GNU bug report logs - #75490
30.0.93; package-upgrade-all - show upgradeable packages

Previous Next

Package: emacs;

Reported by: Daniel Mendler <mail <at> daniel-mendler.de>

Date: Sat, 11 Jan 2025 11:25:01 UTC

Severity: wishlist

Found in version 30.0.93

Full log

Message #8 received at 75490 <at> debbugs.gnu.org (full text, mbox):

From: Ship Mints <shipmints <at> gmail.com>
To: Daniel Mendler <mail <at> daniel-mendler.de>
Cc: 75490 <at> debbugs.gnu.org, Philip Kaludercic <philipk <at> posteo.net>,
 Stefan Kangas <stefankangas <at> gmail.com>
Subject: Re: bug#75490: 30.0.93;
 package-upgrade-all - show upgradeable packages
Date: Sat, 11 Jan 2025 06:37:52 -0500

[Message part 1 (text/plain, inline)]
package-upgrade, when invoked interactively, does show the list of
upgradeable packages. When combined with a decent minibuffer completion
configuration (like Daniel's Vertico), I can cherry-pick or select all. I
agree package-update-all has a poor interface and I do not use it.
package-upgrade perhaps should also refresh the package list when called
interactively and suppress that behavior with a prefix argument.

In the security vein, package-upgrade commands could also show both the
current version(s) and the target version(s) which would be convenient and
assist people willing to put in the work to actually look at package
sources before they upgrade.

On Sat, Jan 11, 2025 at 6:25 AM Daniel Mendler via Bug reports for GNU
Emacs, the Swiss army knife of text editors <bug-gnu-emacs <at> gnu.org> wrote:

> Currently `package-upgrade-all' displays the number of packages to
> upgrade. I suggest to instead show a list of the names of the packages
> which are about to be upgraded. This way the user has a better chance to
> review the packages before they get installed. Of course the user can
> have better control by going via the `list-packages' interface. However
> I argue that package.el should not offer UIs and confirmations which
> omit relevant information in order to improve security.
>
> The current `package-upgrade-all' confirmation is as follows:
>
> (when (and query
>            (not (yes-or-no-p
>                  (if (length= upgradeable 1)
>                      "One package to upgrade.  Do it? "
>                    (format "%s packages to upgrade.  Do it?"
>                            (length upgradeable))))))
>   (user-error "Upgrade aborted"))
>
> I suggest to replace it with this:
>
> (when (and query
>            (not (yes-or-no-p
>                  (format
>                   "Upgrade %s?"
>                   (mapconcat #'symbol-name upgradeable ", ")))))
>   (user-error "Upgrade aborted"))
>
> If the list gets too long, a popup window could be used. See also the
> related bug#74604 regarding diffs on package upgrade.
>
> Daniel
>
>
>
>

[Message part 2 (text/html, inline)]
This bug report was last modified 105 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.