RPM submission procedure
Michael Schwendt
ms-nospam-0306 at arcor.de
Thu Jan 8 02:12:10 UTC 2004
On Wed, 7 Jan 2004 18:11:21 -0500, Eric S. Raymond wrote:
> If you look at <http://dag.wieers.com/home-made/apt/mega-merge.php>,
> you'll see that this group describes itself as "The Red Hat/Fedora
> authoritative packager list".
Marketing.
> (2) RPMs must meet Fedora QA standards.
I appreciate that you're trying to push Fedora Extras forward. But
"Fedora QA standards" are not an open thing yet. Actually, not even
packaging guidelines or policies exist yet.
> Repository maintainers must
> expect their submission, test and build procedures to be audited,
> and will be dropped from the list of authoritative repositories if
> they fail to meet standards.
Get them to not offer competing sets of packages. Or who will test all
possible permutations of packages from repo X used together with
alternative versions of dependencies found in repo Y and Z? And why not
review packages prior to release? And what are the "standards" and who
defines them? And what to do when the individual packager, with hits
several hundreds of packages to maintain, can't catch up with security
fixes due to lack of time or package updates during vacation? I still
think a community project would be superior.
> I doubt you'd get any pushback on these requirements. And the cost of
> QA-monitoring these repositories would undoubtedly be lower than the
> cost of building and maintaining one big repository of your own. You'd
> win fairly big on the download costs alone.
In theory, enough human resources provided, it should be possible to take
over a src.rpm from an arbitrary repository, review it and publish it
elsewhere.
--
More information about the fedora-devel-list
mailing list