Thanks everyone for the feedback so far.
Considering centosplus and other repos that replace packages directly (same name), I can modify the proposal to accommodate. The biggest issues with this style of repo is that users typically blindly enable them, despite guidelines to the contrary from the repo maintainer. I can change the proposal to state that this style of repo is allowed, but must be disabled, with comments about why it is disabled. This may help prevent some users from blindly enabling it without understanding the consequences.
How does this phrasing work for yall?
* If the repository has the potential to replace stock packages when `yum update` is run, it must be disabled by default. * If the repository is disabled by default, comments must be included in the repo file to explain why.
Carl George Rackspace RPM Development
________________________________________ From: centos-devel-bounces@centos.org centos-devel-bounces@centos.org on behalf of Peter peter@pajamian.dhs.org Sent: Saturday, March 28, 2015 10:40 PM To: centos-devel@centos.org Subject: Re: [CentOS-devel] including 3rd party repo release RPMs in Extras
On 03/29/2015 09:32 AM, Carl George wrote:
https://gist.github.com/cgtx/b854281462a18007f509
If this looks familiar, it's because I used the IUS SafeRepo Initiative as a starting point. Please share your feedback and ideas.
Sure:
Must not have the same name as a stock distribution package.
Must not automatically install, upgrade, or replace stock distribution packages when the repository is enabled.
How do the above two rules affect a repository that is not enabled by default but would end up replacing stock packages if it is enabled by the user? As an example, this would happen with CentOS's own centosplus repository which is included in the centos-release package.
What about a 3rd-party group that distributes a .repo file with one repo that is enabled by default which is intended (by policy) to not replace stock packages, and another that comes disabled with explicit instructions on how to enable it and use it (more or less) safely, the latter being intended to replace stock packages?
Peter _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel
Carl George Rackspace RPM Development
________________________________________ From: centos-devel-bounces@centos.org centos-devel-bounces@centos.org on behalf of Peter peter@pajamian.dhs.org Sent: Saturday, March 28, 2015 10:40 PM To: centos-devel@centos.org Subject: Re: [CentOS-devel] including 3rd party repo release RPMs in Extras
On 03/29/2015 09:32 AM, Carl George wrote:
https://gist.github.com/cgtx/b854281462a18007f509
If this looks familiar, it's because I used the IUS SafeRepo Initiative as a starting point. Please share your feedback and ideas.
Sure:
Must not have the same name as a stock distribution package.
Must not automatically install, upgrade, or replace stock distribution packages when the repository is enabled.
How do the above two rules affect a repository that is not enabled by default but would end up replacing stock packages if it is enabled by the user? As an example, this would happen with CentOS's own centosplus repository which is included in the centos-release package.
What about a 3rd-party group that distributes a .repo file with one repo that is enabled by default which is intended (by policy) to not replace stock packages, and another that comes disabled with explicit instructions on how to enable it and use it (more or less) safely, the latter being intended to replace stock packages?
Peter _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org http://lists.centos.org/mailman/listinfo/centos-devel