--- Comment #6 from Homer Xing <homer.xing(a)gmail.com> 2010-04-06 16:59:28 ---
I'm pretty sure that messing with people's software repository configuration is
not acceptable in a package. (I haven't taken a look at how this was achieved
in this package).
An example why this might be bad: eg user installs package A from (removed
repo), that requires current versions of libraries. They then install this
package, which disables the repo. Fedora offers security patches for the libs
that package A requires (specific version). Now the user can never successfully
update to the security fixed packages because yum sees that the installed
package would break.
ps. I haven't performed a normal review.
You are right. Installing a package from third-party repository will lock down
the versions of libraries, for example, when the maintainer of the third-party
repository forgets to upgrade the package.
However, I have not found out a solution yet. Should I completely remove all
third-party repositories from Ailurus?
Configure bugmail: http://bugzilla.rpmfusion.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
You are the assignee for the bug.