1 |
On Tue, Dec 04, 2018 at 04:41:32AM +0100, Michał Górny wrote: |
2 |
> On Mon, 2018-12-03 at 19:16 -0500, Aaron Bauman wrote: |
3 |
> > > On 25.11.2018 15:31, Mart Raudsepp wrote: |
4 |
> > > > In two weeks from now, there will be a council meeting again. Now is |
5 |
> > > > the time to raise and prepare agenda items that you want us to discuss |
6 |
> > > > and/or vote upon. |
7 |
> > > > |
8 |
> > > > Please respond to this message on the gentoo-project mailing list with |
9 |
> > > > agenda items. |
10 |
> > > > The final agenda will be sent out on 2018-12-02, so please make sure |
11 |
> > > > you post any agenda items before that, or we may not be able to |
12 |
> > > > accommodate it into the next meeting. |
13 |
> > > > |
14 |
> > > > The meeting itself will happen on 2018-12-09 19:00 UTC [1] in the |
15 |
> > > > #gentoo-council FreeNode IRC channel. |
16 |
> > > > |
17 |
> > > > |
18 |
> > > > 1. https://www.timeanddate.com/worldclock/fixedtime.html?iso=20181209T19 |
19 |
> > > > |
20 |
> > > > |
21 |
> > > > Thanks, |
22 |
> > > > Mart Raudsepp |
23 |
> > |
24 |
> > I would like to propose, once again, that the council vote on the |
25 |
> > following items: |
26 |
> > |
27 |
> > 1. The council approves all architectures that are maintained as stable |
28 |
> > architectures. |
29 |
> > - e.g. alpha, amd64, arm, arm64, ia64, ppc, ppc64, and x86. |
30 |
> > |
31 |
> > Conversely, the council also may remove/drop such architectures as |
32 |
> > needed (c.f. item 2). |
33 |
> |
34 |
> What happens if Council votes 'no' to this item? Do all arches become |
35 |
> unstable? |
36 |
> |
37 |
|
38 |
Of course not, that would be silly. I suppose better wording would have |
39 |
been something like: |
40 |
|
41 |
"The council will begin approving the addition and removal of all |
42 |
architectures considered stable. Upon approval of this item, all |
43 |
current stable architectures will remain." |
44 |
|
45 |
> Don't introduce votes for confirming status quo because they make no |
46 |
> sense. If there's a specific change you're proposing, propose it |
47 |
> and be specific so that people can discuss it ahead of time. |
48 |
> |
49 |
|
50 |
Ugh... status quo? I am not sure how this is status quo... |
51 |
|
52 |
> > 2. The council approves that all stable architectures are subsequently |
53 |
> > determined to be security supported. Thus, an architecture may not be |
54 |
> > stable and *not* security supported. This disparity has implications in |
55 |
> > processes and timeliness of actions taken to mitigate vulnerabilities |
56 |
> > reported. |
57 |
> > - e.g. amd64 is approved as stable arch and thus is security supported. |
58 |
> > - e.g. arm is dropped as a stable arch thus is no longer security supported. |
59 |
> > |
60 |
> > Overall, both of these items will provide a much clearer understanding |
61 |
> > of how security is able to proceed with mitigating vulnerabilities in |
62 |
> > the tree, how users view and understand what architectures are stable |
63 |
> > and security supported, and allow the security team and maintainers a |
64 |
> > clearer/cleaner process to follow. |
65 |
> > |
66 |
> |
67 |
> Are you asking the Council to make a policy for security team, |
68 |
> or to override the existing policy of security team? Because this |
69 |
> sounds like you're implying that security team can't make up their mind. |
70 |
> |
71 |
|
72 |
Absolutely, but we have the GLEP draft in the open now. So, here we go. |
73 |
|
74 |
> Also, if the Council votes 'yes', what happens next? Does security |
75 |
> accept all stable arches? Do stable arches get demoted implicitly based |
76 |
> on security project considerations? |
77 |
> |
78 |
|
79 |
Yes, we would accept all stable arches as security supported. |
80 |
|
81 |
No, security would simply petition the council should an arch need to be |
82 |
removed from stable. |
83 |
|
84 |
> -- |
85 |
> Best regards, |
86 |
> Michał Górny |
87 |
|
88 |
|
89 |
|
90 |
-- |
91 |
Cheers, |
92 |
Aaron |