[MacPorts] #40068: subversion: change dependency on curl-ca-bundle to support certsync

Lawrence Velázquez larryv at macports.org
Mon Aug 12 11:35:57 PDT 2013 

On Aug 12, 2013, at 1:30 PM, MacPorts <noreply at macports.org> wrote:

> #40068: subversion: change dependency on curl-ca-bundle to support certsync
> --------------------------+---------------------
>  Reporter:  cal@…        |      Owner:  blair@…
>      Type:  enhancement  |     Status:  closed
>  Priority:  Normal       |  Milestone:
> Component:  ports        |    Version:  2.2.0
> Resolution:  fixed        |   Keywords:
>      Port:  subversion   |
> --------------------------+---------------------
> 
> Comment (by egall@…):
> 
> Replying to [comment:5 larryv@…]:
>> Replying to [comment:4 egall@…]:
>>> `certsync` provides integration with the OS X keychain, if a user
>>> specifies that they want OS X keychain integration by selecting the
>>> relevant variant, and has neither `certsync` nor `curl-ca-bundle`
>>> installed yet, I would expect that MacPorts would pull in the port
>>> that better integrates with the keychain (i.e. `certsync`) to satisfy
>>> the depspec instead of the default `curl-ca-bundle`.
>> 
>> I’m saying that certsync should //always// be automatically installed to
> satisfy that dependency, if necessary.
> 
> By that logic, you shouldn't have bothered wrapping the `+osxkeychain`
> variant in a `platform macosx` block in r109123.

I don't follow. I restricted that variant to OS X because it's not applicable to any other platform. It might make sense to default to curl-ca-bundle on other platforms for the same reason, but that's not the same as what you've been suggesting.

>> Users should not be given an option
> 
> Why not? As a user, I would always want the option.

You do have the option. You can install curl-ca-bundle manually, and it will satisfy the dependency.

The vast majority of users don't care which certificate store Subversion or cURL or $FOO uses, as long as it works. There's no reason to provide an explicit choice. Using certsync if available is not only a reasonable default, it's a superior default because it accommodates custom certificates.

vq




> -- 
> Ticket URL: <https://trac.macports.org/ticket/40068#comment:8>
> MacPorts <http://www.macports.org/>
> Ports system for OS X
> _______________________________________________
> macports-tickets mailing list
> macports-tickets at lists.macosforge.org
> https://lists.macosforge.org/mailman/listinfo/macports-tickets

More information about the macports-dev mailing list