Again: EOL Policy for Fedora Extras
Thorsten Leemhuis
fedora at leemhuis.info
Sat Feb 18 20:43:07 UTC 2006
Am Samstag, den 18.02.2006, 20:59 +0100 schrieb Michael Schwendt:
> On Sat, 18 Feb 2006 19:30:14 +0100, Thorsten Leemhuis wrote:
>
> > We still have no defined EOL Policy for Fedora Extras -- there were some
> > ideas and concepts floating around, but no real policy came out of it so
> > far. I'd really like to get this solved somehow soon. That's why I'm
> > writing this mail.
>
> Long mail, short story: Do we agree on common goals with regard to FE?
Well, we're a lot of packagers now and in such a large group the goals
that people have will always be a bit ^w^w different.
> I'm not sure we do. Instead of discussing EOL policy bottom-up for FE3,
> how about we discuss in general _what_ we at Fedora Extras _try_ to offer?
Feel free to start a detailed discussion. I wrote enough long mails
already today ;-) I'll see what comes out of the discussion or jump in
when I feel a need for it.
> [...]
> > - It's Extras. It's unsupported by nature.
> That's brain-fart type of comment. Suitable for flame-wars, not for
> serious attempts at discussing this issue. Hopefully we all know what kind
> of "support" Fedora Extras is about.
I can agree here, but...
> > - How many fire and forget packages are sitting in Extras?
>
> Same here. :( Let's shut down the whole show just because of a few black
> sheep.
...I have to disagree here. Nobody talked about "shutting down the whole
show" (well, not until now). We have no security SIG or something
similar yet that watches security mailing-lists or fixes packages if the
maintainer does not act im time. So this question is okay here IMHO (and
was not from me in the beging, I just quoted it).
> > And some concrete plans:
>
> > - shove FE3 into a Maintenance state for now -- no new packages, no big
> > updates but still updates in case of security problems
>
> What is "concrete" about this suggestion?
This part at the end of my original mail:
- shove FE3 into a Maintenance state for now -- no new packages, no big
updates but still updates from the usual maintainers in case of security
problems
[...] but how to we make sure that the
Extras packagers still maintain their stuff? We can't. We need a
Security SIG that oversees this and jumps in when the maintainer forgets
to fix his package. FE4 would benefit from such a Security SIG, too.
And even if we shove FE3 into a Maintenance state -- we need to define a
EOL date for FE3 in any case. When? Release of FC6? FC7? When legacy
drops the belonging Fedora Core?
> It's just another proposal
> which doesn't suggest _who_ performs the updates.
Maintainer -> If not the security SIG jumps in -- we need such a SIG
anyway afaics.
> Assume that some
> packagers will _refuse_ releasing updates for a legacy FC.
Sure.
> > - we create an extras legacy team that takes over FE3 when FC3 is
> > transfered to legacy
>
> +1 This is the only realistic suggestion. No community developer
> interest, no show.
Well, we already have community interest in a Security SIG and some
maintainer that still want to maintain FE3.
But we'll see, maybe enough people step up for FEL (Fedora Extras
Legacy). We just need to find a solution -- even if that is "There was
no community developer interest, so Fedora Extras 3 is EOL from now on."
CU
thl
--
Thorsten Leemhuis <fedora at leemhuis.info>
More information about the fedora-extras-list
mailing list