Hi. I used to think it was safe to use ~arch packages (through package.keywords) on a stable system until I saw bug #257047 - GCC 4.3 didn't have a strict enough glibc dependency. And comment #15 in that bug report is: "[...] we don't test or support half-stable half-testing toolchains, and they are likely to break, like in this case. if you're going to use an ~arch keyworded complier, you will need to use a ~arch libc."
OK, I will avoid ~arch toolchain components. What worries me is that I never saw a warning about this. Also, GCC 4.3.3 enables FORTIFY_SOURCE=2 by default and this breaks some packages. A developer said on 2009-04-10 they were only processing bugs that can be confirmed in ~arch. So an arch system with ~arch toolchain could hit many bugs and maybe such a system would even be less reliable than an entirely ~arch system. So: 1) Certain subsystems, like the toolchain, need to be "harmonious" - either all arch or all ~arch. What other subsystems have this need? 2) With the FORTIFY_SOURCE issues, it seems that an ~arch toolchain shouldn't be used in an arch system at all. Now my greatest practical concern: bugfix releases 3) Sometimes Gentoo takes a long time to stabilize a bugfix release like media-gfx/gimp-2.6.6 (the latest arch-blessed release is 2.6.4); this release fixes many bugs and entered Portage in 2009-03-18 and by searching on b.g.o I can't find any regressions; and it entered Debian testing in 2009-04-01. I don't know the cause of this delay; I guess the arch testing teams are overworked. I often put these bugfix releases in package.keywords. Isn't it wise to use the latest bugfix release in a given major version? For example, I want to use sys-kernel/vanilla-sources-2.6.27.x, and since the last arch version is 2.6.27.12, far from the latest upstream stable version (2.6.27.24), I put =sys-kernel/vanilla-sources-2.6.27* in /etc/portage/package.keywords/shortterm. When I see a new bugfix release of a package I care about, I look at the changelog to see the bug corrections. I decide how much to wait before putting the bugfix version in package.keywords depending on the severity of the fixed bugs (and I look at bugs.gentoo.org for any regressions, and I look if the version has been accepted in distros like Debian testing). For example, I put mail-client/claws-mail-3.7.1 in package.keywords nearly immediately due to the importance of the bug fixes. Is it wise to do this for any program? Maybe only for programs not part of the core base system (such as the toolchain, bash or coreutils*), relying on the developers for the base system? Or maybe I should just stick to all-stable, so as to not be different, and keep package.keywords for those packages where I really want a new feature (like packages with no stable versions)? * Speaking of coreutils, it is still at 7.1, with upstream having released 7.4, which fixes bugs in 7.1 .