1 |
Matt, Ron, |
2 |
|
3 |
I agree with you both - to a point. The current CVS strategy has gotten |
4 |
Gentoo this far, but it needs to evolve if Gentoo is to become more friendly |
5 |
to large companies. It is being talked about amongst key Gentoo developers, |
6 |
but at the moment I don't know the current status, or any timescales. |
7 |
|
8 |
One thing I'd like to see is the eradication of the word 'stable' from |
9 |
anything to do with Portage. Right now, I don't see any clear or consistent |
10 |
understanding of what 'stable' means, and I don't think that the term is |
11 |
actually very helpful. Does 'stable' mean fit for production use? Does it |
12 |
simply mean 'the ebuild works, and the app doesn't segfault when you fire it |
13 |
up'? It's not helpful. |
14 |
|
15 |
If Gentoo moves to a multiple-tree strategy, -CURRENT is fair enough I guess, |
16 |
as are -RELEASE branches (although the whole idea of a RELEASE needs |
17 |
re-considering too I believe). But what would -STABLE in between actually |
18 |
mean? We need a better word. Heck, even -UNMASKED would be a better start - |
19 |
at least it's more accurate, and something that we could reach a clear |
20 |
definition on. |
21 |
|
22 |
I believe that ebuilds *should* have a guaranteed minimum life expectency in |
23 |
the Portage tree; I also believe that developers *should* announce the |
24 |
removal of an ebuild before it is removed, to give time for any necessary |
25 |
debate or local archiving into /usr/local/portage. Right now, a) it doesn't |
26 |
happen, and b) there's nowhere suitable to make the announcement anyway. You |
27 |
can find out more about my opinion on managing individual ebuilds by reading |
28 |
a draft document on dev.gentoo.org/~stuart/sponsorship/. You'll need a PDF |
29 |
reader to read it. |
30 |
|
31 |
Getting back to managing the larger Portage tree ... I don't agree that |
32 |
providing support for 'tagged branches' is just as simple as making the |
33 |
tagged branches available for x period of time. A 'tagged branch' wouldn't |
34 |
be suitable for any large software provider to certify against - because it's |
35 |
an incomplete target. A tagged branch is just a bunch of ebuilds. It |
36 |
doesn't include the compiler you used, the CFLAGS you used, or the |
37 |
architecture you're running on. And the moment a branch is tagged, it |
38 |
becomes a liability. |
39 |
|
40 |
Let's look at a traditional SCM (software change management) problem for a |
41 |
moment. What happens to the 'tagged branch' when security problems are |
42 |
found? What about when important bug fixes are needed? Would we backport |
43 |
those ebuilds into the tagged branches? Where would that effort come from? |
44 |
Who would do that work? |
45 |
|
46 |
Look at the alternative - withdraw a particular tagged branch, and tell users |
47 |
to upgrade to a different tagged branch. Unfortunately, you're going to have |
48 |
an unpredictable amount of change between those branches. The effort of |
49 |
moving could be high, and would be difficult to plan for in advance. We'd |
50 |
end up like - shall we say - certain older distributions, where from time to |
51 |
time wiping the box is less hassle than performing the upgrade. |
52 |
|
53 |
What does a certification program involve? Any QA practice that is more than |
54 |
cosmetic would include SCM, and the SCM team would require that the exact |
55 |
versions of libraries and supporting utilities are identified and documented. |
56 |
Which is exactly how ebuilds work in practice. You'd have to throw in |
57 |
environmental factors - hardware, file systems & disk layouts, etc etc - but |
58 |
the ebuild is at the heart of it, and not the wider distribution. If all the |
59 |
technical factors are satisfied, then the QA practice would approve |
60 |
certification. Although a tag is a convenient way of saying that all these |
61 |
factors *should* be present, Gentoo's ebuilds provide a viable alternative. |
62 |
|
63 |
I really don't see how the Gentoo approach is incompatible with that QA |
64 |
practice. In reality, certifications are a political tool as much as a |
65 |
technical one - and there Gentoo will face new challenges for sure. |
66 |
|
67 |
Best regards, |
68 |
Stu |
69 |
-- |
70 |
Stuart Herbert stuart@g.o |
71 |
Gentoo Developer http://www.gentoo.org/ |
72 |
Beta packages for download http://dev.gentoo.org/~stuart/packages/ |
73 |
Come and meet me in March 2004 http://www.phparch.com/cruise/ |
74 |
|
75 |
GnuGP key id# F9AFC57C available from http://pgp.mit.edu |
76 |
Key fingerprint = 31FB 50D4 1F88 E227 F319 C549 0C2F 80BA F9AF C57C |
77 |
-- |