Broken deps in the stable release are not acceptable
Christopher Aillon
caillon at redhat.com
Sat Dec 29 17:43:54 UTC 2007
On 12/29/2007 04:17 PM, Rahul Sundaram wrote:
> Christopher Aillon wrote:
>> On 12/29/2007 02:32 AM, Rahul Sundaram wrote:
>>> Christoph Wickert wrote:
>>>> I completely agree with you. Maybe we could say that updates are
>>>> allowed
>>>> to bypass testing if they fix
>>>> a) serious bugs
>>>> b) bugs marked as "urgent"
>>>> c) broken deps
>>>
>>> b) isn't a good criteria since anybody can mark any bug as urgent. If
>>> the priority field in bugzilla is restricted to package maintainers
>>> and triagers, I would agree with you.
>>
>> The same maintainer who marks "push right to stable" can tweak the
>> field before they submit the update and you won't have solved anything.
>
> Even if it had a strict set of rules and maintainers are going to abuse
> the system,
Hey dude, I wasn't the one agreeing with a set of rules, that was you.
I'm just saying it's unwise to agree with a set of rules that can still
be worked around easily.
> they can mark any update as a critical security update and
> push it through too but then it is much more easier to point out who is
> responsible compared to users just marking a random bug as a high
> priority one.
I just noticed that nobody sent out a FESCo Meeting Summary for
2007-09-27[1]. There, we approved
http://fedoraproject.org/wiki/LubomirKundrak/SecurityUpdateProcessDraft
so the Fedora Security Response team would have to approve it before it
gets released as a security advisory.
[1] At least there's a log at
http://bpepple.fedorapeople.org/fesco/FESCo-2007-09-27.html
Nobody's implemented that yet, though... Luke? This would be quite nice
to get done... :-)
More information about the fedora-devel-list
mailing list