"pkg updating" is unreliable

This has bothered me in the past several times, but I was just reminded of it, so I figured I'd post about it before I forget again:

According to "man pkg-updating", it "scans the installed ports and shows all UPDATING entries that affect one of the installed ports." That sounds very useful, and in fact I use it frequently, and have for a long time. However, it's not actually true. The command is unreliable, and quite possibly dangerously so.

The problem is that it relies upon the messages in UPDATING being in a particular format (seemingly, the "AFFECTS" line has to have the package name), but there is nothing enforcing that they actually are in that format. So, for example, just a week or two ago, "pkg updating" did not show me that my installed package lang/python311 had an UPDATING entry that affected it. This seems to be because the entry was labeled with "AFFECTS: Python users" (which, to be clear, does not contain the string "lang/python311").

I haven't seen anything (e.g. in "man pkg-updating") about this, nor how to make it reliable. If there is such a way, I'd love to hear about it. If there's not, though, maybe something should be done about it. For example, perhaps instead of just a text file that maintainers can change arbitrarily, a little program to check the format of the text file before the change can actually be successfully submitted to source control. Or, maybe even have maintainers submit their entries to some DB-centric app instead of to a text file.
 
pkg updating seem to want ports name exactly appear in AFFECTS: line (with or without *) of UPDATING entries.
This would be because there are NO indexes for UPDATING available covering all combinations of category/port and PKGNAME.
 
It's not an easy task, see the thread Automating port search in UPDATING file. Without a specific format of AFFECTS entry, you always have to read all the content /usr/ports/UPDATING file, at least the ones at specific date after last update of each port (I hope I explained myself), that means for each installed port get the installed/last updated date with pkg query '%t' pkg/port name, then for each entry check AFFECTS if it match a pkg/port, if not and the date of the entry is after the earliest entry of the installed/update of all port, show it. This way the script filter all the entries for not installed ports except the one the script does not recognize which pkg/port it refer to and only if the date is after the last update of all installed pkg/ports. It's convoluted but it's the best I could do and for most ports.
 
Back
Top