[packagekit] This dialog sucks
James Westby
jw+debian at jameswestby.net
Wed Apr 22 02:08:17 PDT 2009
On Wed, 2009-04-22 at 09:50 +0100, Richard Hughes wrote:
> On Tue, 2009-04-21 at 12:09 -0400, Jon McCann wrote:
> > Firstly, this dialog should never - ever - appear when installing
> > updates from the update viewer. No excuses. Updates should not
> > appear in the list unless they are trusted.
>
> Agree. The only case this will not be true is when the distro changes
> the signing key mid-release, which shouldn't even happen (although
> happened to Fedora in F9, but that's the exception to prove the
> rule...).
Then why not almost remove the dialog altogether.
If this will only be shown in a huge event such as the F9 one, then
you could instead pop up a dialog that says. Something has apparently
gone very wrong, and point to a web page that the repo owner specifies.
That web page could then explain what the issue is and how to deal with
it, and if there is a need to change the signing key it could explain
that and tell the user how to change the signing key associated with
the repo through another dialog.
Third-party repositories may kill the idea, but just allowing the user
to blindly click and carry on seems like it could be avoided. If the
only reasons that a user would see this are someone trying to compromise
their system, or some huge event that can be co-ordinated by the
repository owner, then we should be able to do better.
Thanks,
James
More information about the PackageKit
mailing list