Re: An idea.... (Was: debfind.net (was: GNOME-HELIX))
On Fri, 30 Jun 2000, Clay Crouch wrote:
> How's about putting lintian functionality in APT itself such that
> it _quitely_ checks a deb during/after fetch for policy violations,
> and possibly for namespace conflicts. If violations are found, it
> warns the user that they might be about to break their system....
>
> Also, we could put enough GPG functionality into APT to check package
> signatures. If a package is not signed by a current Debian maintainer,
> the user is warned.
>
> If APT finds either policy/namespace violations or non-signed packages,
> it prompts the user as to whether or not they _really_ want to install
> the package, and if they do, the install continues regardless of any
> breakage that may occur.
>
> I am not sure of all of the technical ramifications of such a thing,
> and I know that it would slow the apt-get process a bit, but would
> something like this be worthwhile?
>
The problem as I see it is that apt-get would have to download the whole
thing before it could run lintian on it. So let's Joe Schmoe has Xfree86 4
debs, would I have to download all 50MBs to find out he installed
everything into /etc?
A workaround could be if dinstall ran lintian and output the result to
some webpage in a fixed location.
Then if you did
apt-get --check-quality joeschmoe-xfree86_4-1_i386.deb
it would go out to the page and display the results.
--
Jaldhar H. Vyas <jaldhar@debian.org>
Reply to: