On Thu, 20 Apr 2006, Pascal Bleser wrote:
You are mixing up two different things: 1) using YOU as a channel to provide other updates, not only security or critical ones 2) access to the sources of the packages on SUSE Linux
I'd just like to mention for the 1st item that this totally voids the YOU approach in my opinion, from the perspective of a 3rd party packager. Patch RPMs aside (too complex and time-consuming to maintain), YOU is just a notification mechanism. There is no reason for it to be a separate channel for getting RPMs (well, there is one reason, read at the end ;)).
I think that the concept should be refined here, if we head in the direction of having broader updates on released SUSE versions and real integration of 3rd party packagers, something that has been totally ignored in the past.
Using/accessing additional package repositories has been a feature of YaST for quite some time already -- however, creating those repos was challenging in the past, due to the lack of proper documentation for example. I think we have made significant progress in this area with 10.0 (which introduced support for repomd/yum repos) and especially with 10.1 (which may sound a bit exaggerated, considering the current state of libzypp -- but at the end of the day, it still improves the repo handling a lot ;)).
YaST2 should also get a decent way to update existing packages. This is currently (as of 10.0) a real pain to do, there's no obvious option. You have to select "package categories", go to "zzz all", right click on the right pane, "this list..." -> "update if newer version available". It's too complex, there should be a single icon in the YaST2 menu to do that operation in a dedicated way, since it's what almost every SUSE Linux user is doing, every single day for many of them.. well, at least those who use 3rd party repositories like mine, Packman, etc...
Offering an update repository (in repomd style + patch infos) should pretty straightforward on 10.1...
And while y2pmsh has a "newer" command to show what updates are available, it doesn't have a "install-newer" (or similar) command, so you have to specify them yourself from the list shown by "newer".
"smart update && smart upgrade" is so much easier, it's what I recommend to everyone.
Exactly -- y2pmsh is basically dead, so pushing people into the smart direction is the right thing(tm) ;)
Doing that with YaST2 would be a much more tedious operation: - adding 2 installation sources (the GUI should really accept URLs instead of splitting into "protocol", "server", "directory on server", what a pain)
+1 -- should be fixed for 10.2 ;)
- make sure they're on autorefresh
Which sould actually be the case by default, IIRC.
Now, to come back to YOU... The only real added value of YOU is the following additional information: - description of the update - severity (critical, security, minor, ...)
Have you looked at the new update trees for 10.1? They contain repomd stuff out-of-the-box + the additional information is stored in a repomd-alike way, which could be created by 3rd party packagers as well. I think it could even become a feature of the openSUSE build service to create/provide special update trees or add those kind of additional information to repos it creates. (But that's something for... later ;))
That information is not available in repository metadata formats as of now (neither in YaST2, nor apt-rpm, nor rpm-md and I guess it's not possible in red/open-carpet either).
That's the problem ;)
An update/change description could be pulled out of the RPM %changelog, although I don't know whether that information is stored in current repository metadata formats like rpm-md.
But the severity information isn't available by any means.
See above -- the stuff we did for the update trees is quite an extension to what repomd offers right now, but it should be relatively easy to add this to smart and $other_packages_manager(s). Regards Christoph