keeping spare-time-contributors happy
Jesse Keating
jkeating at redhat.com
Sun Sep 2 17:27:51 UTC 2007
On Sun, 02 Sep 2007 19:04:48 +0200
Hans de Goede <j.w.r.degoede at hhs.nl> wrote:
> Also and maybe even more so I find the speed at which requested
> updates get pushed unacceptable. Take this one for example:
> https://admin.fedoraproject.org/updates/F7/id3lib-3.8.3-17.fc7
>
> 3 days and 6 hours! And that was a security update!
That blame lies on me. Since all packages are now signed with the
Fedora key, we do not want to share that key with any more people than
we already have. Instead we would like to create a signing server that
would allow us to grant accounts permission to use a key without them
having to know the key passphrase. This will open up updates pushing
to more than just me, and when that happens things can get pushed
faster. Although once we hook up some sort of dep checker to the
process you'll likely not get more than one push per day as it is
extremely lengthy to generate a multilib set with the potential updates
and then check the deps across our now huge package set. Suffice to
say that once a day pushes may be a reasonable expectation.
--
Jesse Keating
Fedora -- All my bits are free, are yours?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20070902/a6b97a00/attachment.sig>
More information about the Fedora-maintainers
mailing list