Re: Keeping up with security fixes
| От | Dave Page |
|---|---|
| Тема | Re: Keeping up with security fixes |
| Дата | |
| Msg-id | CA+OCxoz8ZkpfAbJPvE-JfLF4MG_e=n-HYAPEPS8y5WUGhF5JMw@mail.gmail.com обсуждение исходный текст |
| Ответ на | Keeping up with security fixes ("Karl O. Pinc" <kop@karlpinc.com>) |
| Ответы |
Re: Keeping up with security fixes
("Karl O. Pinc" <kop@karlpinc.com>)
|
| Список | pgadmin-support |
Hi
On Wed, 18 Oct 2023 at 23:07, Karl O. Pinc <kop@karlpinc.com> wrote:
Hi,
What is the expected method for keeping PgAdmin4 up-to-date?
It depends on the platform and where you get your packages from. For packages from pgadmin.org (which are actually downloaded from postgresql.org), there is a "nag message" that is displayed upon startup/login if a new version is available. This can be reconfigured/overridden by other package maintainers using the three config.py options below (they would typically be overridden in config_distro.py):
# Check for new versions of the application? UPGRADE_CHECK_ENABLED = True # Where should we get the data from? UPGRADE_CHECK_URL = 'https://www.pgadmin.org/versions.json' # What key should we look at in the upgrade data file? UPGRADE_CHECK_KEY = 'pgadmin4'
Additionally, the package managers for RPM/DEB packages should also be able to tell you when a new version is available, e.g. using "yum check-update" or GUI tools that do the same.
I very much like the idea of using a package repo and automatically
periodically installing from the repo. But will the repo for
whatever OS contain the latest release until the OS is out of
support? And will this automatically break things because
of a backwards-incompatible new PgAdmin4 release?
The pgadmin.org repos will be updated with the latest versions of pgAdmin for as long as the OS version is in support. Once it's out of support, we generally do one final release, before freezing that repo. Releases should always be forwards-compatible, and we aim (but do not guarantee) to keep them backwards compatible as well. However, the configuration database is backed up prior to being updated in modern releases, so you should always be able to roll back to an earlier release.
On very rare occasions we are forced to drop support for very long-lived OS releases before they go EOL. This is usually because they have a very old version of Python, and required libraries in the Python ecosystem have dropped support for that version of Python. We try very hard not to do this, but sometimes it's just not feasible for us to continue. IIRC, this happened with RHEL/CentOS 7, and Ubuntu 16.04 and 18.04.
I'm not finding any statements of policy anywhere.
Yes, I will try to find some time to correct that.
Another approach would be a method that pushes just PgAdmin4 security
announcements (or whatever else I need to know to keep up-to-date).
I'm sure this list does that, but also contains lots of other
unrelated information. Having to sift through messages means
I might make a mistake and miss something important.
We do send all release notices to this list (and the -hackers list). They also go to pgsql-announce@postgresql.org which may be easier for you as it's pretty low traffic, and you can select what categories of announcements you want to see to further limit it.
Another option (if you want to get low-level and build something yourself) is to write a simple script that pulls https://www.pgadmin.org/versions.json every day or so. The 'pgadmin4' key lists the current version of pgAdmin that has been released on pgadmin.org. You could then take the version number to generate the release notes URL on the website, e.g. https://www.pgadmin.org/docs/pgadmin4/7.8/release_notes_7_8.html (replacing the 7.8 and 7_8 as needed).
Dave Page
pgAdmin: https://www.pgadmin.org
В списке pgadmin-support по дате отправления:
Предыдущее
От: Khushboo VashiДата:
Сообщение: Re: Hey pgadmin i'm having issues reinstalling pgadmin4