| 1 |
On Tue, Feb 03, 2004 at 05:06:01PM +0200 or thereabouts, Dan Armak wrote: |
| 2 |
> A bigger inconvinience is that every developer will have to maintain a stable |
| 3 |
> tree system image (or real system) to test any off-cycle updates he may have |
| 4 |
> to do, often hurrying because of a major vulnerability already published. |
| 5 |
> will that be required? Is there a way around it? |
| 6 |
|
| 7 |
There should be *very* few cases where this happens. For the most part, |
| 8 |
devs will only be committing things off-cycle to the stable tree that are |
| 9 |
already in the main tree. For example: Another half-dozen exploits are |
| 10 |
found in gaim. The gaim herd/maintainer fixes up the new ebuild and |
| 11 |
commits it first to the main tree (generally ~masked) and then to the |
| 12 |
stable tree (probably as ~stable). |
| 13 |
|
| 14 |
The only time where I can see a problem is when there is an ebuild still in |
| 15 |
the stable tree that no longer exists in the main tree. However, by then, |
| 16 |
I would hope all major/critical bugs have been worked out of it, so only |
| 17 |
security issues would be a problem. |
| 18 |
|
| 19 |
In this case, you're right -- the maintainer would need to have a stable |
| 20 |
tree around that they could use to test. However, I'm reasonably confident |
| 21 |
that this will be a very infrequent occurance. If you feel differently, |
| 22 |
please let me know. |
| 23 |
|
| 24 |
--kurt |
Archives