[kwlug-disc] What's the best desktop distribution?

Chris Frey cdfrey at foursquare.net
Thu Feb 4 16:48:50 EST 2010

On Thu, Feb 04, 2010 at 04:31:40PM -0500, Khalid Baheyeldin wrote:
> I don't think Paul was saying he would pull Drupal/Gem/CPAN/PECL/...etc
> stuff from any random site. He would be getting them from the authoritative
> repository (e.g. drupal.org, cpan.org, php.net, ...etc.)
> So the security risk here is minimal.

True.  I consider that "random" to some extent too, unless the sites
I download from have a steady signed download process.

I didn't mean to imply that Paul runs just anything. :-)

> So Lori is right.  The problem is that people aren't using apt enough.
> >
> > If you go to the trouble of making your own repository, might
> > as well put it on the net, and share it.
> That is exactly what CPAN/PECL/Drupal do ...

Well, well!  So they do!


I assume that solves a good chunk of the problem.  Thanks.

> Yes, but Paul's point is that we have a myriad of them for each language.
> Even though it is fairly easy to pull stuff from the respective repository
> for that language, it bypasses APT's dependency checking mechanism.

I'm a little confused by this.  Why would they make deb packages
that don't have the right dependencies?  Apt just provides what the deb's
themselves ask for.


> The issue here is release cycles. Debian is very slow to come with
> stable releases compared ot other stuff. For example, Drupal used
> to have a 6-8 month release cycle for core, and several hundred
> modules. Now the cycle is more like 2 years for core, but there
> are 3,000 or more modules out there, with various maintainers.
> They tend to move at their own pace, often very quick, and hence
> does not fit into the Debian repositories. We had really old stuff
> in Debian as far as Drupal is concerned.

... the dependencies of the manual deb packages mean that you
have to run Debian unstable all the time?

- Chris

More information about the kwlug-disc mailing list