critpath approval process seems rather broken
Tim Flink
tflink at redhat.com
Mon Apr 11 07:24:44 UTC 2011
On 04/09/2011 05:31 AM, drago01 wrote:
> On Sat, Apr 9, 2011 at 12:57 PM, Tomasz Torcz <tomek at pipebreaker.pl> wrote:
>> On Sat, Apr 09, 2011 at 05:32:04AM +0200, Kevin Kofler wrote:
>>> Will Woods wrote:
>>>> In fact, there's plenty of approvers available, but you're not engaging
>>>> with them. They might not know how to test libtiff, or what needs
>>>> testing, so other stuff gets tested first.
>>>
>>> The fact is, this is a SECURITY UPDATE and as such it should go out even
>>> without testing. It's not acceptable to sit on security updates for weeks.
>>
>> No, security updates are not _that_ special. For example, there's
>> an avahi update in pipeline. It has broken dependencies. Pushing this
>> would broke some systems. I'm talking about:
>> https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
>
> Packages with broken dependencies should just be unpushable (autoqa
> was supposed to fix this but not sure what happend to it ...)
>
> We really should do an automated dep check before pushing updates (and
> reject those with broken deps).
Actually, we are running automated dependency checks on builds. Comments
should be re-enabled in bodhi soon (in the next couple of days unless
something changes) but as Adam said, everything is just a warning for
now - no automation is preventing the push of updates with broken
dependencies.
I may be biased, but I know that I'm looking forward to the new depcheck
and upgradepath goodness :)
Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20110411/44f93287/attachment.bin
More information about the devel
mailing list