[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hotfixing older Emacsen? Was: [ANNOUNCE] Emacs 25.3 released
From: |
Stefan Monnier |
Subject: |
Re: Hotfixing older Emacsen? Was: [ANNOUNCE] Emacs 25.3 released |
Date: |
Mon, 18 Sep 2017 07:38:36 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) |
>> > Crazy though: why don't we hot-patch existing Emacs installations?
>> > Concretely, that would mean including that fix in a widely used ELPA
>> > or MELPA package. Then users would get the fix upon the next update.
>> This verges on a universal back door, aka "auto-upgrade"
>> which is a form of malware normally found in proprietary software.
> What if the user was asked for a confirmation before upgrading?
> Would that be a good solution?
I think fixes should be in a separate package.
If we really feel it's necessary, we could consider adding some code to
some unrelated popular package which could do something like:
- look for known bugs (fixed in security-patches)
- if found some, tell the user, suggesting to install the
security-patches package
-- Stefan
Hotfixing older Emacsen? Was: [ANNOUNCE] Emacs 25.3 released, Clément Pit-Claudel, 2017/09/12
Re: [ANNOUNCE] Emacs 25.3 released, Charles A. Roelli, 2017/09/13