[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Again: EOL Policy for Fedora Extras

Nicolas Mailhot wrote:
And I absolutely do not mean FEL should be a separate entity with no
access to FE ressources. It could be a FE SIG or something else within
FE. But there must be some coordinating structure, and package lifetimes

I think that there is enough of a negative connotation with the word "Legacy" that we should avoid calling it that. That would effectively shove it aside with the expectation that "somebody else" is supposed to be working on it.

Instead a "team" of some sort should work on organizing the security response. The "team" focuses on these tasks:
* Tracking where there are vulnerabilties
* Notifying existing maintainers

Meanwhile, the "team" and everyone else has the option of working on:
* obviously orphaned packages
* orphaned packages only in older distributions

The database created by the "team" is used in judgement of retirement metrics. If it becomes plainly obvious that the community is not willing to maintain an older distribution, then we can go through a warning period and later retire the distro.

The bug list(s), multiple owner thing, moving Core and Extras closer together, are all things that would help the above model.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]