a plan for updates after end of life
Horst H. von Brand
vonbrand at inf.utfsm.cl
Mon Feb 11 21:31:29 UTC 2008
Patrice Dumas <pertusus at free.fr> wrote:
> On Sun, Feb 10, 2008 at 01:32:50PM -0900, Jeff Spaleta wrote:
> > On Feb 10, 2008 11:30 AM, Patrice Dumas <pertusus at free.fr> wrote:
> > > It is not something that can be easily done. The metric which makes the
> > > most sense to me today is: has somebody brought an issue with the
> > > maintainer work toward the relevant commitee (in that case I guess it
> > > would be the UAEL SIG) and the commitee decided to orphan the package.
> > > Just like in Fedora. Agreed it is not a perfect process, but there is no
> > > reason to have a better one for UAEL.
> > What about we also put a branch expiration latch on the ratio of
> > maintainers to packages that must be maintained as part of UAEL?
> The number of package is (almost) never a good metric. Indeed some
> packages are quite hard to maintain (the kernel for example) while
> others are easy to maintain, either because they are simple. Also some
> packages may be kept synchronized with a fedora version. The kernel may
> not be that hard to maintain, in the end, if the kernel of a stable
> fedora release can be used as soon as a security issue is found.
And how do you propose to measure that? AFAIU, that hasn't been determined
for Fedora now. And an older package means more work backporting fixes.
> > Require the number of total number of maintainers to packages in UAEL
> > to be above some reasonable bar. And additionally require that each
> > maintainer of a 'core' UAEL package keep their load with respect to
> > UAEL below a certain number of packages.
> That looks like a possible idea. What we could do is ask the maintainer
> for the time he has to devote to UAEL,
Who guarantees that nobody has delusions about the time available to them?
> and assign weights to packages
> based on their complexity and easyness to update following fedora
> packages.
Who does the weighting?
> But, first, we should do that in fedora proper before, and second I
> don't thinkt hat the result will be much more reliable.
Right. But as was said, Fedora has its own regulation: It times out at
EOL. Developers/package maintainers plan for that and move on.
> > The goal would be to minimize a situation where a small number of
> > people are being overwhelmed and getting into a situation where things
> > a spread too thin for a long period of time after initial interest in
> > the branch as dropped.
> Once again it is the same in fedora. There is an obvious difference,
> there can be more branches in UAEL, but more branch doesn't necessarily
> mean more work, if they can be kept synchronized when security issues
> are discovered (and it is more or less the plan for UAEL).
What is the use of a Fedora 8 after EOL if any packages with significant
problems are simply taken from later Fedoras? I for one wouldn't trust
such a chimaera, I'd prefer just taking the later version of the
distribution in that case. The whole point of a distribution for me is that
it gives me a coherent set of packages that "somebody" has checked that
they work well together.
--
Dr. Horst H. von Brand User #22616 counter.li.org
Departamento de Informatica Fono: +56 32 2654431
Universidad Tecnica Federico Santa Maria +56 32 2654239
Casilla 110-V, Valparaiso, Chile Fax: +56 32 2797513
More information about the fedora-devel-list
mailing list