QA's Package update policy proposal

Kevin Fenzi kevin at scrye.com
Wed Mar 10 00:13:47 UTC 2010 

On Tue, 09 Mar 2010 15:43:04 -0500
James Laska <jlaska at redhat.com> wrote:

> We'll make adjustments based on feedback so far.  But I want to point
> out that one goal for this policy is to reach consensus on a set of
> criteria that all [1] packages must adhere to in order to be accepted
> as Fedora updates.  The important word for me is "accepted".  This
> comes long before any functional or bug verification.  This is
> intended to support the fundamentals of packaging software for Fedora
> that have already been established and are used to evaluate all
> software upon entry into Fedora [2].
> 
> Some basics I'd propose as a starting point for defining acceptance
> criteria include:
> 
>      1. repoclosure/conflicts - no package update can introduce broken
>         deps or conflicts.  I'd recommend we apply this to both
>         'updates-testing' and 'updates' (but that's detailed below)
>      2. Package sanity
>               * No rpmlint failures

I think this one should not be there. Or should be heavily filtered. 
rpmlint sometimes marks things as errors that are not. 

Or at the very least we should make sure that all the things it does
mark as error really are things we would block a package for. 

Also, there are often a host of warnings... 

>               * Is the Source properly defined
>               * License review/examination (if possible)

We should at least fail for a non valid License tag, IMHO. 

>               * Upstream Source match tarball

I can provide a hackish script I used for my source file audits for
this. 

>               * Package scriptlet syntax checks
>      3. Package must be newer than previously released versions -
> can't ship newer package in N-1.
>      4. Any additional MUST requirements folks would like to see
> covered from the package review requirements?

There could be others.

kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20100309/089d0410/attachment.bin

More information about the devel mailing list