| 1 |
Hi all, |
| 2 |
|
| 3 |
On Thu, 4 Aug 2016 11:24:43 -0500 William Hubbs wrote: |
| 4 |
> On Thu, Aug 04, 2016 at 04:15:14PM +0200, Kristian Fiskerstrand wrote: |
| 5 |
> > Dear all, |
| 6 |
> > |
| 7 |
> > the Gentoo Council will meet again on Sunday, August 14 at 19:00 UTC |
| 8 |
> > in #gentoo-council on FreeNode. |
| 9 |
> > |
| 10 |
> > Please reply to this message on the gentoo-project list with any items |
| 11 |
> > the council should put on its agenda to discuss or vote on. |
| 12 |
> |
| 13 |
> I feel that our stable tree is so far behind on all |
| 14 |
> architectures that we are doing our stable users a disservice, so I |
| 15 |
> would like to open up a discussion here, and maybe some policy changes |
| 16 |
> at the next meeting. |
| 17 |
|
| 18 |
Thank you for caring about this issue. I had similar thoughts |
| 19 |
myself, but was too slow on writing e-mail :) IMO stable tree has |
| 20 |
three problems: |
| 21 |
1) too old packages |
| 22 |
2) too few packages |
| 23 |
3) stabilization often takes too long, such stable packages are |
| 24 |
broken or buggy, while their unstable versions are fixed and work |
| 25 |
fine. (It is not possible to fix all bugs without version or |
| 26 |
revision bump, thus stabilization is needed to fix many bugs.) |
| 27 |
|
| 28 |
This results in fact that many users and some devs (including |
| 29 |
myself) do not use stable at all. |
| 30 |
|
| 31 |
> Ultimately, I think we need some form of automated stabilization, e.g. |
| 32 |
> if a package version sits in ~ for 30 days and there are no blockers at |
| 33 |
> that point, the new version should go automatically to stable on all |
| 34 |
> architectures where there is a previous stable version. |
| 35 |
|
| 36 |
Automation should be possible only after rigorous testing. If this |
| 37 |
will be implemented, than this may be done (as Brian pointed out in |
| 38 |
another mail in this thread, there is an ongoing effort on this |
| 39 |
matter as GSoC project, which is great). But I'd like to emphasize |
| 40 |
that automated stabilization without: |
| 41 |
a) build testing; |
| 42 |
b) run-time testing; |
| 43 |
c) fixing all serious open bugs affecting package being stabilized. |
| 44 |
|
| 45 |
Automation tests will definitely help here, but I'm not sure that |
| 46 |
packages can be fully tested without human intervention: |
| 47 |
- how to automatically test GUI app run-time? |
| 48 |
- how to determine which open bugs from bugzilla are serious enough |
| 49 |
to block stabilization, and which bugs shouldn't block the process? |
| 50 |
|
| 51 |
IMO automation can help with build tests, maybe limited run-time |
| 52 |
testing, but no more. |
| 53 |
|
| 54 |
> The first issue is maintainers not filing stable requests for new |
| 55 |
> versions of packages in a timely manor. I'm not sure how to get around |
| 56 |
> this, but I feel that once a version of a package is stable, we are |
| 57 |
> doing a disservice to our stable users by not keeping stable as current |
| 58 |
> as possible. I am as bad as anyone; it is easy to forget to file |
| 59 |
> stable requests until someone pings me or files the request |
| 60 |
> themselves. |
| 61 |
|
| 62 |
We have another problem: arch teams often can't keep up with |
| 63 |
stabilization requests, they are hanging for months, I even have |
| 64 |
several bugs open for more than half a year. Storming arch teams |
| 65 |
with stabilization requests will make things even worse. |
| 66 |
|
| 67 |
> I have heard other maintainers say specifically that they do not file |
| 68 |
> stable requests unless a user asks them to, but Again, I do not feel |
| 69 |
> comfortable with this arrangement if there is an old version of the |
| 70 |
> package in stable. Users shouldn't have to ask for newer versions to be |
| 71 |
> stabilized; this should be driven by the maintainers. |
| 72 |
|
| 73 |
I usually stabilize versions when they are too old or I have a user |
