On Fri, 08 Oct 2010 20:03:05 -0400 William Yodlowsky <[email protected]> wrote:
> On 7 October 2010 at 14:52, Kevin Chadwick <[email protected]> wrote: > > > I came across "How to track port updates in stable" in the mailing list > > archives. > > > > http://openports.se looks cool but I can't find the stable branch and > > the http://www.openbsd.org/pkg-stable.html seems to have stopped at 4.1. > > pkg-stable talks about updated *binary packages* for -stable, not > updates of the ports tree. > fair enough I thought the only updated packages were snapshots. > http://www.openbsd.org/faq/faq15.html#PortsSecurity > > > Up untill now I've simply updated a current and stable ports tree. > > You're not mixing -current ports on a -stable src, are you? > http://www.openbsd.org/faq/faq15.html#NoFun > Almost always no, occasionally if firefox works or can be made to work easily but I was thinking about servers when posting this. > > I was wondering if there was a faster way (no download) along the lines > > of. > > > > /usr/bin/cvs -n -d server:/cvs/openbsd/ports/mail/dovecot diff > > -r -rOPENBSD_4_7 distinfo > > > > Or if anyone knows of any new sites or ways. I'm quite happy with simply > > updating the ports trees but thought I could use it to help decide > > whether to use current or stable on a certain system and when to update > > my trees. > > ports-changes will tell you about -stable commits; look for the > OPENBSD_4_7 tag, for example. There is also an unofficial Twitter feed, > but it has stalled. Or, create your own by updating nightly from cron > with something like this (untested): > > cd /usr/ports && cvs -q up -rOPENBSD_4_7 | grep -E '^U ' > > So you get email of what has been updated. Or, parse that and rebuild > the package... you get the idea... > Yeah I hadn't joined ports-changes until a couple of days ago and so haven't gained the experience of how well stable is maintained, however I can look at the mailing list archive and cross reference patches etc.. The tip about the OPENBSD_4_7 tag helped, taa. Obviously some ports are easier to gauge than others. I look up php5 and see that current is well maintained. Stable is at 5.2.13 but there was a major rework on the 27th jul. 5.2.14 came out on 22nd jul. The rework moving config to /etc looks good and has many patches the name of some of them look like they could be security backports from 5.2.14 but it hasn't been committed. Does this mean that when committed (hopefully without driving robert nuts) and so usually, stable php is kept upto date security wise assuming rob and williams efforts continue, but it just happens that at this moment a current web server with php is the best option but normally stable would be more, shall we say guaranteed and still secure. I hope you don't see me as taking everything this community already does for granted but would it take more than a tiny amount of work to add the stable ports tree to the web cvs because looking at patches that way, would be rather handy. Thanks to you all, Kc
