The new Update Acceptance Criteria are broken (was: Re: Heads Up - New Firefox update)
mitr at volny.cz
Mon Nov 1 01:18:46 UTC 2010
Adam Williamson píše v Ne 31. 10. 2010 v 18:06 -0700:
> On Sun, 2010-10-31 at 04:37 +0100, Kevin Kofler wrote:
> Yet another blatant example of
> > failure of the Update Acceptance Criteria, needlessly exposing our users to
> > critical vulnerabilities.
> Kevin, could you *please* not word things like that? There's just no
> need for it.
> I already wrote this to -test a couple of days ago:
> and we're discussing it there. I think the thread demonstrates things
> tend to go much more constructively if you avoid throwing words like
> 'blatant' and 'failure' and 'needlessly' around.
Did we not fail our users? Was there a real need to fail them? (As a
non-native speaker, I won't judge the relative merits of "blatant" vs.
> We designed a policy,
> put it into effect, now we're observing how well it works and we can
> modify its implementation on the fly. It doesn't need to be done in an
> adversarial spirit.
Given that _this exact scenario_ was repeatedly brought up since the
very start of the update acceptance criteria proposals, I think some
frustration is quite justified. This situation is not really a
surprise, and Fedora did not have to unnecessarily expose users to a
vulnerability in order to relearn this lesson.
In addition to being constructive about remedying the situation,
shouldn't we try to be more constructive about _not introducing such
situations_ in the first place?
More information about the devel