Round-up, 2004-09-09
Panu Matilainen
pmatilai at welho.com
Thu Sep 9 19:42:21 UTC 2004
On Thu, 2004-09-09 at 21:01, Eric Rostetter wrote:
> We want to avoid releasing broken packages at all costs.
Doesn't everybody... but not really at ALL costs.
>
> But we shouldn't stop a functioning, tested patch that fixes a security
> problem be delayed just because a second problem is found in the same
> package.
>
> If the first problem is fixed and tested, it should be released even
> if another (existing) problem is identified with that package. Waiting
> until all known problems are fixed just delays releases for ever, discourages
> people from testing them (since they test is no invalidated), and causes
> complaints and bad PR for the FLP.
It's very very easy to go down the road of "but how about this tiny
little thing that <somebody> just found, can we include it in this
update as well pretty pretty please". There will always be another "tiny
little thing" wanting fixing...
It's to better set an initial goal of "this package fixes CAN-xxxxx and
NOTHING else", verify "it still boots and seems to function" and publish
that than to wait for two weeks if something happens to happen during
that time which just causes the already slow verification process to
restart from the beginning. Of course if nobody votes anything then the
packager is free to fix additional things since no work is lost, but
asking people to qa->test->vote->try-new-release->qa->vote all over
again wont go anywhere, as I think we've seen here.
Oh and yes, talk is cheap. I would like to give more time to
fedora-legacy but I can't under current circumstances so feel free to
ignore me'n my ramblings...
- Panu -
More information about the fedora-legacy-list
mailing list