I want to go back to the original #feature request because I think the banner is not enough. At least I want to make another attempt…
The core of the problem lives in the two layers of repositories:
- CentOS/EPEL - “upstream”
The lower layer send updates continuously in a reasonably stable manner. But we learned by experience that under some circumstances “earthquakes” occurs:
- severe security fixes
- minor releases checkpoints
The best solution to deal with this we can provide so far is the #subscription model: a private infrastructure that overlays the public one.
This feature proposal has the following limit:
We could mitigate the effect of their different release cycle by enabling them only when software is installed, not updated. In commands
yum update --disablerepo=epel
The nsrelease lock plus this enhancement would provide a better stability also on the public upstream infrastructure.
I’m sure we can improve it further!