[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

updates-testing --> updates policy discussion

From: Warren Togami <warren togami com>
To: fedora-legacy-list redhat com
Subject: updates-testing --> updates policy discussion
Date: Thu, 08 Jan 2004 14:15:08 -1000

http://www.fedora.us/LEGACY

Now that we have a few potential security update packages, we must discuss the publish procedure.

We cannot just go ahead and build everything that people submit and place it into the updates-testing repository. I suggest that we need at least one preliminary check to make sure the package is a proper Legacy update (not a wild version upgrade), proper patching, and not malicious.

I suggest that we have two levels of approval, the first being necessary for "updates-testing". While in "updates-testing" we receive GPG clearsigned feedback. Perhaps further package patching will be necessary. Then after a certain threshold of positive feedback from we approve for "updates". But it matters who the feedback is from...

http://www.fedora.us/wiki/PackageSubmissionQAPolicy We need to discuss how to change this procedure for Legacy specific packages.

We also need to change the definition of "trusted" for Legacy specific packages, along with the requirements for reaching the "trusted" status.

Thoughts?

Warren

Follow-Ups:
- Re: updates-testing --> updates policy discussion
  - From: Jesse Keating

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]