Re: privoxy-pki-bundle not Behaving as Desired – Request for Assistance

[Chris Jones]

> On 23 May 2022, at 9:59 pm, Steven Smith <steve.t.smith at gmail.com> wrote:
> 
> 
>> 
>> What has changed between the time that the buildbot built the package and the time that the user installs it?
> 
> The certs in curl-ca-bundle are updated regularly to clear out expired certs.
> 
> Per the previous discussion, privoxy-pki-bundle uses these certs via a depends_lib, and unless a port revision is added by hand, the port inevitably will contain expired certs.
> 
> The “solution” appears to be to bump the revision of privoxy-pki-bundle by hand whenever curl-ca-bundle is updated. I’m trying to identify a more automated and robust way of accomplishing that.

The simple solution then is to just put a comment into the curl-ca-bundle port next to the version/revision asking whomever updates it to bump the revision of privoxy-pki-bundle at the same time. This simple but generally effective solution is used in a number of ports with similar situations and works well most of the time. I see no need to do anything more complex here, particularly not to automate things such that the same port file installs different things at different times. That lack of reproducibility is definitely not wanted.

Chris