FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)

Mon Mar 1 16:13:09 UTC 2010

On Sat, 2010-02-27 at 02:52 +0100, Kevin Kofler wrote:
> Adam Jackson wrote:
> > By my count, that's three misrepresentations in one paragraph.  I
> > certainly hope they were not deliberate.
> 
> I'm not deliberately misrepresenting anything or anyone, I just stated my 
> perception of the facts. It may well be that I missed some details in the 
> hectic and chaotic discussion.

But you did not state your perception of facts.  You stated your
perception _as_ fact.

And as a result, you generated yet more chaotic discussion.  Nice work.

> > A more parsimonious explanation is that Matthew's simply been busy the
> > last few days and hasn't gotten around to it yet.  Again, this may or
> > may not be true, but Occam's Razor suggests it's more likely.
> 
> The problem is, when will it be ready? If it's ready on Tuesday afternoon 
> and the vote gets done on Tuesday evening, that's too short a notice to 
> gather appropriate feedback.

If it's ready on Tuesday afternoon, what makes you think anyone's going
to have time to read it thoroughly enough to be able to vote on it?  Are
you implying you're the only one on fesco that actually considers the
proposal they're asked to vote on?

> > You create package A.  Someone else has created package B, with a
> > triggerin script on A, unbeknownst to you, and you don't have B
> > installed.  Your testing of A will not reflect the experience of anyone
> > with B installed.  B's triggerin script might rm -rf /, for example.
> 
> Uh, why do we even allow triggers without explicit FESCo approval (including 
> notification to the maintainers of the packages being triggered on)? They're 
> much more dangerous than linking a static library or bundling a library!

No disagreement here.  But that's sort of my point.  Packaging is
subtle, and putting controls in place to minimize disruption for
consumers is a broadly positive thing.  We should be monitoring for new
scriptlets and reviewing suspicious ones.  We should also not skip
updates-testing just because we think we're not going to break anything.

> > "Slipping through testing" is itself the problem.  It means that testers
> > aren't using testing!  We should fix the technical and UX problems that
> > make testing hard to consume.
> 
> Even if you fix all the fixable problems, testing will still not be a silver 
> bullet!

I didn't claim it would be.  And I also don't see how that's relevant.

I mean, your argument here is "it doesn't matter how good our
infrastructure for testing fixes is, it'll still not catch everything;
therefore we should allow people to bypass it if they want".  By that
argument, no prophylactic is 100% effective against diseases, therefore
people should be free to not use them if they don't want to.

You're positing A => B here.  A might be true.  B might be true.  They
might both be true!  But it's not at all clear that A implies B.

> > If I had a dollar for every obviously correct one-line fix that broke
> > something, I could probably quit this software game.
> 
> X11 is particularly dangerous for this kind of changes, given how low it is 
> in the software stack and how some code necessarily looks like (hardware 
> drivers in particular are always scary stuff). The average leaf package is 
> much less propice to breakage induced by minimal changes.

While I understand the temptation to rank package importance and
fragility by position in the dependency tree, remember that leaf
packages are why people use the OS in the first place.  No one runs
Fedora just because they think coreutils is really neat.

- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20100301/29c74618/attachment.bin 