[Catalog-sig] PEP 345 Update
Tarek Ziadé
ziade.tarek at gmail.com
Mon Aug 23 15:37:19 CEST 2010
On Mon, Aug 23, 2010 at 1:44 PM, Laura Creighton <lac at openend.se> wrote:
> In a message of Mon, 23 Aug 2010 04:09:17 +0200, Tarek Ziadé writes:
> <snip>
>
>>Frankly, I don't really understand why you are concerned with this trust
>>issues,
>>a end-user that installs a software is already trusting it, since it
>>installs it...
>>
>>If you don't trust a project, and in particular what it claims in its
>>Obsoletes or
>>Conflict fields, just don't install it, and you'll be fine.
>>
>>
>>Tarek
>
> I need to be able to download packages so that I can evaluate them and see
> whether I trust them -- and whether I agree with the package author that
> this package makes obsolete a different one that I am already using. I
> won't be able to make this sort of evaluation if my old existing packages
> are blindly removed.
This will never happen: the installer will stop and just state that
there's a conflict
and the installation cannot continue.
Exactly like it does if a installed version of "Foo" is conflicting with
the version of "Foo" the project to be installed wants to use.
e.g. this is to be addressed at the installer software level
> Laura
>
>
--
Tarek Ziadé | http://ziade.org
More information about the Catalog-SIG
mailing list