Bug 378286

Summary:	On openSUSE Tumbleweed, update plasmoid appears to do `zypper up` instead of `zypper dup --no-allow-vendor-change`
Product:	[Unmaintained] plasma-pk-updates	Reporter:	Nate Graham <nate>
Component:	general	Assignee:	Jan Grulich <jgrulich>
Status:	RESOLVED UPSTREAM
Severity:	normal	CC:	codestruct, nate
Priority:	NOR
Version First Reported In:	unspecified
Target Milestone:	---
Platform:	openSUSE
OS:	Linux
Latest Commit:		Version Fixed In:
Sentry Crash Report:

Description Nate Graham 2017-03-30 19:16:40 UTC

openSUSE Tumbleweed with Plasma 5.9.4 and plasma5-pk-updates 0.2-7.1

Per https://lwn.net/Articles/717489, the correct way to update an openSUSE Tumbleweed installation is with `zypper dup --no-allow-vendor-change`. However, the KDE update plasmoid appears to do `zypper up` instead. Every time I use the plasmoid to install updates, following that up by running `zypper dup --no-allow-vendor-change` always shows a few extra updates and removals that the plasmoid missed.

Comment 1 Nate Graham 2017-03-30 21:07:39 UTC

Not KDE; the package list is determined by the PackageKit backend, which comes from the distro. See https://bugzilla.opensuse.org/show_bug.cgi?id=1030829

Comment 2 Gregor Mi 2017-04-13 22:17:21 UTC

This forum thread might be related: https://forums.opensuse.org/showthread.php/524002-KDE-update-quot-A-security-trust-relationship-is-not-present-quot