critpath approval process seems rather broken
drago01
drago01 at gmail.com
Sat Apr 9 11:31:27 UTC 2011
On Sat, Apr 9, 2011 at 12:57 PM, Tomasz Torcz <tomek at pipebreaker.pl> wrote:
> On Sat, Apr 09, 2011 at 05:32:04AM +0200, Kevin Kofler wrote:
>> Will Woods wrote:
>> > In fact, there's plenty of approvers available, but you're not engaging
>> > with them. They might not know how to test libtiff, or what needs
>> > testing, so other stuff gets tested first.
>>
>> The fact is, this is a SECURITY UPDATE and as such it should go out even
>> without testing. It's not acceptable to sit on security updates for weeks.
>
> No, security updates are not _that_ special. For example, there's
> an avahi update in pipeline. It has broken dependencies. Pushing this
> would broke some systems. I'm talking about:
> https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
Packages with broken dependencies should just be unpushable (autoqa
was supposed to fix this but not sure what happend to it ...)
We really should do an automated dep check before pushing updates (and
reject those with broken deps).
More information about the devel
mailing list