changes are still needed

Sun Jun 12 05:30:59 UTC 2005

Quoting Pekka Savola <pekkas at netcore.fi>:

> OK, almost a week has passed since the last message on this thread.  I
> think we need to decide what to do.

Sorry, I've not been available lately.

> I've seen at least the following proposals:
> 
>   1) 1 VERIFY vote needed (for any version), after that packages are
> published after 2 weeks of timeout unless needswork/discuss or issues
> are identified.

If we assume the person who created the package has done some QA before
submitting it for QA, then one vote could be seen as two, unless that
only vote is from the creator. I'm not sure why some/most package creators
don't submit QA feedback on their own packages, but maybe we can get
them to do so in the future?

Anyway, if the creator posts a QA, this would guarantee all packages get
released in 2 weeks.  I like that everything gets out, but I think 2 weeks
is maybe too fast for only the creator doing QA (possibly on only one OS
version for a patch that covers multiple OS versions).  See my concern
here?

I guess you could modify it as "1 VERIFY from someone other than the
package/patch creator" but...

>   2) 2 VERIFY votes are needed (for any version), after that packages
> are published after 2 weeks of timeout unless needswork/discuss or
> issues are identified.

I like this one, and could live with it.  Even if the creator does a QA,
the creator must do multiple OS version QA, or we still need someone else
to do QA. This is much better than #1 because a creator can't force an
otherwise untested package out the door.

>     a) timeout is counted from the first VERIFY
>     b) timeout is counted from the second VERIFY

It seems to be logical it would have to be after the second, since there
could be more than 2 weeks between the first and second...

>   3) 2 VERIFY votes are needed (for any version), after that packages
> are published after at most 4 weeks of timeout after the first verify,
> but two weeks after the second, unless needswork/discuss or issues are
> identified.

I think this is the very best.  I'd also be able to settle for a modified
version:

1 verify vote (for any version) plus 4 weeks of no activity, or 2 verify
votes (for any version) and 2 weeks of no activity after the first
verify vote.

The above modification means everything is released (if the creator
does a QA) after at most 4 weeks...

>   4) 2 VERIFY votes are needed (for any version), after that packages
> are published after 4 weeks of timeout unless needswork/discuss or
> issues are identified.

No, as a package might never get released if we don't get the 2 votes.
And that would seem to be a problem.

> 1) or 2) are OK by me.  I could also live with 3) but I think it's
> overly complex. 4) does not seem like a sufficient change.

See my above comments.  I only agree with you 100% on the idea that
#4 won't help, and hence isn't in consideration.

> Let's have the opinions by Monday, and make the decision then?  We
> can't stall anymore.

Agreed.  Sorry I've been absent, but life marches on whether I like it
or not.

> --
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

-- 
Eric Rostetter