| 1 |
On Friday, January 02, 2015 02:18:24 PM Rich Freeman wrote: |
| 2 |
> On Fri, Jan 2, 2015 at 1:10 PM, Ian Stakenvicius <axs@g.o> wrote: |
| 3 |
> > The thing about stable gentoo-sources is that it shows that it's been |
| 4 |
> > tested, and ideally that testing's been done against the rdeps of the |
| 5 |
> > kernel package too (ie, external modules). ... |
| 6 |
> > That said, given the frequency of security updates, I do think it |
| 7 |
> > makes sense to try and keep the stabilization of LTS kernel versions |
| 8 |
> > in sync with upstream as much as possible, including |
| 9 |
> > quick-stabilization whenever we can. |
| 10 |
> |
| 11 |
> ++ and ++ |
| 12 |
> |
| 13 |
> Would an approach like this make sense: |
| 14 |
> 1. For ~arch keep doing what we're doing (which seems to be generally |
| 15 |
> following the upstream stable branches). |
| 16 |
> 2a. For stable always target the latest longterm, and commit straight |
| 17 |
> to stable. |
| 18 |
> or |
| 19 |
> 2b. For stable just follow ~arch a few days behind. |
| 20 |
> 3. Either way immediately remove packages that aren't |
| 21 |
> upstream-supported (by all means keep all the longterm/stable |
| 22 |
> branches, but don't leave cruft hanging around or abandoned stable |
| 23 |
> branches - if somebody ~arch tagged a particular branch and didn't get |
| 24 |
> the news that it won't go longterm then they'll either downgrade to a |
| 25 |
> supported stable or notice and adjust their keywords to go to the next |
| 26 |
> stable). |
| 27 |
> |
| 28 |
> 2a is extremely unlikely to break anything, but probably won't get any |
| 29 |
> testing so you might as well commit straight to stable (nobody running |
| 30 |
> ~arch is going to be running longterm as well). 2b is more likely to |
| 31 |
> break stuff, but on the other hand will be more likely to have actual |
| 32 |
> bugs reported so it will be more tested. |
| 33 |
> |
| 34 |
> The biggest issue I see is with packages that actually use recent |
| 35 |
> kernel features (systemd comes to mind, maybe udev to a lesser degree, |
| 36 |
> and I'm sure there are others). These kinds of packages should have |
| 37 |
> clear kernel dependencies though. In some sense EVERYTHING is an rdep |
| 38 |
> of the kernel so breakage could conceivably happen anywhere - but the |
| 39 |
> risk is higher in some places. |
| 40 |
> |
| 41 |
> I think the classical stable user is probably best off following |
| 42 |
> upstream longterm anyway, unless they just bought a new laptop or |
| 43 |
> something like that. |
| 44 |
> |
| 45 |
> In general though I think that it is perfectly acceptable to have a QA |
| 46 |
> policy specific to the kernel since upstream has very robust stable |
| 47 |
> branch support, and the level of QA and release maturity is extremely |
| 48 |
> high. |
| 49 |
> |
| 50 |
> I do think that it makes sense to not throw stable Gentoo users at |
| 51 |
> kernels that were mainline release candidates only a day before. |
| 52 |
|
| 53 |
I understand your point. Maybe waiting a few days to auto stable makes sense, |
| 54 |
because less than 7 days later, a new version with bug/security fixes is |
| 55 |
released. |
| 56 |
|
| 57 |
Isn't our current rate of stabilization "selling" a promise of stability we |
| 58 |
can't stand behind? |
| 59 |
|
| 60 |
Mike |
| 61 |
|
| 62 |
-- |
| 63 |
Mike Pagano |
| 64 |
Gentoo Developer - Kernel Project |
| 65 |
Team Lead - Gentoo Sources |
| 66 |
E-Mail : mpagano@g.o |
| 67 |
GnuPG FP : EEE2 601D 0763 B60F 848C 9E14 3C33 C650 B576 E4E3 |
| 68 |
Public Key : http://pgp.mit.edu:11371/pks/lookup?search=0xB576E4E3&op=index |
Archives