From: "Manuel Rüger" <mrueg@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] rfc: revisiting our stabilization policy
Date: Sat, 18 Jan 2014 01:34:55 +0100 [thread overview]
Message-ID: <52D9CC2F.5000503@gentoo.org> (raw)
In-Reply-To: <alpine.LFD.2.03.1401180008060.13945@star.inp.nsk.su>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 01/17/2014 06:08 PM, grozin@gentoo.org wrote:
> On Fri, 17 Jan 2014, Tom Wijsman wrote:
>> On Fri, 17 Jan 2014 16:31:54 +0100 Ulrich Mueller
>> <ulm@gentoo.org> wrote:
>>>>>>>> On Fri, 17 Jan 2014, grozin wrote:
>>>> Maybe, a good solution is to introduce a special arch,
>>>> "noarch", for such packages (similar to what's done in the
>>>> rpm world). Then, if a package is ~noarch, it is
>>>> automatically considered ~arch for all arches. Similar for
>>>> stable. The maintainer should be able to keyword ~noarch and
>>>> to stabilize noarch. Comments?
>>>
>>> How would you handle dependencies in such a scenario? All
>>> dependencies must be keyworded or stable on all architectures,
>>> before the package can be keyworded or stabilised on noarch?
>>
>> Maybe we can let the package managers only perceive it as
>> keyworded or stable if all of its dependencies are keyworded or
>> stable on the architecture that the user runs. Then we can have
>> repoman just ignore checking dependencies' keywords when we
>> keyword or stabilize them.
> Very reasonable.
>
> Andrey
>
I think the idea itself is good, but we should not add this to
KEYWORDS directly, as it might cause some problems with older package
managers(?).
A new variable can be introduced, which will overwrite testing
keywords to stable keywords, if the var is set to "stable" and keeps
everything in KEYWORDS marked as testing otherwise.
If this var exists in an ebuild and there is a new stabilization bug,
the arch team can decide if they want to mark it stable for all
architectures (via setting the var to stable) or only for the
architecture they tested it for (if some dependencies are missing on
other architectures).
This practice ensures that at least one arch team member of any arch
tested it.
The use of the to-be-added variable could also be extended for
vulnerability fixing.
It's more important to users to deal with less vulnerabilities for a
long time than a working stable dependency tree. Because the latter
got easier with the autounmask feature in portage.
If the var is set by the maintainer to "security-fix-$bugid" and the
users add an option to their profile, it automatically sets the ebuild
to stable and prompts an info with the bugid.
Users who do not want to wait for stabilization or GLSA have a better
possibility to secure their system earlier.
The advantage in general is that quickly added fixes get a wider
testing. So stable users will also profit.
Cheers
Manuel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQJ8BAEBCgBmBQJS2cwvXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4MDA1RERERkM0ODM2QkE4MEY3NzY0N0M1
OEZCQTM2QzhEOUQ2MzVDAAoJEFj7o2yNnWNcpuwP/27np/ekt9AWHJz/OC7BpDz8
