmYQvAK4VD5ydQirqaX79nrydTIkNSWnwvIYWZ51JmgBcNwujQThph/+DvZVJc1wreGq04mWzBhl3lM260vX6dwtde6LzDFhhCEkGI6rjIRF/48wZYcUAKwu0iczHa7wW6KW5HSYnl6QcdHFKpYJV62roQu3VZbbeXhN03Kh4mEIlavD/sfuW7DQOH18Zg==; Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1tH36A-0007HF-KZ; Fri, 29 Nov 2024 10:40:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Daniel Mendler Original-Sender: "Debbugs-submit" Resent-CC: philipk@posteo.net, bug-gnu-emacs@gnu.org Resent-Date: Fri, 29 Nov 2024 15:40:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 74604 X-GNU-PR-Package: emacs X-Debbugs-Original-To: bug-gnu-emacs@gnu.org X-Debbugs-Original-Xcc: Philip Kaludercic Original-Received: via spool by submit@debbugs.gnu.org id=B.173289479427947 (code B ref -1); Fri, 29 Nov 2024 15:40:02 +0000 Original-Received: (at submit) by debbugs.gnu.org; 29 Nov 2024 15:39:54 +0000 Original-Received: from localhost ([127.0.0.1]:44078 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tH361-0007Gf-HZ for submit@debbugs.gnu.org; Fri, 29 Nov 2024 10:39:53 -0500 Original-Received: from lists.gnu.org ([209.51.188.17]:37432) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tH360-0007GY-9e for submit@debbugs.gnu.org; Fri, 29 Nov 2024 10:39:52 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tH35z-0005Ct-Df for bug-gnu-emacs@gnu.org; Fri, 29 Nov 2024 10:39:51 -0500 Original-Received: from server.qxqx.de ([2a01:4f8:c012:9177::1] helo=mail.qxqx.de) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tH35x-0008B4-3O for bug-gnu-emacs@gnu.org; Fri, 29 Nov 2024 10:39:50 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=daniel-mendler.de; s=key; h=Content-Type:MIME-Version:Message-ID:Date: Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=BZSGb/Tq1EzCcQ6plhTjI+Q9vASbIa2lijBFW1IJ1tM=; b=mXUMML4jCxLUNrJwsp88Zif6pF PT6yfeiLY7DiVzgUcdYSkX5Gm7IObipYkNCAwoOzv15RSDWRqo9AWML5XrC9TXLqCfXh5bFSyOeEl Qw6HZGtxIANlmZ1FpC4gkFLdPpAW54eT1ZUDZbcnRxpc2gGOBmAqT/7N/KgpjSVYQkPI=; Received-SPF: pass client-ip=2a01:4f8:c012:9177::1; envelope-from=mail@daniel-mendler.de; helo=mail.qxqx.de X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:296094 Archived-At: This is a feature request for the security wishlist. When upgrading package it would be good to show a diff between the new and old package files. Such an option could help performing review casually as part of the upgrade process and may improve the security of the package archives. More eyes would look at new package versions. This would make it harder to inject malicious code either via the source repository or via attacks on the package archives.