Pushing updates for Fedora 7

[Jesse Keating]

On Sunday 03 June 2007 10:12:49 Ralf Corsepius wrote:
> IMO, this has to be balanced on a case by case basis.

I don't disagree one bit.  That's why it is important that things use the 
update tool and mark themselves as security updates and whatnot.

> * Does a broken update get installed at all or will yum refuse to
> install it due to broken deps?

It depends on what is broken.  If you don't have the app that is broken, 
you'll get the update.  Only if you have that app that is broken will you see 
the broken deps, and then you can decide whether or not to remove said broken 
app or skip update.

> * Does postponing a security update for a few hours until things get
> "cleaned up" really hurt? In some cases it will, in most it will not.

ACK

> * Consider mirrors: Do security updates get immediately pushed to
> mirrors or will mirrors pull them with a several hours or days delay?
> Given the "out-of-syncness" many mirrors are in, delaying pushing
> packages by a couple of hours doesn't really make a difference.
>
> * Consider users: Many don't upgrade immediately. Most probably poll at
> intervals.

Actually both these could lean in favor of releasing it immediately.  By the 
time the mirrors sync or people do their upgrade the rest of the missing 
packages could have been rebuilt and released.

But all in all I definitely agree this has to be a case by case issue, one 
that is hopefully discussed within releng and the security team.

-- 
Jesse Keating
Release Engineer: Fedora
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20070603/b0cc5e3a/attachment.sig>