gxrE0iuocczV6m5/CejSY8GEdd26xQRdyloZ/7f74W1I5jRB/WPbHUKa0dnglZba
AG/WRJRYOao6537t5p9n6knH3Bj0wIcZl90Jox80HOXsvk/eBwZaliE+jcA+6Mat
Dcl0FVgl/b1WJZaa0aEt5st8nnW5TJ5ZTuWBG6e6shH94qAFcr8VWLOTtY1xqvHf
U1GHlynM4h+nX7BnDlhPxPf2l9XPBZNQFOAvWfvE341uZcSUpkQYfYzpo2TKdYop
oPL6hfMsHq5uggB0OvVaf4CiuCKhV3re7GVexKJE9Moigrb0v/nWCy5ApvR0Ww/N
7wozyGcWUKc/oHW3CHGAYr4wbFjjI9LjB5IVEjmEAGmJ5bq7/RViM+5slj/s9kBe
Vioti6i2vYVs4awm/HrMvremVUJ03Deh8uwVnOaggyrggRnwbxEsRxdsMCmYNkKN
2xAVvnSi2YEMSwBWvClRJwFvvrZzzsWd+t2Y/e/VqAFNvZn0H0lqZAP1+z540nzU
I7f2ym88jedwRJq41q6TgI9XaHlTFXLMcb9Hu19Xv/faUu5jHxg+ZvQtIwC/2YRy
6La1PGO9uk0wHOgixHe/bPXmZ2ArTHB6pAzgiLMpQxuahJhbGXiTmjM8qBc8IKD2
t0VP0WhLWZahQtQ21vrW
=UumH
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2014-01-18 0:35 UTC|newest]
Thread overview: 135+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-14 21:37 [gentoo-dev] rfc: revisiting our stabilization policy William Hubbs
2014-01-14 21:57 ` Michael Orlitzky
2014-01-14 22:33 ` William Hubbs
2014-01-14 22:43 ` Michael Orlitzky
2014-01-14 23:11 ` William Hubbs
2014-01-14 23:22 ` Jeff Horelick
2014-01-15 0:28 ` Tom Wijsman
2014-01-15 23:59 ` [gentoo-dev] " Duncan
2014-01-16 0:23 ` Tom Wijsman
2014-01-15 0:47 ` [gentoo-dev] " Michael Orlitzky
2014-01-15 1:08 ` Tom Wijsman
2014-01-15 1:11 ` Michael Orlitzky
2014-01-15 1:23 ` Tom Wijsman
2014-01-15 1:36 ` Michael Orlitzky
2014-01-15 2:09 ` William Hubbs
2014-01-15 2:21 ` Michael Orlitzky
2014-01-15 2:34 ` Tom Wijsman
2014-01-15 2:40 ` Michael Orlitzky
2014-01-15 3:26 ` Tom Wijsman
2014-01-15 2:46 ` William Hubbs
2014-01-16 7:28 ` Christopher Head
2014-01-16 22:44 ` Tom Wijsman
2014-01-19 22:31 ` Christopher Head
2014-01-20 0:47 ` Tom Wijsman
2014-01-23 18:12 ` [gentoo-dev] " Steven J. Long
2014-01-23 19:13 ` Tom Wijsman
2014-01-23 20:55 ` Steev Klimaszewski
2014-01-23 22:38 ` Tom Wijsman
2014-01-23 22:42 ` Peter Stuge
2014-01-23 23:50 ` Tom Wijsman
2014-01-24 0:04 ` Steev Klimaszewski
2014-01-24 3:04 ` Tom Wijsman
2014-01-24 3:52 ` Steev Klimaszewski
2014-01-24 17:26 ` Tom Wijsman
2014-01-24 18:10 ` Steev Klimaszewski
2014-01-24 19:29 ` Tom Wijsman
2014-01-24 20:29 ` Steev Klimaszewski
2014-01-24 21:55 ` Tom Wijsman
2014-01-24 10:46 ` Steven J. Long
2014-01-24 18:26 ` Tom Wijsman
2014-01-25 4:02 ` Duncan
2014-01-26 0:50 ` Peter Stuge
2014-01-26 0:59 ` Rich Freeman
2014-01-26 4:53 ` Peter Stuge
2014-01-26 11:41 ` Rich Freeman
2014-01-26 18:56 ` Peter Stuge
2014-01-26 21:35 ` Rich Freeman
2014-01-27 7:41 ` Steev Klimaszewski
2014-01-27 14:52 ` Rich Freeman
2014-01-28 2:45 ` Steev Klimaszewski
2014-01-26 22:56 ` Duncan
2014-01-26 23:40 ` Duncan
2014-01-28 12:37 ` Steven J. Long
2014-01-28 12:52 ` Alan McKinnon
2014-01-28 13:18 ` Tom Wijsman
2014-01-28 13:11 ` Tom Wijsman
2014-01-29 3:15 ` Duncan
2014-01-29 6:34 ` Steev Klimaszewski
2014-01-15 2:42 ` [gentoo-dev] " Tom Wijsman
2014-01-15 11:33 ` Sergey Popov
2014-01-15 16:57 ` Tom Wijsman
2014-01-15 17:20 ` Matthew Thode
2014-01-15 2:26 ` Tom Wijsman
2014-01-15 11:28 ` Sergey Popov
