How can we make security updates faster?

"J├│hann B. Gu├░mundsson" johannbg at gmail.com
Tue May 29 18:58:00 UTC 2012


On 05/29/2012 06:13 PM, Rex Dieter wrote:
>> >  It makes no sense to have a gui application ( or an application for that
>> >  matter ) without having written the relevant how to debug/how to test
>> >  pages for each component to accommodate it.
> Indeed. However, I'd argue*both*  pieces, a karma app and good test-cases,
> are needed, and one not need block on the other.

Well we then agree on disagreeing since updating the component and 
running the relevant application is hardly what I call testing and 
requiring karma points to just do that makes absolutely no sense to me.

This whole scenario is a bit more complicated than that and me and James 
did discuss few ideas to solve this when he was with the project but 
things did not progress any further than that for various reasons 
including the FPC/FESCO decisions to make things optional instead of 
mandatory.

For security updates arguably we should be having faith in maintainers 
actually eating and testing their own food and use a time based limit 
instead of karma based as in after x many days in updates testing and no 
reporter has reported any problem the update gets pushed regardless of 
it's karma.

In any case this is something we solve in the QA community and arguably 
we should be the one that decide all this and FPC just implements what 
we have decided and tell them to.

This really does not involve Fesco and we already have a good working 
relationship with releng.

JBG
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120529/190e7d78/attachment.html>


More information about the devel mailing list