1 |
On 02:03 Tue 14 Oct , Jose Luis Rivero wrote: |
2 |
> Hi all: |
3 |
> |
4 |
> Reading a random discussion in our dev mailling list, I came with a |
5 |
> doubt about our new EAPI policy and its procedures. I couldn't find it |
6 |
> documented nor discussed anywhere so I bringing it here. |
7 |
> |
8 |
> Supposing that anyone can currently add an ebuild using EAPI-2 under the |
9 |
> testing branch: what are we going to do if an EAPI-2 ebuild (which are |
10 |
> only managed by ~arch package managers) needs to go stable due to some |
11 |
> kind of major reason like security? |
12 |
> |
13 |
> Hypothetical case: foo-1 (eapi-0) marked as stable and foo-2 (eapi-2) |
14 |
> with new features marked as testing. A security problem appears |
15 |
> affecting both. UPSTREAM release foo-3 to solve the security issue. |
16 |
> |
17 |
> There are some others sceneries but are not so common as the one presented |
18 |
> could be. Any decent solution for this case? |
19 |
|
20 |
There are only a few obvious ones, you'll have to pick which one you |
21 |
like best. Most of the other options basically duplicate these in some |
22 |
way or add more work to them for negligible gain: |
23 |
|
24 |
- Backport the ebuild from EAPI=2 to EAPI=0 |
25 |
- Backport the security patch to the EAPI=0 ebuild |
26 |
- Stabilize portage quickly |
27 |
|
28 |
-- |
29 |
Thanks, |
30 |
Donnie |
31 |
|
32 |
Donnie Berkholz |
33 |
Developer, Gentoo Linux |
34 |
Blog: http://dberkholz.wordpress.com |