Signing server? (Re: Updates testing for F-11)

Christoph Wickert christoph.wickert at googlemail.com
Fri Jun 12 15:14:38 UTC 2009


Am Freitag, den 12.06.2009, 05:34 +0200 schrieb Kevin Kofler:
> Christoph Wickert wrote:
> > IMO this is something we should discuss on this list. We need to find a
> > fine balance between pushing updates in time to make maintainers happy
> > and not too many updates for the users. Maybe something like
> > security/urgent updates daily, everything else once or twice a week. But
> > this needs further discussion.
> 
> I don't see what it buys our users if they get one big update over 2 small
> ones. 

In most cases the biggest part (consuming time and cpu cycles) of the
updates is not installing them but everything else like checking for new
packages, downloading the metadata, calculating dependencies,
downloading the packages and running the transaction test. Especially
for small updates this takes much more time than the actual "rpm -U"
part.

> Plus, it'd require us to distinguish urgent vs. not urgent updates,
> and causes big issues with urgent updates accidentally depending on
> non-urgent ones. 

Good point. I did not think of that because my updates usually are at
the end of a dependency chain and if not, I put all packages that
require each other into one big update. Maintainers should be smart
enough to do it that way.
Of course it would cause problems for people waiting for other
packager's updates, but IMO this is no difference to the current
situation: If you don't ask rel-eng for a build root overwrite, you have
to wait until the dependencies are pushed before you can build you
packages.

Of course it would require some automatic dependency check from bodhi,
but this is something we should look at anyway as the recent vte update
shows.

Regards,
Christoph




More information about the fedora-devel-list mailing list