Proposed udpates policy change

Martin Langhoff martin.langhoff at gmail.com
Mon Mar 8 23:28:45 UTC 2010 

On Mon, Mar 8, 2010 at 4:59 PM, Matthew Garrett <mjg59 at srcf.ucam.org> wrote:
> The future
> ----------
>
> Defining the purpose of Fedora updates is outside the scope of Fesco.
> However, we note that updates intended to add new functionality are more
> likely to result in user-visible regressions, and updates that alter ABI
> or API are likely to break local customisations even if all Fedora
> packages are updated to match.

Thanks to you, Fesco and all developers working on this. There is
something that everyone seems to be missing on this track, and I'd
like to bring some attention to it.

Distros do integration work, and the main thrust of the QA work around
a release is that all the packages work nicely _together_, that all
the subtle interactions interact the right way.

Updates are always risky. There is no doubt that the updated package
worked fine for the maintainer, and yet we see updates bombing out
spectacularly relatively often. This is because pushing out a single
package update is what a maintainer does, but this "package focus"
undermines what the distro does -- _integration_.

Small, low-risk bugfix updates respect that distro-wide goal. Major
risky updates disregard that goal -- yes, a specific package is new!
improved! but the implicit social contrct with your end users ("a
nicely integrated OS") is broken because the time and effort to shake
out the subtle integration issues were skipped.

>From an OLPC PoV, major updates are rather troubling. We put together
two OSs based on Fedora (XO and XS OSs). We test the integrated OS
quite a bit ("we" being an outstanding team of volunteers around the
world), and we override a few packages, some of them very tightly
coupled to the platform (that is -- likely victims of subtle
interactions that may go haywire on a major update).

Given that, wearing my "XS lead dev" hat, I hope that Fedora focuses
its "update" policy on the safe, sane, low-risk bugfixes. Otherwise,
downstream projects that do careful QA are between a rock and a hard
place -- between taking potentially exploding updates or ignoring
updates altogether... and missing out on important bugfixes.

cheers,



m
-- 
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff

More information about the devel mailing list