Broken deps in the stable release are not acceptable
Luke Macken
lmacken at redhat.com
Tue Jan 1 14:26:32 UTC 2008
On Sat, Dec 29, 2007 at 06:43:54PM +0100, Christopher Aillon wrote:
> On 12/29/2007 04:17 PM, Rahul Sundaram wrote:
>> Christopher Aillon wrote:
>>> On 12/29/2007 02:32 AM, Rahul Sundaram wrote:
>>>> Christoph Wickert wrote:
>>>>> I completely agree with you. Maybe we could say that updates are
>>>>> allowed
>>>>> to bypass testing if they fix
>>>>> a) serious bugs
>>>>> b) bugs marked as "urgent"
>>>>> c) broken deps
>>>>
>>>> b) isn't a good criteria since anybody can mark any bug as urgent. If
>>>> the priority field in bugzilla is restricted to package maintainers and
>>>> triagers, I would agree with you.
>>>
>>> The same maintainer who marks "push right to stable" can tweak the field
>>> before they submit the update and you won't have solved anything.
>>
>> Even if it had a strict set of rules and maintainers are going to abuse
>> the system,
>
> Hey dude, I wasn't the one agreeing with a set of rules, that was you. I'm
> just saying it's unwise to agree with a set of rules that can still be
> worked around easily.
>
>> they can mark any update as a critical security update and push it through
>> too but then it is much more easier to point out who is responsible
>> compared to users just marking a random bug as a high priority one.
>
> I just noticed that nobody sent out a FESCo Meeting Summary for
> 2007-09-27[1]. There, we approved
> http://fedoraproject.org/wiki/LubomirKundrak/SecurityUpdateProcessDraft so
> the Fedora Security Response team would have to approve it before it gets
> released as a security advisory.
>
> [1] At least there's a log at
> http://bpepple.fedorapeople.org/fesco/FESCo-2007-09-27.html
>
> Nobody's implemented that yet, though... Luke? This would be quite nice to
> get done... :-)
The code has been written and will make its way out with the next bodhi upgrade.
luke
More information about the fedora-devel-list
mailing list