Re: privoxy-pki-bundle not Behaving as Desired – Request for Assistance
list+macports-dev at jdlh.com
Mon May 23 23:35:19 UTC 2022
On 2022-05-23 13:59, Steven Smith wrote:
> The certs in curl-ca-bundle are updated regularly to clear out expired certs.
...> The “solution” appears to be to bump the revision of
privoxy-pki-bundle by hand whenever curl-ca-bundle is updated....
And how often is port curl-ca-bundle updated? What volume of revision
bumps are you trying to automate?
I'm not an expert, but as I read the Portfile for net/curl:
1. port curl-ca-bundle is a subport of port curl,
2. it looks to me like port curl-ca-bundle only got updated about 7
times in the last 43 months
3. it looks as if port curl-ca-bundle updates a file within curl,
security/nss/lib/ckfw/builtins/certdata.txt, and does some make and
install operations. Maybe building and installing curl itself does
those same operations.
4. Thus, maybe a version update to port curl also functions as an
update to port curl-ca-bundle, but I'm not sure.
5. it looks like port curl got updated about 25 times in the last 43
month, so three times as often as port curl-ca-bundle.
So it looks to me like you are working with an average update tempo of
either 2 updates/year or 9 updates/year, depending on whether #4 is true.
If #4 is true, it makes me wonder if maybe port curl-ca-bundle's values
for certdata_updated (epoch time) and certdata_date should get updated
each time the curl version gets updated.
Does that help?
More information about the macports-dev