Dovecot v2.3.14.1 released
Eirik Rye
rye at trojka.no
Thu Jun 24 12:46:38 EEST 2021
On Wed, Jun 23, 2021 at 5:03 PM Timo Sirainen <timo at sirainen.com> wrote:
> Hmm. That kind of symlinks haven't been done before either, so it's not at least a change from previous Dovecot repository behavior. Also it would be a bit tricky - how would you install 2.3.14 specifically if it became a symlink? I guess we could always make it 2.3.14.0 and add 2.3.14 symlink to it, but that also feels a bit wrong since there never was 2.3.14.0 release exactly.
I would expect *all* versions starting with "2.3.14" to be in the
`ce-2.3.14` repository. In this case, the packages for 2.3.14 and
2.3.14.1 would be in `ce-2.3.14`. Then we let the package manager work
its magic to ensure we have the latest patch/security version
installed. The way it is now, there is literally no way to receive the
2.3.14.1 security update without manually updating your apt source
lists to `ce-2.3.14.1` which makes me question the value of using a
repo in the first place.
If someone, for some reason, specifically wants to install the
previous 2.3.14 release, they can pin that version or do `apt-get
install dovecot-core=2.3.14 && apt-mark hold dovecot-core`
The same would go for `ce-2.3-latest`, which would contain binary
packages for 2.3.14, 2.3.14.1, 2.3.15, and any future versions.
Regular users would get the latest 2.3.15 release as normal, but
advanced users can pin to a specific version prefix, e.g.:
Package: dovecot-core
Pin: version 2:2.3.14*
Pin-Priority: 1000
For reference, look at Google's Kubernetes repository
(https://packages.cloud.google.com/apt/). They provide every
historical version in a single repository. I think this is an
intuitive way of doing it, that also allows (and suggests) the user to
use apt's somewhat powerful pinning mechanisms to select desired
versions.
- Eirik
More information about the dovecot
mailing list