bobwire / pentoo

Automatically exported from code.google.com/p/pentoo
1 stars 0 forks source link

lock metasploit to a specific snapshort #326

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
msf development is too fast and too inconsistent.

For example, the current latest and the greatest version requires an outdated 
version of simplecov (= 0.5.4)

In future, it will require ruby 2.1 with really old 
actionpack/actionpack-3.2.21 (which does not has ruby 2.1 target in Gentoo).

Once again, I suggest to make a snapshot and bump it once in awhile.

This is the only way to make sure that users can upgrade their systems 
smoothing, with no failures.

The 9999 version belongs to bleeding edge profile. Really.

Original issue reported on code.google.com by blshkv on 19 Dec 2014 at 5:21

GoogleCodeExporter commented 9 years ago
and once again, we have releases and git, if you want to use a snapshot, use a 
release.

Original comment by sidhayn on 23 Dec 2014 at 3:11

GoogleCodeExporter commented 9 years ago
it's not about what to use.

I'm unable to finish the update because MSF fails to update constantly.

Here is the error what I'm facing today:

Resolving dependencies...
Could not find gem 'metasploit_data_models (~> 0.21.3) ruby', which is required 
by gem 'metasploit-framework-db (>= 0)
ruby', in any of the sources.                                                   

 * ERROR: net-analyzer/metasploit-9999::pentoo failed (prepare phase):
 *   (no error message)

Original comment by blshkv on 23 Dec 2014 at 7:57

GoogleCodeExporter commented 9 years ago
okay, I want metasploit:9999 on the livecd, you don't want it on your systems.  
let's compromise and make it livecd use flag dependent.

Original comment by sidhayn on 31 Dec 2014 at 8:54

GoogleCodeExporter commented 9 years ago

Original comment by sidhayn on 21 Mar 2015 at 8:14

GoogleCodeExporter commented 9 years ago
I know this issue is closed and all, but...

For me, whether or not metasploit dev is too fast is not so much an issue as 
compared to: we have a package that has a dependency on simplecov versions that 
are no longer in the tree even.  Simply stated, it seems like not enough love 
is given to keeping required dependencies for core packages up-to-date.

Original comment by willard....@gmail.com on 20 May 2015 at 3:39

GoogleCodeExporter commented 9 years ago
Could you tell which version of msf requires simplecov and which version??

I have msf:4.11 but it does NOT require simplecov at all.

Original comment by blshkv on 21 May 2015 at 9:39

GoogleCodeExporter commented 9 years ago
as requested many times, metasploit releases and snapshots are available as 
versioned releases.  If you don't want to deal with the possibly broken 9999 
ebuild, don't use it.  This isn't rocket science.

Original comment by sidhayn on 25 May 2015 at 6:20