FESCo wants to ban direct stable pushes in Bodhi (urgent call for feedback)
awilliam at redhat.com
Sat Feb 27 00:07:10 UTC 2010
On Fri, 2010-02-26 at 14:56 -0600, Mike McGrath wrote:
> Do we know how other distros deal with this?
I can speak for Mandriva. Mandriva has /main and /contrib repositories
(and a couple of others for non-free stuff, but that's not important in
this context). /main contains officially-supported packages; around half
of the total. It'd be a bit like the old Core / Extras split, except
rather more in Core and rather less in Extras.
Maintainers are not allowed to directly push updates to /main, ever. All
updates must be sent to a testing repository with a clear explanation of
the update's purpose; this usually means a security advisory number, or
a bug number. By policy, updates should contain the minimum changes
necessary to fix the specific issue(s) addressed (though sometimes this
rule is somewhat bent). All updates are gatekept by the security team,
though the testing repository is available to anyone, and security team
takes account of feedback on the /testing builds (so if the userbase
notices they're broken, that word gets back to the devs / security team
and the update will be rejected until it's fixed).
/contrib runs more on the honor system. Maintainers are in charge of
pushing updates there, and can do it directly if they so choose. There
is a /contrib/testing repository they can choose to use to have their
updates tested before being pushed. Most maintainers are fairly careful
not to push broken updates to /contrib, in practice.
Of course, Mandriva also has separate /backports repositories for
non-bugfix/security updates. As I've mentioned before. Which changes the
equation slightly (if you just want to send out Shiny New Version 2.0,
it goes out as a backport, not an update).
There's never been any significant friction over the system that I
recall. Maintainers don't seem to be particularly unhappy with it. It
would probably be much more fractious without the backports system,
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
More information about the devel