I'm uncomfortable with the level of information readily available when
an update comes down the pipe. What can be done to improve the situation?
I'm not trying to second-guess the folks who push the updates; I'm
amazed at the high quality of the updates, but I would feel a lot better
if I had a better idea of what was being installed and why.
Ok, so something tells me there is an update available for gimp. How can
I review the purpose and scope of the update, preferably before I tell
yum to go ahead and install it?
Here's what I see now:
======================================================================
Package Arch Version Repository Size
======================================================================
Installing:
gimp i386 2.2.16-2.fc7 updates 13 M
Transaction Summary
======================================================================
Install 0 Package(s)
Update 1 Package(s)
Remove 0 Package(s)
Total download size: 13 M
Is this ok [y/N]: y
Here's a rough example of what I'm looking for:
----------------------------------------------------
ID: gimp-SECURITY-0707121637
Name: gimp -- GNU Image Manipulation Program
Versions: 2.2.15-3.fc7 -> 2.2.16-2.fc7
Repository: Fedora 7 Updates
Size: 13M
Update: *SECURITY* Several local vulnerabilities fixed
URL:
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00260.html
----------------------------------------------------
Is this ok [y/N]: y
What I know already:
0) Set yum debuglevel=1
1) Subscribe to fedora-package-announce or check the archive
2) Check the Fedora Wiki http://fedoraproject.org/wiki/FSA
Is there a news feed somewhere?
All of these are useful, but not very effective at a) focusing on the
most important information, and b) delivering it in a way that's
convenient when the updates are ready to be processed.
Is there something better? Something that would provide the "Update
Information" field from the email announcements, or a link to the update
announcement (or both!), right from yum or pup? As I recall, RHN and
up2date did this very effectively.
The other key piece of information I can't seem to access easily is the
exact package version *change*. I only see the new package
name/version/release but not the old. If the update is a major version
change, I'd like to be aware of it. Yes, the yum debug messages will
give it to you, but it's a needle in a haystack.
<Joe