[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: RFC: Rethinking EPEL at FUDcon Lawrence 2013



On 12/06/2012 06:23 PM, Joe Julian wrote:
>> However many intermediate repos we put in place, these unstable
>> updates *have* to be allowed to go into epel-stable eventually.
>> Otherwise, we put epel-stable users at risk for unpatched security
>> flaws.
> My point is, we already do. If an admin has to lock their packages to
> specific versions to keep their system working, then they are not going
> to be getting security updates.

sounds to me that there needs to be a clean procedure on promoting from
testing to stable. My opinion would be to let the users trigger that in
cases where developers are busy with other things. So if we have
foo-1.x.rpm in epel-stable, and foo-2.y.rpm in epel-testing and I, as a
user see that it fixes bug/vulnerability/deprecates/etc. foo-1.x.rpm, I
would:

1. submit request for promotion from testing to stable,
2. ...
3. profit?

#2 can go as "need X votes in bugzilla" or "need N confirmations from
users" something tangible and simple to follow for all involved.

-- 
Dmitry Makovey
Web Systems Administrator
Athabasca University
(780) 675-6245
---
Confidence is what you have before you understand the problem
    Woody Allen

When in trouble when in doubt run in circles scream and shout
     http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]