submitters +1ing their own packages

Adam Williamson awilliam at
Thu Sep 8 19:34:25 UTC 2011

On Thu, 2011-09-08 at 20:59 +0200, Till Maas wrote:
> On Thu, Sep 08, 2011 at 06:42:56PM +0000, "Jóhann B. Guðmundsson" wrote:
> > As in components flagged as base/core/critical might restrict the 
> > maintainer from +1 his own component and require more stricter QA 
> > oversight while components that are not flag as base/core/critical might 
> > not?
> If a +1 from a maintainer is counted for the stable update threshold
> than the policy could just be changed to allow maintainers to push
> updates directly to stable. Because this is what will be possible, only
> that a lot of stupid interaction with Bodhi will be required. But it
> would fit the current policy that does not state clearly that any update
> submitter is allowed to push a non critpath update to stable as soon as
> the update received at least one +1 from anyone.

We're going round in circles again, as I know I've written this at least
twice in the previous threads on the topic, but: no. What Bodhi adds to
the process is accountability, an audit trail, and an easy way to manage
privileges. If we keep the Bodhi thresholds but allow maintainers to +1
their own updates, it makes it very very easy to look at a hyopthetical
future problematic update and say 'look, you +1ed this update which was
clearly broken, it went out, and caused pain to users: your +1
privileges are revoked', and actually do that, without affecting other
maintainers who are following the rules. If we just let everyone push
straight to stable, we lose that.
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | adamwfedora

More information about the devel mailing list