debian-archive-keyring should Recommends: gnupg not Depends: it
Changing this would allow installs to not have the whole dependency
tree of gnupg, while still providing the upgrade path that the recent
upload of apt was done to provide.
[Upgrades would install debian-archive-keyring, which would install
gnupg if Recommends are set to be installed.]
13:21:41 <peterS> pusling: I'm not talking about apt recommending the
keyring, but the keyring recommending gnupg
13:22:04 <dondelelcaro> right, which would resolve the issue
13:22:10 <dondelelcaro> since the keyring is small, it's no big deal
13:22:16 <Q_> dondelelcaro: It seems recommends don't get installed on
upgrade, so you'd have debian-archive-keyring without
gnupg.
13:22:24 <dondelelcaro> Q_: no, you wouldn't
13:22:46 <dondelelcaro> Q_: if you already had debian-archive-keyring,
you'd have gpg. If you didn't, you'd get it
installed if you were isntalling
debian-archive-keyring for the first time
13:22:59 <dondelelcaro> (Assuming you asked for recommends to be
installed and were using a frontend that
understood them)
13:23:11 <Q_> dondelelcaro: Oh, right.
13:23:48 <dondelelcaro> although, I think the right solution is for
apt-get, aptitude et al. to notice when the
recommends have changed and suggest that they
be installed when that's the case
13:24:05 <dondelelcaro> but that's clearly much more complicated
13:24:21 <peterS> also, I expect aptitude to deal more gracefully with
a missing gnupg than with a missing archive keyring.
the latter might just mean you trust _other_
repositories instead. the former means you have no
way of checking and it shouldn't whine.
Don Armstrong
--
"You have many years to live--do things you will be proud to remember
when you are old."
-- Shinka proverb. (John Brunner _Stand On Zanzibar p413)
http://www.donarmstrong.com http://rzlab.ucr.edu
Reply to: