-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature Request] Provide API to access a solvable's update candidate #474
Comments
@JonathanKang I don't know how this should work. Our domain are (rpm)packages. Whatever appdata.xml describes does not map well to our packages and the primary.xml we refer to. And most repos seem to provide no appdata.xml at all. That's why we don't consume them. Take for example gnome-shell-extension-gpaste in our current 15.4 repo-oss:
And the only occurrence of it in the repos appdata.xml:
Apart from the name they seem to have not much in common. And many packages do not even occur in appdata.xml. A |
Okay. I thought libsolv would provide such data, but it turns out that it doesn't. With my testing with Fedora and Ubuntu, they both are able to generate such data and feed it to PackageKit. So I wonder whether we openSUSE can do the same. Ubuntu has a class named Maybe we can implement something similar? For instance, use changelogs from .changes file in each package to provide such data. These are maintained by package maintainers and they represent what's changed from previous version very well. |
Regarding
A zypp::Patch however is associated with a bunch of packages. You can't tell exactly which defect applies to which (subset of) packages. As you can see, Patches do not require a specific version of a package, but they conflict with the vulnerable versions. The versions in the conflicts are the least package versions fixing the issue. The In case maintenance also provides a detailed list of issue references for the patch (CVE or bugzilla IDs e.g) the Patch::ReferenceIterator will provide them. |
Regarding
Due to their (download)size and the (time)penalty when caching and loading them into the libsolv pool, we don't download other.xml and filelists.xml. That's why the Package::changelog is available for installed packages only. AFAIK there is a |
A new API to get a package's update candidate and its related information(especially release note) will be helpful to implement
get-update-detail
method in PackageKit's zypp backend to fix this bug.The text was updated successfully, but these errors were encountered: