How to upgrade php or python

Aristedes Maniatis ari at ish.com.au
Thu Dec 7 03:47:10 UTC 2017 

Matthew wrote:


> Assuming you have built your own pkg repository with poudriere and set
> the default php version to whatever you want, then a simple 'pkg
> upgrade' will do the trick.  This pretty much works for changing the
> default version of php as well as just patch-level updates.

> The trick with pkg(8) is not to try and upgrade things piecemeal -- it
> is much more complicated than it at first appears, and the likelyhood is
> you will end up with inconsistencies and even software failures.  It's
> pkg(8)'s entire reason for existence to sort out all of this sort of
> dependency relationships, and at the moment it does that best when it's
> allowed to consider all of the packages you have installed.

Although I understand the words you’ve written, that doesn’t match up with the reality of my actual server management or of how pkgng is designed:


=== Reality

For real servers, you may need to patch PHP for a security issue but not want to upgrade java. That’s just the reality of server management. I might want to upgrade vim but not apache24.


=== pkgng

Thankfully pkg already has a feature for that. 

   pkg upgrade vim


That’s a real thing which you are now telling me is catastrophically [1] broken and should not be used.

Even worse, there is a feature

   pkg upgrade -g php71-*


which is broken twice over. First you are telling me it should never be used. Secondly, it doesn’t behave the way it is documented since it installs ALL php71 packages even if you hadn’t previously installed them. So it ignores the “upgrade” command and instead behaves like “install”.



=== What should happen

pkg already is able to consider all the packages I’ve installed. It has a database in which that list is stored and it should understand dependencies. In fact it does that just fine. When I run

   pkg upgrade vim

it detects that a dependency also needs upgrading and sorts that out for me. Lovely. Thanks pkg.


If "pkg upgrade -g” worked as documented, then we’d also be happy. That’s identical to "pkg upgrade php71 php71-session php71-mysqli php71-ctype”, just a convenient way to not have to type what might be 20 packages.



So Matthew, I’m not having a go at you (and I’m thankful for the work you do), but to say I’m doing it wrong is perhaps missing the point. pkgng has a bug and I’m looking for workarounds. If I cannot patch security vulnerabilities in PHP without restarting all my java applications, then security issues will not be patches as often. And that’s bad.

I like that pkg’s entire reason for existing is to work out dependencies, but if you are saying I’m not allowed to use pkg for that purpose and I’m only supposed to upgrade everything to the latest version of everything, then there is a problem.


Please cc me, since I’m not on the list.

Cheers
Ari





[1] "inconsistencies and even software failures” which could result in loss of service


--  
-------------------------->  
Aristedes Maniatis  
CEO, ish  
https://www.ish.com.au  
GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A

More information about the freebsd-pkg mailing list