"Update Types" for Pamac (read further for rationale)

When using Manjaro as a desktop operating system, after some time it becomes clear that not all “updates” are alike. I’ve noticed at least two types of updates:

  1. single packages (i.e, firefox, brave, chromium, xyz-tool, etc)
  2. huge updates of an entire desktop environment (KDE, Xfce, GNOME), with intertwined libraries, toolkits, DE-centric applications, and/or kernel and driver updates

Number 2 usually arrives as a ginormous batch with at least 100+ packages ready to update (and is accompanied by an official forum announcement.)

I propose that Pamac features an option that you can toggle to only notify you when type 2 is available.
The reasons for this:

  • The type 2 updates are usually the ones that require your attention and a mandatory reboot; these are considered “milestone” updates for Manjaro and include a companion forum announcement

  • The type 1 updates are not as critical and can usually wait; in fact they would do well to be updated along with the type 2 updates (fewer update operations under normal usage)

  • If Timeshift creates auto snapshots with updates, this means an entire snapshot is being created just to update one package, such as firefox! :dizzy_face: This will delete older (and possibly more critical) snapshots to make way for this new (and nearly pointless) snapshot.

  • Too many back-to-back notifications, as just now I had three separate update operations: firefox, brave, chromium. Each one arrived and notified me back-to-back in the span of two days, for just three packages that were made available at three different times, all within two days.

  • This would be an option each user can “toggle”, so it would not affect the normal operation, as the user can simply leave this option alone. :slight_smile:

  • This would only change whether or not the user is “notified” (such as via a tray icon or notification); yet it would not affect the usage nor behavior of Pamac itself. This is similar in spirit to Manjaro’s Settings Manager, in which you can change what types of available kernels to be notified.

I am not 100% sure, but as they cam on their own… were browsers, and mail client(s) I am very certain they were security updates - if it were not for security patches these packages would not been made available out of cycle.

I for my part prefer to get security fixes as soon as they are available - not like windows - some random elected day the month - which maybe 30 days in the future from when the bug is exploited.

Chromium: 89.0 —> 90.0

Brave: 1.20 —> 1.23

I don’t believe those are exclusive critical security updates nor urgent security patches. I could be mistaken, but they appear to be run-of-the-mill version updates for Chromium and Brave’s development cycles?

1 Like

Most web browsers and some other packages in our repo are fast tracked due to most of the time it having some kind of security update and those packages are an easy vulnerability target.

Well.

Type 1 updates (as you call them) are fast-tracked security updates and should be installed as soon as possible.
So not getting notified of them, would kind of neglect the resources used to actually get it out to users in a timely manner, wouldn’t it? :wink:

2 Likes