Debian Weekly News - email
From: Jason Gunthorpe <firstname.lastname@example.org> Date: Mon, 18 Sep 2000 22:15:45 -0600 (MDT) To: email@example.com Cc: firstname.lastname@example.org Subject: A thought on urgency Here is a (rephrased) thought Joey Hess brought up: Now that APT has a pinning mechanism it would be very nice if you could automatically install higher urgency upgrades and leave low priority stuff behind. Right now we have an urgency field in the changelog but that is neither adaquate information or in the proper place for a feature like this. The idea we struck on was for each package to have a 'urgency serial number' which exists on the ring [0...N]. The difference in the priority serial numbers of any two packages indicates how urgent the upgrade is. We can map our current schema onto the strata formed by the difgerences in urgency between any two versions: >100 High urgency security fix >50 High urgency fix >25 Medium urgency fix otherwise low urgency fix To implement this each package would get a new field dubbed Urgency-Serial which would default to 0 if the field is omitted. We'd use modular arithmetic on [0...4G] (to deal with wrap around) and like versioning each maintainer would be responsible for incrementing this field if there is a reason to. APT users could specify they would like to install all high-urgency packages (apt-get install-high-urgency) or use the pinning mechanism to 'soft track' a distribution: Package: * Pin: urgency >50 Priority: 900 Package: * Pin: release * Priority: 50 Which effectively means 'only upgrade to packages if there is an urgent reason to do so' Another option would be to hybridize unstable/stable so that packages get installed only if there is an urgent reason to do so. [There are some problems with this in general since multi-version problem resolving is not something I intend to implement, but on a small scale I think it is feasable] GUIs would have available a means to sort and show the user what is very urgent that they install and the magnitude of the difference would indicate the severity. Example, 3 security bugs are found in package foo. It may have a version sequence that looks like: Ver=1.0 Urgency=0 Ver=1.1 Urgency=100 Ver=1.2 Urgency=200 Ver=1.3 Urgency=300 Ver=1.4 Urgency=300 A user not at 1.3,1.4 will be able to detect that there is a strong reason to upgrade from [1.0,1.1,1.2] but that the change from 1.3 to 1.4 is non-urgent. What do you all think? Jason
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Joey Hess.