cvsup tag for ports

[Michael]

Erik Trulsson wrote:
> On Sat, Feb 10, 2007 at 02:06:37PM -0800, Michael wrote:
>   
>> Hello everyone,
>>
>> I'm building a production server and I have what may seem to be a very 
>> simple question so I hope it only requires a simple answer.
>>
>> As I've studied the FreeBSD Handbook as well as the man pages for this, 
>> it's still not clear to me which tag I should use for a production server.
>>
>> For my sources I always use the security branch for the release we are 
>> using so that they stay stable and also plug most of the security issues 
>> as they arise and so the sources tag is always RELENG_6_2.
>>
>> For the ports, the default tag is always tag=. which I'm not sure is the 
>> best thing for a production server since that's the tab for -CURRENT.  
>> On one hand it makes sense to track that branch for ports because that's 
>> where fixes would go for applications as they find them, but I'm not 
>> convinced this is the best thing for a production server and wonder if I 
>> should also use the security branch for the ports.
>>
>> My first question is, does any real security fixes go into the ports 
>> when you pull from a security branch?  In other words, do maintainers 
>> actually submit fixes to that branch for the ports?
>>
>> I have a similiar question for the docs as well, should we be tracking 
>> only the security branch when using cvsup for sources, ports and doc's?
>>     
>
> Neither the ports tree nor the docs tree is branched.  I.e. there is no
> security branch for ports.  
> On the other hand you are not required to update installed ports/packages
> just because you update the ports tree.
>
>
>   
What do you mean they aren't branched?  Of course they are or they 
wouldn't be in cvs and if I changed the tag, it wouldn't do anything 
(they wouldn't change on running cvsup), but they do change (ports get 
deleted/added/edited.), so I'm not following you here.

Can you elaborate on what you mean?

Thanks,

Michael Lawver