diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2011-June/005208.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2011-June/005208.html | 151 |
1 files changed, 151 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2011-June/005208.html b/zarb-ml/mageia-dev/2011-June/005208.html new file mode 100644 index 000000000..aa06867b3 --- /dev/null +++ b/zarb-ml/mageia-dev/2011-June/005208.html @@ -0,0 +1,151 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Finalizing update process + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Finalizing%20update%20process&In-Reply-To=%3CBANLkTinAZcvnxWO_J-Y_KsXw_UnZ%2BOSM6A%40mail.gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="005207.html"> + <LINK REL="Next" HREF="005209.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Finalizing update process</H1> + <B>Ahmad Samir</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Finalizing%20update%20process&In-Reply-To=%3CBANLkTinAZcvnxWO_J-Y_KsXw_UnZ%2BOSM6A%40mail.gmail.com%3E" + TITLE="[Mageia-dev] Finalizing update process">ahmadsamir3891 at gmail.com + </A><BR> + <I>Wed Jun 8 19:39:55 CEST 2011</I> + <P><UL> + <LI>Previous message: <A HREF="005207.html">[Mageia-dev] Finalizing update process +</A></li> + <LI>Next message: <A HREF="005209.html">[Mageia-dev] Finalizing update process +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#5208">[ date ]</a> + <a href="thread.html#5208">[ thread ]</a> + <a href="subject.html#5208">[ subject ]</a> + <a href="author.html#5208">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>On 8 June 2011 18:57, Christiaan Welvaart <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">cjw at daneel.dyndns.org</A>> wrote: +><i> On Wed, 8 Jun 2011, Michael Scherer wrote: +</I>><i> +</I>>><i> Le mercredi 08 juin 2011 à 10:40 +0200, Anne nicolas a écrit : +</I>>>><i> +</I>>>><i> Hi there +</I>>>><i> +</I>>>><i> We have some stuff to complete here: +</I>>>><i> <A HREF="http://mageia.org/wiki/doku.php?id=security">http://mageia.org/wiki/doku.php?id=security</A> +</I>>>><i> +</I>>>><i> <<A HREF="http://mageia.org/wiki/doku.php?id=security">http://mageia.org/wiki/doku.php?id=security</A>>Can we spend the 2 or 3 +</I>>>><i> coming +</I>>>><i> days to finalize it and start updates submits? +</I>>><i> +</I>>><i> Pascal is working on this. +</I>>><i> +</I>>><i> So here is a proposal : +</I>>><i> - anybody can submit a package to updates_testing. +</I>>><i> - once submitted to testing, it should ask to QA to test, along with : +</I>>><i>  - a reason for the update ( likely bug number ) +</I>>><i>  - potentially a priority ( ie, if this is just a translation update or +</I>>><i> a urgent 0 day exploit ) +</I>>><i>  - a way to test the bug and see it is fixed +</I>>><i>  - text for the update +</I>><i> +</I>>><i> - qa validate the update ( with process to define ) +</I>><i> +</I>>><i> - someone move the package from updates_testing to testing +</I>><i> +</I>><i> Someone from security (stable updates) team I guess? +</I>><i> +</I>>><i> - the bug is closed +</I>>><i> - a announce is sent ( on various medias to be defined ), with the text +</I>>><i> of update +</I>><i> +</I>><i> So who decides to reject an update and at what point? According to your +</I>><i> proposal, either QA people decide this or they waste time on updates that +</I>><i> later get rejected. +</I>><i> +</I> +IMHO, rejection reasons: +- The sec team doesn't think the update fixes a serious security +vulnerability; so it's not updates but backports +- The QA team couldn't validate, i.e. using the test case in the bug +report, their test results didn't show that the bug is fixed + +>><i> So the points are : +</I>>><i> - no update can be uploaded without QA validation +</I>><i> +</I>><i> What does 'QA validation' mean exactly, can only certain people do it...? +</I>><i> +</I> +IIUC, QA validation is that they use the test case given in the +report; an example of a test case: +- install package foo-1mga1 from */release +- do foo bar, notice the app crashes +- install the fixed package foo-1.1mga1 from */updates_testing +- test again, the bug should be fixed + +if any of these steps fail, then it's not gonna get pushed as an +update. And it should be the QA team doing the validation, i.e. +experienced devs/packagers in the that team. + +>><i> - QA manage the checks, and so will requires help ( hence the security +</I>>><i> team or any packager can help, provided they know how to do QA ) +</I>><i> +</I>><i> So a packager wants to fix a bug in package that is not very visible, sends +</I>><i> it to QA, then has to test it anyway? I'm not sure what you're saying here. +</I>><i> +</I> +Not the packager committing the fix, (if he doesn't think it's fixed +he won't ask for an update to begin with). But the QA team, this team +could/should have packagers in it. + +><i> +</I>><i>    Christiaan +</I>><i> +</I> + + +-- +Ahmad Samir +</PRE> + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="005207.html">[Mageia-dev] Finalizing update process +</A></li> + <LI>Next message: <A HREF="005209.html">[Mageia-dev] Finalizing update process +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#5208">[ date ]</a> + <a href="thread.html#5208">[ thread ]</a> + <a href="subject.html#5208">[ subject ]</a> + <a href="author.html#5208">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |