1 |
Hi all, |
2 |
|
3 |
On Thu, 4 Aug 2016 11:24:43 -0500 William Hubbs wrote: |
4 |
> On Thu, Aug 04, 2016 at 04:15:14PM +0200, Kristian Fiskerstrand wrote: |
5 |
> > Dear all, |
6 |
> > |
7 |
> > the Gentoo Council will meet again on Sunday, August 14 at 19:00 UTC |
8 |
> > in #gentoo-council on FreeNode. |
9 |
> > |
10 |
> > Please reply to this message on the gentoo-project list with any items |
11 |
> > the council should put on its agenda to discuss or vote on. |
12 |
> |
13 |
> I feel that our stable tree is so far behind on all |
14 |
> architectures that we are doing our stable users a disservice, so I |
15 |
> would like to open up a discussion here, and maybe some policy changes |
16 |
> at the next meeting. |
17 |
|
18 |
Thank you for caring about this issue. I had similar thoughts |
19 |
myself, but was too slow on writing e-mail :) IMO stable tree has |
20 |
three problems: |
21 |
1) too old packages |
22 |
2) too few packages |
23 |
3) stabilization often takes too long, such stable packages are |
24 |
broken or buggy, while their unstable versions are fixed and work |
25 |
fine. (It is not possible to fix all bugs without version or |
26 |
revision bump, thus stabilization is needed to fix many bugs.) |
27 |
|
28 |
This results in fact that many users and some devs (including |
29 |
myself) do not use stable at all. |
30 |
|
31 |
> Ultimately, I think we need some form of automated stabilization, e.g. |
32 |
> if a package version sits in ~ for 30 days and there are no blockers at |
33 |
> that point, the new version should go automatically to stable on all |
34 |
> architectures where there is a previous stable version. |
35 |
|
36 |
Automation should be possible only after rigorous testing. If this |
37 |
will be implemented, than this may be done (as Brian pointed out in |
38 |
another mail in this thread, there is an ongoing effort on this |
39 |
matter as GSoC project, which is great). But I'd like to emphasize |
40 |
that automated stabilization without: |
41 |
a) build testing; |
42 |
b) run-time testing; |
43 |
c) fixing all serious open bugs affecting package being stabilized. |
44 |
|
45 |
Automation tests will definitely help here, but I'm not sure that |
46 |
packages can be fully tested without human intervention: |
47 |
- how to automatically test GUI app run-time? |
48 |
- how to determine which open bugs from bugzilla are serious enough |
49 |
to block stabilization, and which bugs shouldn't block the process? |
50 |
|
51 |
IMO automation can help with build tests, maybe limited run-time |
52 |
testing, but no more. |
53 |
|
54 |
> The first issue is maintainers not filing stable requests for new |
55 |
> versions of packages in a timely manor. I'm not sure how to get around |
56 |
> this, but I feel that once a version of a package is stable, we are |
57 |
> doing a disservice to our stable users by not keeping stable as current |
58 |
> as possible. I am as bad as anyone; it is easy to forget to file |
59 |
> stable requests until someone pings me or files the request |
60 |
> themselves. |
61 |
|
62 |
We have another problem: arch teams often can't keep up with |
63 |
stabilization requests, they are hanging for months, I even have |
64 |
several bugs open for more than half a year. Storming arch teams |
65 |
with stabilization requests will make things even worse. |
66 |
|
67 |
> I have heard other maintainers say specifically that they do not file |
68 |
> stable requests unless a user asks them to, but Again, I do not feel |
69 |
> comfortable with this arrangement if there is an old version of the |
70 |
> package in stable. Users shouldn't have to ask for newer versions to be |
71 |
> stabilized; this should be driven by the maintainers. |
72 |
|
73 |
I usually stabilize versions when they are too old or I have a user |
74 |
request. The idea is not to stabilize as often as unstable version |
75 |
is updated, since arch teams are unable to keep up even with |
76 |
request rate they have now. |
77 |
|
78 |
> The second issue is slow arch teams. Again, by not moving packages from |
79 |
> ~ to stable, we are doing a disservice to our stable users. |
80 |
|
81 |
And here comes my idea. We need an approved policy of how to remove |
82 |
packages from stable (I'll name this procedure as "dekeywording" |
83 |
below). Right now we only have a mention in the devmanual, that arch |
84 |
teams must be informed via a bug [1] on dekeywording. But we have no |
85 |
determined time frame, nor policy about reverse dependencies. |
86 |
|
87 |
I propose to empower maintainers to remove packages from stable if |
88 |
arch team can't stabilize package within 3 months. Of course, time |
89 |
counts from a point when there are no blockers for stabilization; |
90 |
if arch team finds a problem blocking stabilization, timer is reset |
91 |
and will start again only after maintainer will fix the issue. |
92 |
|
93 |
So if 3 months have elapsed, maintainer should notify arch team and |
94 |
all reverse deps that package will be removed from stable tree. For |
95 |
reverse deps this means that they will be removed from stable as |
96 |
well if dependency is hard or will have some USE flag(s) stable |
97 |
masked if dependency is optional. |
98 |
|
99 |
Now we have few questions: |
100 |
|
101 |
1) Should all reverse dependencies be just CC'ed on original |
102 |
dekeywording bug or should separates bugs be created for every |
103 |
reverse dep package? Apparently reverse dep tree can be quite large. |
104 |
|
105 |
2) For how long maintainer should wait after dekeywording bugs will |
106 |
be created before taking actual action? I suppose 1 month should be |
107 |
same (the same as for last-rites). |
108 |
|
109 |
3) What to do if dekeywording affects @system or other widely used |
110 |
packages? |
111 |
|
112 |
4) Of course 3+1 month waiting period can be discussed and |
113 |
tuned here. |
114 |
|
115 |
The very idea of this proposal is to create a mechanism of removing |
116 |
packages from stable if arch team can't keep up with them, so we'll |
117 |
have a natural selection of packages in stable. |
118 |
|
119 |
Now one more question comes: if package was removed from stable, |
120 |
will be there any policies to keep it from entering stable for a |
121 |
while? Obviously flipping packages to and from stable will make no |
122 |
good for both users and arch teams. Probably we should ban such |
123 |
packages from being requested for stabilization for a while (e.g. |
124 |
for 3 months). Of course, exceptions can be made, e.g. if such |
125 |
package becomes a hard dependency of @system package an so on. |
126 |
|
127 |
> I can think of two ways we can improve our situation. |
128 |
> |
129 |
> We can allow maintainers to stabilize new versions of certain types of |
130 |
> packages on all arches where there is a previous version of the package stable |
131 |
> without filing stable requests. This would take a significant load off |
132 |
> of the arch teams. |
133 |
> |
134 |
> For packages that do not fit the first group, we could require stable |
135 |
> requests, but allow maintainers to stabilize the new versions after a |
136 |
> timeout (I would propose 30 days). |
137 |
|
138 |
If maintainer has host(s) with stable tree where package can be |
139 |
tested on arch in question, then yes, this should be done. |
140 |
Otherwise we'll just add undertested packages in stable which |
141 |
will undermine the very idea of stable. |
142 |
|
143 |
[1] https://devmanual.gentoo.org/keywording/index.html |
144 |
|
145 |
Best regards, |
146 |
Andrew Savchenko |