GnuPGP for Trisquel out of date

5 replies [Last post]
Anonnoobsaibot
Offline
Joined: 02/10/2019

Is there a reason why GnuPGP on Trisquel is still on the older 2.1.11 release? When i try to update through terminal i get "gnupg2 is already the newest version (2.1.11-6ubuntu2.1)".,which is way behind the current 2.2.12 release.

jxself
Offline
Joined: 09/13/2010

Yes there is always a reason for everything. Package versions are frozen on the release of a given version of Trisquel. Other distros, like Debian, do the same with their stable releases. Security and bug fixes can be applied by applying specific fixes for specific problems but the overall version number remains the same except for the suffix on the end which is how you end up with -6ubuntu2.1. This is done for stability purposes. Not introducing whole new versions means updates are safe to apply and won't result in API/ABI changes or other problems. This also means the the 2.1.11 you get in Trisquel is not exactly the same as 2.1.11 from gnupg.org because it will have been modified to fix any bug or security problems that may have existed in that particular version. An easy way to tell is, for example, https://packages.ubuntu.com/search?suite=xenial&section=all&arch=any&keywords=gnupg2&searchon=names can you can see it's in the [security] component, indicating security-related changes have been made.

An example of a distro that doesn't freeze versions on release would be Parabola because they're a "rolling distribution" and don't actually have "releases." Their goal is to live on the bleeding edge. This also means sometimes updates cause problems including system breakage for example:
https://www.parabola.nu/news/caution-regarding-the-libidn2-package-with-systemd/

Of course, this means that even if it's patched for bug and security problems, sometimes people still complain about it being somehow "old." As a result some packages get thawed out -- like Abrowser -- but notice what happens when people have problems after updating to new major releases: https://trisquel.info/en/forum/abrowser-update-issues

As a result I appreciate having packages frozen on release and only getting the minimal bug and security fixes after that. I just wish Trisquel would do that for Abrowser too and not thaw it out, no matter how much people cry that it's somehow "old" (even though it can be patched to address all known bug and security problems.) Because now Abrowser has problems after the update, which could have been avoided by limiting changes to making the minimal bug and security fixes only like with the rest of the packages in Trisquel.

Sorry for the rant. But hopefully it helps to understand the reasoning behind why distros might decide to freeze package versions on release.

Beformed
Offline
Joined: 01/12/2017

Thanks for the explanation. This helps to clear out why Trisquel freezes its software versions. Personally I preferred the "rolling release" approach, then I decided to go 100% free software and got to know Trisquel, it is now my favorite distro, I run a small server powered by Trisquel and its stability is much appreciated. I run trisquel in my T400s and X220 and I have had no issues (other than the usual issues with updating to Abrowser 64).

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

> I run trisquel in my
> T400s and X220 and I have had no issues (other than the usual issues with
> updating to Abrowser 64).

It sounds like you've stumbled onto one of the advantages of an LTS
distro. Abrowser is one of the few packages in Trisquel that is rolling,
so occasionally an update will break something in Abrowser. With a
rolling distro, this would be the case for the entire system.

Beformed
Offline
Joined: 01/12/2017

I'd think that Trisquel could go with Icecat for a semi-rolling browser. It helps that it's kind of already a stable version, plus all the stronger privacy features it offers.

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

> I'd think that Trisquel could go with Icecat for a semi-rolling browser.
> It helps that it's kind of already a stable version, plus all the
> stronger privacy features it offers.

I agree that with LTS packages like Icecat it's fine stability-wise to
upgrade to the latest version, and might be worth it given how great
Icecat 60 is.