diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2012-July/017180.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2012-July/017180.html | 158 |
1 files changed, 158 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2012-July/017180.html b/zarb-ml/mageia-dev/2012-July/017180.html new file mode 100644 index 000000000..573692264 --- /dev/null +++ b/zarb-ml/mageia-dev/2012-July/017180.html @@ -0,0 +1,158 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20Help%20needed%20%28also%20forgot%0A%20avidemux%20and%20gstreamer0.10-ffmpeg%29&In-Reply-To=%3C4FF60A79.8090908%40gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="017190.html"> + <LINK REL="Next" HREF="017183.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg)</H1> + <B>Claire Robinson</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Security%20updates%20-%20Help%20needed%20%28also%20forgot%0A%20avidemux%20and%20gstreamer0.10-ffmpeg%29&In-Reply-To=%3C4FF60A79.8090908%40gmail.com%3E" + TITLE="[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg)">eeeemail at gmail.com + </A><BR> + <I>Thu Jul 5 23:43:21 CEST 2012</I> + <P><UL> + <LI>Previous message: <A HREF="017190.html">[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) +</A></li> + <LI>Next message: <A HREF="017183.html">[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17180">[ date ]</a> + <a href="thread.html#17180">[ thread ]</a> + <a href="subject.html#17180">[ subject ]</a> + <a href="author.html#17180">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>><i> I spent some time today to help the QA team to manage those pending +</I>><i> security updates. And for the second time in a week, I've been facing +</I>><i> rather unpleasant attitude from someone else from the same team: +</I>><i> <A HREF="https://bugs.mageia.org/show_bug.cgi?id=5939">https://bugs.mageia.org/show_bug.cgi?id=5939</A> +</I>><i> +</I>><i> I wonder how we're supposed to work together when expressing an opinion +</I>><i> about issues prioritization expose you to harsh comment from someone +</I>><i> unable to express his disagreement without agressivity. That's not much +</I>><i> point ressorting to "we're all in the same boat" kind of metaphor during +</I>><i> IRC meeting to thereafter suggest to leave the board to people +</I>><i> expressing concerns about the boat heading... +</I>><i> +</I>><i> So, before any further contribution from my side, I'd like the people in +</I>><i> charge of security updates to find some internal agreement about what +</I>><i> kind of help they expect from other people exactly. If that's just to +</I>><i> push a non-discussable list of changes into spec files, they could as +</I>><i> well ask for SVN commit and package submission rights, to do it +</I>><i> directly. This would avoid a large amount of anger and frustration for +</I>><i> everyone. +</I>><i> +</I> +You seem to be frustrated by a false assumption. The assumption that +something has changed over the past year of performing QA on security +updates. + +It hasn't. We haven't begun doing anything differently and we haven't +started to ask for any more than we have done before, during all that time. + +The reason we now have a backlog, which seems to be the cause of the +frustration, is simply because we don't have enough volunteers. That is +not really a reason to begin taking shortcuts, or cut out common sense, +but it is something you can help with. + +Our QA workload doubled overnight when Mageia 2 was released. At the +time there were mainly only two of us to perform the task, as there had +been throughout the lifespan of Mageia 1 until that point. One tested +every update x86_64 and one tested every update i586. + +As I'm sure you realise, that is nowhere near enough people to perform +QA adequately on two live releases, especially just after release when +many packaging bugs are being fixed. This is on top of having to work +around bug 2317 which is only now beginning to receive attention. + +I fully sympathise with the need to concentrate on security updates and +the need to handle them efficiently. Nothing has changed in that regard. +We handle them now the same as we have been doing since last August and +it has never been a problem for anybody. Believe it or not, it is +actually appreciated by most.. + +We have been trying to recruit new members and with some limited +success. Those new members will hardly be inspired though to volunteer +their time by this type of bullying. I myself would also like to think I +didn't have to purposely avoid certain packagers update requests because +of their aggressive behaviour. That situation would be of no benefit to +anybody. + +We always have and will continue to do our best to prioritise security +updates. Unfortunately that has to happen at the expense of bugfix +updates so there are a number of those waiting for our attention. David +has also been pushing for maintainers to get various security bugs fixed +so there has been a bit of an influx for QA to deal with. + +This whole issue is being blown wildly out of proportion and it is +really demoralising for those of us who already spend far too many hours +a day actually doing the job. + +If you really want to speed things up then please spend some time +helping to shorten the list and lighten the load. We did request help +two weeks ago in the packagers meeting. + +You can find the validation procedure here: <A HREF="http://bit.ly/Ne2lPP">http://bit.ly/Ne2lPP</A> + +and the list of bugs awaiting QA here: <A HREF="http://bit.ly/LZMNhr">http://bit.ly/LZMNhr</A> + +Throughout the life of Mageia 1 the QA list was usually between 20 and +40 bugs long, it is now between 40 and 50 bugs long and is hovering +around that point. + +These recent attacks are causing even more work for us, which again +helps nobody, and diverts our attention away from where it is really +needed. Also I would point out that having to validate the same package +several times obviously lessens the amount of time we can spend +elsewhere, which compounds the problem. + +If the current situation is indeed such an intolerable issue then +perhaps we should think seriously if we currently have the resources to +maintain two active releases or rethink our ability to open backports, +instead of bullying those who are already stretched too thinly. + +Regards +Claire + + + + +</PRE> + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="017190.html">[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) +</A></li> + <LI>Next message: <A HREF="017183.html">[Mageia-dev] Security updates - Help needed (also forgot avidemux and gstreamer0.10-ffmpeg) +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#17180">[ date ]</a> + <a href="thread.html#17180">[ thread ]</a> + <a href="subject.html#17180">[ subject ]</a> + <a href="author.html#17180">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |