How can we make security updates faster?
"Jóhann B. Guðmundsson"
johannbg at gmail.com
Tue May 29 18:58:00 UTC 2012
On 05/29/2012 06:13 PM, Rex Dieter wrote:
>> > It makes no sense to have a gui application ( or an application for that
>> > matter ) without having written the relevant how to debug/how to test
>> > pages for each component to accommodate it.
> Indeed. However, I'd argue*both* pieces, a karma app and good test-cases,
> are needed, and one not need block on the other.
Well we then agree on disagreeing since updating the component and
running the relevant application is hardly what I call testing and
requiring karma points to just do that makes absolutely no sense to me.
This whole scenario is a bit more complicated than that and me and James
did discuss few ideas to solve this when he was with the project but
things did not progress any further than that for various reasons
including the FPC/FESCO decisions to make things optional instead of
For security updates arguably we should be having faith in maintainers
actually eating and testing their own food and use a time based limit
instead of karma based as in after x many days in updates testing and no
reporter has reported any problem the update gets pushed regardless of
In any case this is something we solve in the QA community and arguably
we should be the one that decide all this and FPC just implements what
we have decided and tell them to.
This really does not involve Fesco and we already have a good working
relationship with releng.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the devel