On Thu, Nov 7, 2024 at 5:18 PM Lichtinger, Bernhard < bernhard.lichtin...@lrz.de> wrote:
> Hi, > > I am looking for some advice: If we use the virtualenv install method, how > does one keep track of security updates for all the installed dependencies? > > I can think of: > - Upgrade regularly all installed packages inside the virtualenv. This > might break mailman3 if there are incompatible updates. > - Try to track all dependencies and check if there are security updates > published. This might be impossible to achieve. > - Security updates are so rare, we do not need to bother. ;) > I am no security expert, but what I know is that the MM3 installation pulls all the compatible packages during installation. Updating some may lead to incompatibilities/breakage. MM3 modules during updates will also pull in the correct versions of the packages. After that, we sit back and run :-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html] _______________________________________________ Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-le...@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/2NX4QIYXWPQYP7L2PKVZMS2XN47ZFRUY/ This message sent to arch...@mail-archive.com
