Michael Catanzaro wrote:
On Fri, Feb 24 2023 at 12:00:40 AM +0100, Björn Persson
<Bjorn(a)xn--rombobjrn-67a.se> wrote:
> There are also other dangers with installing only security fixes. If a
> bugfix is released and packaged, and later it's discovered that the
> bug
> had security implications, then no security update will be made
> because
> the fix is already packaged. It might be possible to set a security
> flag on the update after the fact, but nobody will bother with that.
>
> I would therefore advise against using --security. If one can't
> install
> all the updates continuously, then one should use a more stable
> distribution than Fedora.
tbh I'd go so far as to propose that this functionality should not be
reimplemented in dnf5 at all.
I would personally not miss --security, but what is really useful is the
--advisory=… flag that used to be implemented by the same plugin. (They are
now both built in in DNF.) That is invaluable to test individual updates
from updates-testing. I would consider the absence of --advisory=… a
dealbreaker.
Kevin Kofler