From owner-freebsd-ports@FreeBSD.ORG Tue Dec 2 23:04:28 2014 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0F234F5B for ; Tue, 2 Dec 2014 23:04:28 +0000 (UTC) Received: from prod2.absolight.net (mx3.absolight.net [IPv6:2a01:678:2:100::25]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "plouf.absolight.net", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C7A2F194 for ; Tue, 2 Dec 2014 23:04:27 +0000 (UTC) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id DA9D8BDC24; Wed, 3 Dec 2014 00:04:25 +0100 (CET) Received: from atuin.in.mat.cc (atuin.in.mat.cc [79.143.241.205]) by prod2.absolight.net (Postfix) with ESMTPA id A2B63BDC1F; Wed, 3 Dec 2014 00:04:25 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by atuin.in.mat.cc (Postfix) with ESMTP id D2A371DA7A69; Wed, 3 Dec 2014 00:04:00 +0100 (CET) Date: Wed, 03 Dec 2014 00:04:00 +0100 From: Mathieu Arnold To: "Russell L. Carter" , freebsd-ports@freebsd.org Subject: Re: ports back channel Re: perl5.16->5.18 Message-ID: <539891BCDEB497060868026C@atuin.in.mat.cc> In-Reply-To: <547941C6.9010505@pinyon.org> References: <5478DE06.1040208@pinyon.org> <54790A05.3070303@pinyon.org> <547941C6.9010505@pinyon.org> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Dec 2014 23:04:28 -0000 +--On 28 novembre 2014 20:47:18 -0700 "Russell L. Carter" wrote: | The little major one is, a perl5 upgrade should not require | rebuilding ~2/3 of the ports tree. Maybe I'm off a bit, but | I don't think by a material amount. This turns out to be the | minor problem. I don't actually care, as long as the installs | respect my configs, have at it. It just spends an awful lot | of cpu time doing, what? Updating a version database? Yes, a major perl version upgrade should not require to rebuild everything, and the dozen commits I made to Perl and the ports framework this week, and a few other to come, will make sure you have to rebuild only stuff that really needs rebuilding. But at one point, to go from "you have to rebuild everything" to "you only have to rebuild those" I needed to move things around, and as stuff moved, you *do* have to rebuild everything this time. Next time, you will only need to rebuild ports that are linked with libperl.so.xx.y because other ports will not change. | I don't deny that the possibility exists that the fix | is trivial: that's not the point. The point is that to regain | painless access to the entry into the security domain many (few?) | rely on, I now have to search for this (hopefully) trivial fix. Well, I could maybe have changed the rebuild everything (like portupgrade -f -a) to rebuild everything that needs upgrading as I've bumped PORTREVISION on like 5k ports that were modified, plus everything that depends on libperl.so, but it was easier to just say everything than give a strange, complicated, and prone to errors, script that would do it. | You absolutely cannot break this because there are vulnerable | people in the field. Maybe you say they should never update, | but, what happens on a compromise? | | So these decisions are getting made outside of freebsd-ports. | Where are they getting made? I am uninterested in chiming in | except on something like pinentry. The pinentry thing was done, I think, in the committer's head that made the change (I'm not sure what exactly went wrong, but at the time, gnupg was upgraded and it was bad.) As for the NewPerlOrder change, I announced them on freebsd-perl@, I did a few code reviews, which nobody reviewed. I don't remember if I also chimed in here too. -- Mathieu Arnold