From: Ricardo Wurmus <rekado@elephly.net>
To: Timothy Sample <samplet@ngyro.com>
Cc: guix-devel@gnu.org
Subject: Re: Upgrading packages with substitutes only (bug #26608)
Date: Sun, 18 Jun 2017 23:44:43 +0200 [thread overview]
Message-ID: <87lgop3r90.fsf@elephly.net> (raw)
In-Reply-To: <1497807874.3904845.1013277520.762D17E8@webmail.messagingengine.com>
Timothy Sample <samplet@ngyro.com> writes:
>>> In my opinion “--only-substitutes” should stop and report a list.
>>> If it continued without complaining there could be problems:
>>>
>>> * partial upgrades could leave the profile in an unusable state
>
> Maybe I don’t understand Guix that well yet, but I don’t think this is
> possible. At least I don’t understand how it would happen. Under the
> hood, the “--only-substitutes” flag would basically just be an
> intelligent “--do-not-upgrade” flag. Can I ruin my profile by misusing
> “--do-not-upgrade”?
There are many cases where partial profile upgrades are okay, especially
if software is independent. Problems usually arise when you have things
like Python modules in your profile. Upgrading some Python modules but
not others might lead to problems at runtime.
Arguably, one should be using manifests anyway when consistency is
required.
>>> * an attacker could use this to trick a user into thinking that they
>>> have all available updates
>
> I can always run
>
> $ guix package -n -u
>
> to learn what packages are out of date. (Except if I get frustrated by
> the fact that Guix is building a package to check if is different from
> an installed package and mash C-c C-c. :))
^^^^^^^
Oh, another “M-x shell” user :)
--
Ricardo
GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC
https://elephly.net
next prev parent reply other threads:[~2017-06-18 21:53 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-16 19:28 Upgrading packages with substitutes only (bug #26608) Timothy Sample
2017-06-17 22:34 ` Ludovic Courtès
2017-06-18 9:38 ` Ricardo Wurmus
2017-06-18 16:11 ` Leo Famulari
2017-06-18 17:44 ` Timothy Sample
2017-06-18 21:44 ` Ricardo Wurmus [this message]
2017-06-19 0:23 ` Carlo Zancanaro
2017-06-19 17:33 ` Leo Famulari
2017-06-19 12:02 ` Ludovic Courtès
2017-06-19 17:25 ` Timothy Sample
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87lgop3r90.fsf@elephly.net \
--to=rekado@elephly.net \
--cc=guix-devel@gnu.org \
--cc=samplet@ngyro.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.