| 74 |
request. The idea is not to stabilize as often as unstable version |
| 75 |
is updated, since arch teams are unable to keep up even with |
| 76 |
request rate they have now. |
| 77 |
|
| 78 |
> The second issue is slow arch teams. Again, by not moving packages from |
| 79 |
> ~ to stable, we are doing a disservice to our stable users. |
| 80 |
|
| 81 |
And here comes my idea. We need an approved policy of how to remove |
| 82 |
packages from stable (I'll name this procedure as "dekeywording" |
| 83 |
below). Right now we only have a mention in the devmanual, that arch |
| 84 |
teams must be informed via a bug [1] on dekeywording. But we have no |
| 85 |
determined time frame, nor policy about reverse dependencies. |
| 86 |
|
| 87 |
I propose to empower maintainers to remove packages from stable if |
| 88 |
arch team can't stabilize package within 3 months. Of course, time |
| 89 |
counts from a point when there are no blockers for stabilization; |
| 90 |
if arch team finds a problem blocking stabilization, timer is reset |
| 91 |
and will start again only after maintainer will fix the issue. |
| 92 |
|
| 93 |
So if 3 months have elapsed, maintainer should notify arch team and |
| 94 |
all reverse deps that package will be removed from stable tree. For |
| 95 |
reverse deps this means that they will be removed from stable as |
| 96 |
well if dependency is hard or will have some USE flag(s) stable |
| 97 |
masked if dependency is optional. |
| 98 |
|
| 99 |
Now we have few questions: |
| 100 |
|
| 101 |
1) Should all reverse dependencies be just CC'ed on original |
| 102 |
dekeywording bug or should separates bugs be created for every |
| 103 |
reverse dep package? Apparently reverse dep tree can be quite large. |
| 104 |
|
| 105 |
2) For how long maintainer should wait after dekeywording bugs will |
| 106 |
be created before taking actual action? I suppose 1 month should be |
| 107 |
same (the same as for last-rites). |
| 108 |
|
| 109 |
3) What to do if dekeywording affects @system or other widely used |
| 110 |
packages? |
| 111 |
|
| 112 |
4) Of course 3+1 month waiting period can be discussed and |
| 113 |
tuned here. |
| 114 |
|
| 115 |
The very idea of this proposal is to create a mechanism of removing |
| 116 |
packages from stable if arch team can't keep up with them, so we'll |
| 117 |
have a natural selection of packages in stable. |
| 118 |
|
| 119 |
Now one more question comes: if package was removed from stable, |
| 120 |
will be there any policies to keep it from entering stable for a |
| 121 |
while? Obviously flipping packages to and from stable will make no |
| 122 |
good for both users and arch teams. Probably we should ban such |
| 123 |
packages from being requested for stabilization for a while (e.g. |
| 124 |
for 3 months). Of course, exceptions can be made, e.g. if such |
| 125 |
package becomes a hard dependency of @system package an so on. |
| 126 |
|
| 127 |
> I can think of two ways we can improve our situation. |
| 128 |
> |
| 129 |
> We can allow maintainers to stabilize new versions of certain types of |
| 130 |
> packages on all arches where there is a previous version of the package stable |
| 131 |
> without filing stable requests. This would take a significant load off |
| 132 |
> of the arch teams. |
| 133 |
> |
| 134 |
> For packages that do not fit the first group, we could require stable |
| 135 |
> requests, but allow maintainers to stabilize the new versions after a |
| 136 |
> timeout (I would propose 30 days). |
| 137 |
|
| 138 |
If maintainer has host(s) with stable tree where package can be |
| 139 |
tested on arch in question, then yes, this should be done. |
| 140 |
Otherwise we'll just add undertested packages in stable which |
| 141 |
will undermine the very idea of stable. |
| 142 |
|
| 143 |
[1] https://devmanual.gentoo.org/keywording/index.html |
| 144 |
|
| 145 |
Best regards, |
| 146 |
Andrew Savchenko |
Archives