[Proposal] Ring-based Packaging Policies
leamas.alec at gmail.com
Thu Feb 12 19:18:33 UTC 2015
On 12/02/15 19:32, Stephen Gallagher wrote:
> (Logistical note: please keep all replies to this thread on
> devel at lists.fedoraproject.org)
> tl;dr Shall we consider requiring a lesser package review for packages
> that are not present on Product or Spin install media?
Thanks for bringing this up. We really need to do something about this,
and the proposal is likely to get things rolling.
This is really about two things, right? A "lighter review" and a general
bundling exception for packages not in the core (?)
As for the bundling exception I more or less just agree. One detail
might be to add some text about not having bundled libraries in system
locations, and not exporting (filtering) them.
As for the "lighter review" this is not so clear to me. I agree that we
need to relax the review, but:
- Wouldn't it feel a little more comfortable to list the exceptions
we allow compared to a regular review rather than starting with just
some broad statements what the review is?
- Shouldn't we make a distinction between 'review' and 'pass'. E. g.,
even if we allow bundled libs, we should definitely review and locate
them. Isn't the situation similar for other things: while we still
review them, things that are blockers in ring 0 could pass in ring 1?
Colin walters wrote:
> Anyways, something I think is missing from here is more
> details on how this "on the install media set" distinction
> is maintained over time. If it isn't separate (yum) repositories
> it seems like it's going to be hard to enforce.
A virtual provides in all ring 1 packages?
More information about the devel