How can we make security updates faster?

[David Tardon]

On Tue, May 29, 2012 at 06:58:00PM +0000, "Jóhann B. Guðmundsson" wrote:
> On 05/29/2012 06:13 PM, Rex Dieter wrote:
> >>>  It makes no sense to have a gui application ( or an application for that
> >>>  matter ) without having written the relevant how to debug/how to test
> >>>  pages for each component to accommodate it.
> >Indeed. However, I'd argue*both*  pieces, a karma app and good test-cases,
> >are needed, and one not need block on the other.
> 
> Well we then agree on disagreeing since updating the component and
> running the relevant application is hardly what I call testing and
> requiring karma points to just do that makes absolutely no sense to
> me.

It is called smoketesting and I think it fulfills the objective of
avoiding broken updates pretty well, thanks. Note that we are talking
about Fedora here, not RHEL. If you are not satisfied with the current
level of testing, you are welcomed to do something about it. But forcing
others to do something is not the right way to go.

> In any case this is something we solve in the QA community and
> arguably we should be the one that decide all this and FPC just
> implements what we have decided and tell them to.
> 
> This really does not involve Fesco and we already have a good
> working relationship with releng.

Again, this is Fedora we are talking about, not RHEL. If you (the QA
community) decide on some new policy that most maintainers disagree
with, they will just ignore it and there is _absolutely nothing_ you can
do to enforce it. Period.

D.