1 |
On Mon, Jun 28, 2010 at 01:59:42AM +0530, Nirbheek Chauhan wrote: |
2 |
> |
3 |
> I'm saying that a 30 days rule is too strict for most packages and |
4 |
> herds. I don't think such a rule will fly very far. Even a 90 day rule |
5 |
> or a 6 month rule is too strict for GNOME packages. I personally |
6 |
> empathize with the needs of users enough that I (and most of the gnome |
7 |
> team) are willing to wait for arches that cannot handle stabilization |
8 |
> bugs. We really don't want our users to have a bad experience because |
9 |
> of *us*. We'll do whatever is in our power. |
10 |
> |
11 |
The '30 days' was just an example. Any reasonable timeframe could do |
12 |
> |
13 |
> |
14 |
> > Moreover, slow arches introduce another problem as well. If a package is |
15 |
> > marked stabled for their arch, but this package is quite old, and they fail to |
16 |
> > stabilize a new version, we ( as maintainers ) can't drop the very old |
17 |
> > ( and obsolete ) version of this package because we somehow will break |
18 |
> > the stable tree for these arches. How should we act in this case? |
19 |
> > Keep the old version around forever just to say that "hey, they do have |
20 |
> > a stable version for our exotic arch". |
21 |
> > |
22 |
> |
23 |
> Now *this* is a problem. We have some bugs, some security bugs that |
24 |
> have been completely ignored by some arches. Mips as usual is one, but |
25 |
> recently hppa (and to a much lesser extent, ppc64) have become slow. |
26 |
> |
27 |
> To fix this, I suggest the following heuristic: |
28 |
> |
29 |
> * If an arch cannot stabilize *security bugs* after 3 months, the |
30 |
> maintainers are free to drop the vulnerable version. |
31 |
What if this version is the only one that is stabled for this arch. Can |
32 |
you imagine the possible breakage that this action might cause? |
33 |
|
34 |
The problem is exactly here. |
35 |
|
36 |
If a package has only one version stable for an exotic arch, you cannot |
37 |
drop it because: |
38 |
|
39 |
* you will break packages that depend on it |
40 |
* you will make users angry |
41 |
|
42 |
-- |
43 |
Markos Chandras (hwoarang) |
44 |
Gentoo Linux Developer |
45 |
Web: http://hwoarang.silverarrow.org |