On Sun, 16 Jun 2013 10:39:34 -0600 Jake Edge jake@lwn.net wrote:
What I don't quite follow is whether all of those packages are in fact updated for security reasons or whether this is just an artifact of bodhi (or koji or something) ... I am sensing the latter ...
I'm not sure. :)
I think the issue was in a single package, but it may have needed the others updated as well if the fix was moving to a newer upstream version of that one package.
does 'kdepimlibs' or 'kdeedu' (to pick two at random) need to be updated for *security* reasons? or just because it got tagged with one (?) package that was updated to the same upstream revision (kdeplasma-addons ... others?)
Not sure. Or it could be that the one security update needed newer versions of the rest of the packages. I guess we should ask kde folks.
I don't know if this will be handled any better in bodhi 2.0, but we could surely look and try and handle things better. What would you like to see for an update like this? Different names for each package? Or some what to tag only those package(s) that are security updates?
Well, I would think Fedora users would only want things that are actually security updates to marked as such ... or are all these packages dependent on the Plasma add-ons somehow? That's what's confusing here imo ...
Yes, I think that version of plasma add-ons needs the newer rest of the kde stack, but not sure.
Copying kde maintainer here for some more info...
kevin