Deep Freeze coming for Fedora 7 (and cvs branching coming too)

Tue May 15 23:43:13 UTC 2007

On Tue, 2007-05-15 at 23:11 +0200, Patrice Dumas wrote:
> On Wed, May 16, 2007 at 02:37:06AM +0530, Rahul Sundaram wrote:
> > 
> > We have packaging guidelines today to help maintainers know how to 
> > package software and having a common understanding on what is required. 
> 
> Those guidelines (except for very specific points like license) help
> having best practices, but may be ignored if in a specific situation it
> doesn't make sense, or it adds too much burden.
> 
> For example I don't follow the guideline about asking FESCo for static
> libs because in general I know better and I don't want to make those
> people lose their time. For the changelog entries it is the same. And
> there are certainly other examples.
> 
I think you're going to have to rethink your position a bit.

Unless a guideline is marked as a "should" it is mandatory.  If you
disagree with something the guidelines say is a must, the proper thing
to do is to get the guideline changed.[1]_

For changelogs, the guidelines say: "Every time you make changes, that
is, whenever you increment the E-V-R of a package, add a changelog
entry."
This means you must write a changelog entry.  The reasons are given in
the guidelines [2]_.

For static libraries, the guidelines recognize that there may be
instances where static libraries are desirable.  If you want to either
provide static libraries in a subpackage or to link against static
libraries you must ask FESCo for permission.  This check was written for
several reasons:

1) static libraries are a security hazard and there is a strong desire
to keep the libraries from being linked into packages provided by
Fedora.  This check helps FESCo and the packaging committee enforce
this.

2) The Packaging Committee realized that there are packages that need to
contravene this policy but not how many.  If there are hundreds of
libraries in Fedora requesting to ship static libraries then the
guideline must be revised to accommodate them.  If it's only a dozen
then having exceptions for those packages is sufficient.

3) The Packaging Committee realized that this draft could be made better
if we could draft a statement that covered the valid cases without
letting packages without sufficient reasons in.  However we didn't have
a large enough sample of valid packages to be able to write that yet.
By having this reported we would be able to gather information on what
rule could be made to fit this.

Deciding "not to bother FESCo" with this is not saving us time; it is
making it so someone down the line has to spend time finding which
packages are linking against static libraries without an exemption and
figure out what the proper fix is.

-Toshio

[1]_: Although this has always been the view of the packaging committee,
it is apparent that it has sometimes been a source of confusion.
(Perhaps the name "Packaging Guidelines" is unfortunate in this regard
but no one has yet been motivated to ask for a change in name.)  We did
add an intro paragraph to the guidelines a few weeks ago that clarified
this and other issues.  The relevant portion is::
'''
The Packaging Guidelines are a collection of common issues and the
severity that should be placed on them. While these guidelines should
not be ignored, they should also not be blindly followed. If you think
that your package should be exempt from part of the Guidelines, please
bring the issue to the Fedora Packaging Committee.
'''

[2]_: http://fedoraproject.org/wiki/Packaging/Guidelines#Changelogs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20070515/dcba26fc/attachment.sig>