1 |
On Tue, Feb 03, 2004 at 05:06:01PM +0200 or thereabouts, Dan Armak wrote: |
2 |
> A bigger inconvinience is that every developer will have to maintain a stable |
3 |
> tree system image (or real system) to test any off-cycle updates he may have |
4 |
> to do, often hurrying because of a major vulnerability already published. |
5 |
> will that be required? Is there a way around it? |
6 |
|
7 |
There should be *very* few cases where this happens. For the most part, |
8 |
devs will only be committing things off-cycle to the stable tree that are |
9 |
already in the main tree. For example: Another half-dozen exploits are |
10 |
found in gaim. The gaim herd/maintainer fixes up the new ebuild and |
11 |
commits it first to the main tree (generally ~masked) and then to the |
12 |
stable tree (probably as ~stable). |
13 |
|
14 |
The only time where I can see a problem is when there is an ebuild still in |
15 |
the stable tree that no longer exists in the main tree. However, by then, |
16 |
I would hope all major/critical bugs have been worked out of it, so only |
17 |
security issues would be a problem. |
18 |
|
19 |
In this case, you're right -- the maintainer would need to have a stable |
20 |
tree around that they could use to test. However, I'm reasonably confident |
21 |
that this will be a very infrequent occurance. If you feel differently, |
22 |
please let me know. |
23 |
|
24 |
--kurt |