[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Again: EOL Policy for Fedora Extras



On Sun, 19 Feb 2006 00:10:34 +0100, Patrice Dumas wrote:

> > - We are a voluntary driven project -- we can't force any packages to
> > still maintain FE3 if he has no interest in it. If we try it will fail.
> > On the other hand: We are volunteers, and if volunteers want to do
> > something, you shouldn't prevent them from doing it -- You should make
> > it as easy as possible, otherwise they will feel peed.
> 
> Why not just keep the infrastructure (enabling the fedora legacy repo) and 
> let everybody do whatever they want? If a maintainer wants to keep a 
> package alive he keeps it alive, if another only wants to correct security 
> flaws only he does it. If somebody wants to correct security issues in 
> other's packages he does it and so on. Only communication is required, 

Because this is not much different from "Fedora Legacy Team"-style
maintenance. It needs coordination. Essentially, you end up with dedicated
contributors, who are responsible for a set of packages and who do as much
package development as is necessary to not break something during upgrades
and to stay compatible/close with the non-legacy packages for current
releases of FC/FE. [You won't find many package developers who would
backport security fixes. Most would prefer shipping the latest upstream
release, even if it is a major version upgrade, which might require
upgrades of build requirements.]

> then, meaning that a packager could be able to communicate that he stops 
> maintaining a package. It could involve something similar with the orphan 
> page.

With the orphans it is simply like "no community interest, no package in
FE". Mind you, some packages are only in FE because they are build
requirements. Further, we already do quite some reviews of packages just
to support eachother. Why should a package, which doesn't find a
maintainer for several months, be kept in the repository? Do we even know
whether anybody uses it? We don't have "potentially orphaned packages"
without reason. It's the only way for a packager to drop a package
gradually, giving others an early chance to take over package ownership.

> And also something like the owners file, but with distribution 
> versions, such that it is possible to have different maintainer for 
> different fedora versions.

I don't think this would be a good idea, as I see all releases of package
"foo" as a family of packages, belonging together. So all package
maintainers of "foo" at least ought to receive copies of all bug reports
about "foo", regardless of the release version. A vulnerability in an
old version could affect the latest version and vice versa.
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]