APT repository tracking feature
Hi,
it was recently pointed out to me as part of libsolv discussions,
that RPM systems do not do upgrades between different repositories.
I'm thinking it might make sense for us to do something similar;
record the origin of a package and only allow candidates to come
from that origin (while it's present), and other origins it declares
as allowed.
This would remove a lot of pinning needs I suppose. Say you install
Debian and add a third party repository, the new third-party repo
cannot upgrade any package from the Debian repository unless you
tell apt to do that.
I'm not sure how this would be implemented, but I think it'd
be useful. Likely, we'd keep track of o=Debian, l=Debian, ...
fields in extended_states when installing packages; and a Release
file can declare other repositories as allowed; for example, it
declares a Amended-By field with one match per line
(lines being ORed together):
# allow all Debian repositories to upgrade this
Amended-By:
o=Debian
# Only allow updates being installed from -security and -updates pockets
Amended-By:
o=Debian, n=buster-security
o=Debian, n=buster-updates
Potentially, another repository can declare to amend other repositories,
which would then cause apt to prompt you to accept that repository when
running update, showing the patterns it specifies, and the repositories
matching this:
"The repository ... declares to extend the following repositories:
http://deb.debian.org/debian/ buster (o=Debian, n=buster)
Do you want to allow this?"
FWIW, I'd call this behavior "repository tracking" (well, more like
repository family tracking).
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
Reply to: