[Proposal] Ring-based Packaging Policies

Alec Leamas leamas.alec at gmail.com
Thu Feb 12 19:18:33 UTC 2015

On 12/02/15 19:32, Stephen Gallagher wrote:
> (Logistical note: please keep all replies to this thread on
> devel at lists.fedoraproject.org)
> tl;dr Shall we consider requiring a lesser package review for packages
> that are not present on Product or Spin install media?

Thanks for bringing this up. We really need to do something about this, 
and the proposal is likely to get things rolling.

This is really about two things, right? A "lighter review" and a general 
bundling exception for packages not in the core (?)

As for the bundling exception I more or less just agree. One detail 
might be to add some text about not having bundled libraries in system 
locations, and not exporting (filtering) them.

As for the "lighter review" this is not so clear to me. I agree that we 
need to relax the review, but:

   - Wouldn't it feel a little more comfortable to list the exceptions 
we allow compared to a regular review rather than starting with just 
some broad statements what the review is?

   - Shouldn't we make a distinction between 'review' and 'pass'. E. g., 
even if we allow bundled libs, we should definitely review and locate 
them. Isn't the situation similar for other things: while we still 
review them, things that are blockers in ring 0 could pass in ring 1?

Colin walters wrote:

> Anyways, something I think is missing from here is more
> details on how this "on the install media set" distinction
> is maintained over time.  If it isn't separate (yum) repositories
> it seems like it's going to be hard to enforce.

A virtual provides in all ring 1 packages?



More information about the devel mailing list