From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1KpXvq-00039H-Vn for garchives@archives.gentoo.org; Tue, 14 Oct 2008 00:38:39 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3EDFCE039F; Tue, 14 Oct 2008 00:38:37 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 17F6FE039F for ; Tue, 14 Oct 2008 00:38:37 +0000 (UTC) Received: from gentoo.org (xray.science.oregonstate.edu [128.193.220.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id D5AFC648EE for ; Tue, 14 Oct 2008 00:38:35 +0000 (UTC) Date: Mon, 13 Oct 2008 17:38:34 -0700 From: Donnie Berkholz To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Stabilize ebuilds which use EAPIs only supported by ~arch PMs Message-ID: <20081014003834.GE23706@comet> References: <20081014000340.GA5494@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="IU5/I01NYhRvwH70" Content-Disposition: inline In-Reply-To: <20081014000340.GA5494@gentoo.org> User-Agent: Mutt/1.5.18 (2008-05-17) X-Archives-Salt: e8f6f9a2-8423-458e-b2df-3b31f531b9d2 X-Archives-Hash: c770c77cf8d4674bf40507eaab1862a8 --IU5/I01NYhRvwH70 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 02:03 Tue 14 Oct , Jose Luis Rivero wrote: > Hi all: >=20 > Reading a random discussion in our dev mailling list, I came with a > doubt about our new EAPI policy and its procedures. I couldn't find it > documented nor discussed anywhere so I bringing it here. >=20 > Supposing that anyone can currently add an ebuild using EAPI-2 under the > testing branch: what are we going to do if an EAPI-2 ebuild (which are > only managed by ~arch package managers) needs to go stable due to some > kind of major reason like security?=20 >=20 > Hypothetical case: foo-1 (eapi-0) marked as stable and foo-2 (eapi-2) > with new features marked as testing. A security problem appears > affecting both. UPSTREAM release foo-3 to solve the security issue. >=20 > There are some others sceneries but are not so common as the one presented > could be. Any decent solution for this case? There are only a few obvious ones, you'll have to pick which one you=20 like best. Most of the other options basically duplicate these in some=20 way or add more work to them for negligible gain: - Backport the ebuild from EAPI=3D2 to EAPI=3D0 - Backport the security patch to the EAPI=3D0 ebuild - Stabilize portage quickly --=20 Thanks, Donnie Donnie Berkholz Developer, Gentoo Linux Blog: http://dberkholz.wordpress.com --IU5/I01NYhRvwH70 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEABECAAYFAkjz6goACgkQXVaO67S1rtsprwCgy79UzNnxhBPZZvStH5CjTlI7 ON0An1Tqalt4fIJ9cq21ooN6iUY8NoVD =G+8m -----END PGP SIGNATURE----- --IU5/I01NYhRvwH70--