| 1 |
On Fri, 2018-09-14 at 20:22 +0300, Alon Bar-Lev wrote: |
| 2 |
> On Fri, Sep 14, 2018 at 8:16 PM Richard Yao <ryao@g.o> wrote: |
| 3 |
> > |
| 4 |
> > On 09/14/2018 12:40 PM, Alon Bar-Lev wrote: |
| 5 |
> > > On Fri, Sep 14, 2018 at 12:34 AM Sergei Trofimovich <slyfox@g.o> wrote: |
| 6 |
> > > > |
| 7 |
> > > > On Tue, 11 Sep 2018 12:44:38 +0300 |
| 8 |
> > > > Alon Bar-Lev <alonbl@g.o> wrote: |
| 9 |
> > > > |
| 10 |
> > > > I'm personally in favour of not allowing -Werror |
| 11 |
> > > > to be in build system unconditionally. |
| 12 |
> > > > |
| 13 |
> > > > Maintainer is free to implement --enable-werror any way |
| 14 |
> > > > it's convenient to run on their own extended sanity checks |
| 15 |
> > > > and optionally expose it to users. Be it USE flag or |
| 16 |
> > > > EXTRA_ECONF option. |
| 17 |
> > > |
| 18 |
> > > This discussion is not for downstream to have a more strict policy |
| 19 |
> > > than upstream. People try to hijack discussion and introduce noise to |
| 20 |
> > > de-focus the discussion. |
| 21 |
> > > |
| 22 |
> > > Downstream policy cannot be more strict than upstream as then every |
| 23 |
> > > change upstream is doing downstream need to rebase and invest in even |
| 24 |
> > > more changes. |
| 25 |
> > > |
| 26 |
> > > This discussion is to follow upstream strict policy if upstream proves |
| 27 |
> > > that it stands behind it and downstream is willing to follow. |
| 28 |
> > |
| 29 |
> > I don't think we should do that unless we provide a USE flag for users |
| 30 |
> > to opt into the behavior. Forcing it on users is problematic for the |
| 31 |
> > reasons others stated. However, letting them opt into the behavior is |
| 32 |
> > reasonable. |
| 33 |
> > |
| 34 |
> > In the case of sys-fs/zfs, enabling -Werror (which includes -Wall) on |
| 35 |
> > USE=debug is following upstream's wishes to build debug builds with -Werror. |
| 36 |
> |
| 37 |
> Let's do this the other way around and be react based on facts and not |
| 38 |
> speculations. |
| 39 |
> Let's change the policy for a year for selected packages as I |
| 40 |
> outlined, monitor bugs and after a year see response times, affected |
| 41 |
> users and if downstream patches are accumulated. Then we can decide if |
| 42 |
> we need to patch upstream packages. |
| 43 |
> If we need to patch upstream package anyway, not follow upstream |
| 44 |
> policy and not accepting input for various of permutations and |
| 45 |
> architecture from all users, this discussion is nearly void. |
| 46 |
> |
| 47 |
|
| 48 |
...and for how long did you exactly ignore the standing policy that |
| 49 |
suddenly we need a new testing period? How about we do the opposite |
| 50 |
and you prove a *single* bug found downstream using this method so far? |
| 51 |
|
| 52 |
Because so far this discussion is not much different than "let's make |
| 53 |
the ebuild fail for some values of ${RANDOM}, and add extra values when |
| 54 |
users complain". Though the variant with random has probably a greater |
| 55 |
chance of failing when *actual* security issues happen. |
| 56 |
|
| 57 |
-- |
| 58 |
Best regards, |
| 59 |
Michał Górny |
Archives