| 1 |
On Mon, Jun 28, 2010 at 01:59:42AM +0530, Nirbheek Chauhan wrote: |
| 2 |
> |
| 3 |
> I'm saying that a 30 days rule is too strict for most packages and |
| 4 |
> herds. I don't think such a rule will fly very far. Even a 90 day rule |
| 5 |
> or a 6 month rule is too strict for GNOME packages. I personally |
| 6 |
> empathize with the needs of users enough that I (and most of the gnome |
| 7 |
> team) are willing to wait for arches that cannot handle stabilization |
| 8 |
> bugs. We really don't want our users to have a bad experience because |
| 9 |
> of *us*. We'll do whatever is in our power. |
| 10 |
> |
| 11 |
The '30 days' was just an example. Any reasonable timeframe could do |
| 12 |
> |
| 13 |
> |
| 14 |
> > Moreover, slow arches introduce another problem as well. If a package is |
| 15 |
> > marked stabled for their arch, but this package is quite old, and they fail to |
| 16 |
> > stabilize a new version, we ( as maintainers ) can't drop the very old |
| 17 |
> > ( and obsolete ) version of this package because we somehow will break |
| 18 |
> > the stable tree for these arches. How should we act in this case? |
| 19 |
> > Keep the old version around forever just to say that "hey, they do have |
| 20 |
> > a stable version for our exotic arch". |
| 21 |
> > |
| 22 |
> |
| 23 |
> Now *this* is a problem. We have some bugs, some security bugs that |
| 24 |
> have been completely ignored by some arches. Mips as usual is one, but |
| 25 |
> recently hppa (and to a much lesser extent, ppc64) have become slow. |
| 26 |
> |
| 27 |
> To fix this, I suggest the following heuristic: |
| 28 |
> |
| 29 |
> * If an arch cannot stabilize *security bugs* after 3 months, the |
| 30 |
> maintainers are free to drop the vulnerable version. |
| 31 |
What if this version is the only one that is stabled for this arch. Can |
| 32 |
you imagine the possible breakage that this action might cause? |
| 33 |
|
| 34 |
The problem is exactly here. |
| 35 |
|
| 36 |
If a package has only one version stable for an exotic arch, you cannot |
| 37 |
drop it because: |
| 38 |
|
| 39 |
* you will break packages that depend on it |
| 40 |
* you will make users angry |
| 41 |
|
| 42 |
-- |
| 43 |
Markos Chandras (hwoarang) |
| 44 |
Gentoo Linux Developer |
| 45 |
Web: http://hwoarang.silverarrow.org |
Archives