2014-01-15 0:13 ` Tom Wijsman
2014-01-15 0:50 ` Michael Orlitzky
2014-01-15 1:13 ` Tom Wijsman
2014-01-15 23:13 ` [gentoo-dev] " Duncan
2014-01-15 0:04 ` [gentoo-dev] " Tom Wijsman
2014-01-14 23:49 ` Tom Wijsman
2014-01-15 0:06 ` Andreas K. Huettel
2014-01-15 0:17 ` Anthony G. Basile
2014-01-15 0:43 ` Tom Wijsman
2014-01-15 0:38 ` Tom Wijsman
2014-01-15 0:46 ` William Hubbs
2014-01-15 1:26 ` Tom Wijsman
2014-01-15 11:40 ` Sergey Popov
2014-01-15 17:04 ` Tom Wijsman
2014-01-16 6:20 ` Sergey Popov
2014-01-16 15:54 ` Peter Stuge
2014-01-16 17:56 ` Rich Freeman
2014-01-16 18:04 ` Alan McKinnon
2014-01-16 18:26 ` Peter Stuge
2014-01-16 20:18 ` Alan McKinnon
2014-01-16 20:40 ` Peter Stuge
2014-01-16 18:11 ` Peter Stuge
2014-01-16 18:42 ` Rich Freeman
2014-01-16 19:29 ` William Hubbs
2014-01-16 19:59 ` Peter Stuge
2014-01-16 22:49 ` Tom Wijsman
2014-01-15 3:48 ` grozin
2014-01-15 4:49 ` William Hubbs
2014-01-15 5:07 ` Robin H. Johnson
2014-01-15 8:03 ` Dirkjan Ochtman
2014-01-15 8:18 ` Hans de Graaff
2014-01-15 16:11 ` [gentoo-dev] " Michael Palimaka
2014-01-15 9:54 ` [gentoo-dev] " Michał Górny
2014-01-15 12:51 ` Rich Freeman
2014-01-15 21:41 ` [gentoo-dev] " Duncan
2014-01-15 11:24 ` [gentoo-dev] " Sergey Popov
2014-01-15 11:30 ` Sergey Popov
2014-01-15 15:30 ` William Hubbs
2014-01-16 6:17 ` Sergey Popov
2014-01-17 6:06 ` grozin
2014-01-17 7:02 ` grozin
2014-01-17 7:58 ` Matt Turner
2014-01-17 15:02 ` Rich Freeman
2014-01-17 15:02 ` Michał Górny
2014-01-18 1:35 ` William Hubbs
2014-01-17 15:31 ` Ulrich Mueller
2014-01-17 16:47 ` Tom Wijsman
2014-01-17 17:08 ` grozin
2014-01-18 0:34 ` Manuel Rüger [this message]
2014-01-17 18:28 ` Ciaran McCreesh
2014-01-17 23:56 ` Tom Wijsman
2014-01-18 12:59 ` [gentoo-dev] arch="any" (Re: rfc: revisiting our stabilization policy) Steven J. Long
2014-01-17 17:07 ` noarch packages, was Re: [gentoo-dev] rfc: revisiting our stabilization policy grozin
2014-01-19 8:36 ` Mike Frysinger
2014-01-19 9:28 ` Add a KEYWORD representing any arch (was: Re: [gentoo-dev] rfc: revisiting our stabilization policy) Pacho Ramos
2014-01-19 9:46 ` [gentoo-dev] Re: Add a KEYWORD representing any arch Ulrich Mueller
2014-01-19 10:15 ` Pacho Ramos
2014-01-20 19:25 ` Steev Klimaszewski
2014-01-22 15:46 ` Jeroen Roovers
2014-01-19 9:48 ` Add a KEYWORD representing any arch (was: Re: [gentoo-dev] rfc: revisiting our stabilization policy) Mike Frysinger
2014-01-17 21:04 ` [gentoo-dev] rfc: revisiting our stabilization policy Maciej Mrozowski
2014-01-15 18:33 ` Thomas Sachau
2014-01-15 19:07 ` William Hubbs
2014-01-16 0:58 ` Steev Klimaszewski
2014-01-16 2:32 ` Robin H. Johnson
2014-01-16 5:47 ` Steev Klimaszewski
2014-01-19 11:06 ` Thomas Sachau
2014-01-16 6:27 ` Sergey Popov
2014-01-16 7:15 ` [gentoo-dev] " Michael Palimaka
2014-01-15 19:13 ` [gentoo-dev] " Ruud Koolen
2014-01-15 21:54 ` [gentoo-dev] " Martin Vaeth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52D9CC2F.5000503@gentoo.org \
--to=mrueg@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox