Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-dev
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-dev@g.o
From: Markos Chandras <hwoarang@g.o>
Subject: Re: Policy for late/slow stabilizations
Date: Mon, 28 Jun 2010 00:38:29 +0300
On Mon, Jun 28, 2010 at 01:59:42AM +0530, Nirbheek Chauhan wrote:
> 
> I'm saying that a 30 days rule is too strict for most packages and
> herds. I don't think such a rule will fly very far. Even a 90 day rule
> or a 6 month rule is too strict for GNOME packages. I personally
> empathize with the needs of users enough that I (and most of the gnome
> team) are willing to wait for arches that cannot handle stabilization
> bugs. We really don't want our users to have a bad experience because
> of *us*. We'll do whatever is in our power.
> 
The '30 days' was just an example. Any reasonable timeframe could do
> 
> 
> > Moreover, slow arches introduce another problem as well. If a package is
> > marked stabled for their arch, but this package is quite old, and they fail to
> > stabilize a new version, we ( as maintainers ) can't drop the very old
> > ( and obsolete ) version of this package because we somehow will break
> > the stable tree for these arches. How should we act in this case?
> > Keep the old version around forever just to say that "hey, they do have
> > a stable version for our exotic arch".
> >
> 
> Now *this* is a problem. We have some bugs, some security bugs that
> have been completely ignored by some arches. Mips as usual is one, but
> recently hppa (and to a much lesser extent, ppc64) have become slow.
> 
> To fix this, I suggest the following heuristic:
> 
> * If an arch cannot stabilize *security bugs* after 3 months, the
> maintainers are free to drop the vulnerable version.
What if this version is the only one that is stabled for this arch. Can
you imagine the possible breakage that this action might cause?

The problem is exactly here. 

If a package has only one version stable for an exotic arch, you cannot
drop it because:

* you will break packages that depend on it
* you will make users angry

-- 
Markos Chandras (hwoarang)
Gentoo Linux Developer
Web: http://hwoarang.silverarrow.org
Attachment:
pgpsaoWjlCNWo.pgp (PGP signature)
Replies:
Re: Policy for late/slow stabilizations
-- Nirbheek Chauhan
References:
Policy for late/slow stabilizations
-- Markos Chandras
Re: Policy for late/slow stabilizations
-- Nirbheek Chauhan
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Policy for late/slow stabilizations
Next by thread:
Re: Policy for late/slow stabilizations
Previous by date:
Re: FYI: Rules for distro-friendly packages
Next by date:
Re: Policy for late/slow stabilizations


Updated Jun 29, 2012

Summary: Archive of the gentoo-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.