On 2/4/14, Xavier Bachelot <xavier(a)bachelot.org> wrote:
+1 for system-config-repo, user interaction is much better than silent
enablement of repositories on package installation. I would just like a
feature to remove all packages coming from a given repo when it is
disabled by the user, in order not to left installed packages that will
not receive (security) updates anymore.
Although a good idea it's not trivial since it's to too much to put
into a scriptlet. The best for now is probably if you file a bug at
system-config-repo upstream .
Also, iirc, some repos are providing packages with known security
While some users might need these repo/software for good or bad reasons,
they should be warned to be extra careful. I'm thinking of AcrobatReader
here, but there might be others.
Basically, this should come up if/when someone submits a review
request for this repo. I plan to show some text before enabling a
repo, and this text is not generic. So there will be hooks to enter
whatever warning(s) we want to give.