On Wed, Feb 4, 2009 at 2:55 AM, Aaron J. Seigo <[email protected]> wrote: >> Or in some cases even just silently installing them? > > distro Q/A resources would have to _significantly_ increase for this to work > reliably. too many updates still break too many systems on too regular a > basis.
Right, this would require more QA than what is done now, so perhaps it should be reserved for urgent updates where sufficient QA has been done. I don't think the current update mechanisms have a way to flag updates as urgent or nonurgent, do they? I suppose packagekit could define some keywords, which if present in the package description, would control whether the update was optional, mandatory, or silent. It would be nicer to let Packagekit handle the daily updating, but until it supports silent updates, apps that need silent updates will have to trigger the update themselves. An open question is whether the app can depend on the distro already doing 'apt-get update' or the like (to get the list of available updates) daily, or whether the app will have to do that, too. > a typical aproach for third party applications is to do a version availability > check on app start and offer to update if a new version is available. if it's > a long running service, this can be done on a timed basis, of course. Yes. This particular third party wants the update of this app to be mandatory and silent (to maximize the chances that security holes in it actually get patched). I suppose the clickwrap agreement would have to tell the user clearly that the app will update itself silently via a root crontab job, to avoid surprising anybody. The app will be sufficiently QA'd, and as Andreas pointed out, the app had better be designed so that silent updates don't silently break running instances (whether that's done via a dialog telling the user to restart the app, or just making the app resiliant, depends on how clever the developers are). Alternately, the app could do a non-root install and handle all the autoupdating itself, but that just seems wrong in so many ways. Am I right in assuming that everybody prefers the "app triggers apt-get install daily" approach over the "non-root install and custom autoupdater" approach? - Dan _______________________________________________ Desktop_architects mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/desktop_architects
