On Fri, 10 Oct 2008 09:32:44 +0300
Mart Raudsepp <[EMAIL PROTECTED]> wrote:
> > Of those, and those in overlays, and those that are going to be
> > committed over the next few weeks, how many use src_prepare to apply
> > security related patches?
> A round zero. Security patches are going stable soon after entering
> portage tree, and EAPI=2 ebuilds can not go stable yet, as there is no
> package manager supporting EAPI=2 that is going to be stable in the
> next week or two (so maintainers make sure they don't use EAPI=2 for
> security fix revisions).

Oh really? So you're absolutely certain there aren't and won't soon be
any EAPI 2 bumps of non-EAPI 2 versions that include security patches?
And you're absolutely certain that there aren't, say, any packages that
sed a broken chmod in a makefile in src_prepare?

> I can not understand why this is dragged on. It was a bug, it is
> fixed. The sky is not falling and EAPI-2 is not broken - there was a
> bug in the implementation that is fixed.

The point of EAPI is to avoid these kinds of problems. The process is
failing and the fallout needs to be handled.

Ciaran McCreesh

Attachment: signature.asc
Description: PGP signature

Reply via email to