-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Martin, On Wed, 22 Jun 2022, Martin Michel wrote:
Erich,
thanks for sharing this! It is a great idea, I like the concept.
I see some advantages to the alternative, i.e. keeping personal, local ports. Mainly I do not have to keep/track two ports of the same package, that's nice.
The system is not perfect, but for minor changes (e.g. adding an option in the Pkgfile) it's pretty straight forward.
Of course nothing is perfect, but where do you see the main drawbacks or what are you practical limitations?
The main drawbacks are: * Sometimes, you need to adapt patches, because unrelated, but adjacent lines in the Pkgbuild changed. * It seems to be against the KISS principle to add a layer of patches. * You need to re-sign all packages which you changed. Thus, you need your own ports signing key, and if the script makes some error when checking the signature, you loose the signature integrity check completely (the changed package will be re-signed, thus trusted by pkgmk). This is sub-optimal from an academic point of view. * Updating ports incrementally will not work for patched ports: `ports -u` will update them to the unpatched version and then patch them again. Depending on how many ports you intend to change and how often you do `ports -u`, this might become an issue. * There's no documented way to bootstrap. And you will need to bootstrap each time, you replace the `ports` package by a pre-compiled one (e.g. by doing a verion update of crux itself).
—Martin
regards, Erich -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAmKzeXYACgkQCu7JB1Xa e1rWPBAAh9dvWacqsPeKDwgddRrxhi2JbgCKgS7A6akM1bb/84i1bhrygfZB6d/4 Q+dui9vvTKbzH5ETp86wLqn4YkBLi5uM0bW3a2KGgzaGevi6Pu0YmwHrnRu7Woti lCb2Fjv5nSNiEKx/Tx4/B6QSds0+u3fg4WSWgsrDRmRIAuNCt/c2QtHUXRMYXupI fpA3fud8khxnbXHfZYmGSfcDKjuRKbDw/oyrGMeV8DMU8IdljT6gJI08LQzmr+uq Xqt2F4e1jMsZUrn7+Xt5+7UEMPKXNtniEaOs5o8tuBxFLXYXjDnJMjgIvf24dEhd 2VIm67TfoeSP1WTc8BSzgQxwuEQo8Zx4hezIgj9dXUWVrMJMMmERKv0Uuov88WaT WHeTnngkfOjy/wZmaKVzU7sAwvmapPBZjFdTCS7ebm9Hzc/070wZnEMCqYpL29pQ lM93hHYsRpfpiufrWbOpNPNNNMtMBYAp0VTb1jSxHvdES3RaYcCS4Nqh18POj5m2 Uc2irpB8bXSHOH25qBue1deuDuYP+L6rq2SD97lChRb0c1sM1Hc8YArGNVcrvfD7 Ji774ZwhgToHmgOVOKS6o6i7ppOzHBzljXGCKpnJ2UWKCO0YktHyb3n7dtFFJg1Z F/3YbntjgEsHNOEtgFg5tHlwd57x6TG7g0EtpdlWI1kPvizd1ng= =xeIu -----END PGP SIGNATURE-----