[Mageia-dev] please stop doing "bugs" for updating magia 1

Wed Jan 11 21:54:24 CET 2012

On Wed, Jan 11, 2012 at 8:32 PM, Michael Scherer <misc at zarb.org> wrote:
+> Le mercredi 11 janvier 2012 à 17:48 +0100, Christian Lohmaier a écrit :
+>> On Wed, Jan 11, 2012 at 4:51 PM, Guillaume Rousse
+>> <guillomovitch at gmail.com> wrote:
+>> > Le 11/01/2012 16:09, Antoine Pitrou a écrit :
+>> >
+>> >> As a Mageia user I would expect Mageia to package significant *bugfix
+>> >> releases* and ship them in the updates for the stable distro.
+>> >
+>> > You'd rather read the current update policy, rather than expect blind
+>> > assertions:
+>> > https://wiki.mageia.org/en/Updates_policy
+>>
+>> Whoa - this is a rather stupid policy. (my opinion, yours obviously differs).
+>> "For the most part, an update should consist of a <bold>patched build
+>> of the same version</bold> of the package released with the
+>> distribution,"
+>
+> I am pretty sure that you can express yourself without starting by
+> insulting people.
+
+Well, if you feel insulted when I state my personal opinion about the
+policy, then I cannot help it.
+I also find a different word for it - In my opinion it is a stupid
+policy. It might not reflect what was discussed on the mailinglist,
+but that is not my fault either - I can only judge what is written on
+that wiki-page, and once again: that policy doesn't make any sense to
+me.
+Feeling insulted means that you apparently were deeply involved in
+formulating the policy, too bad, but cannot be helped. Sorry if your
+feelings are hurt.
+
+>> Welcome to distro-isolation, putting burden on maintainers, giving
+>> them all the reason to deny a reasonable request for a bugfix release
+>> because it just is too much work to hunt for a specific commit that
+>> fixed bug x.
+>
+> If that's too much work for a maintainer and if that's important for
+> you, you can :
+> - do your own package, supported by yourself for yourself
+
+I do for the packages I care of.
+
+> or :
+> - provide the patch
+
+No, that's pointless. I'd rather supply the patch upstream, so it will
+be integrated in the upstream package.
+
+> If that's too much work for you too, then that's likely too much work
+> for others too.
+
+You're mixing stuff around: We/I am talking about the case when there
+*is* an bugfix release available from upstream, but the policy
+dictates to extract individual patches for a subset of the fixes only-
+and that subset being bugs filed in mageia's bugzilla. This doesn't
+make sense.
+If the maintainer could use the fixed upstream release, then all that
+is needed is to bumb the version-tag in the spec and rebuild. You
+don't question that this is easier than hunting down a patch and
+adding that to the package, do you?
+Any cases where just bumping the version and rebuilding won't work are
+cases that don't fall in the bugfix-only category.
+
+>> > [...]
+>> > A bug may vary from a typo in a man page to a critical security update,
+>>
+>> And a typo-fix is not worthwhile to have?
+>
+> When we take in account the fact it would still need proper QA, there is
+> likely stuff that are more important than a typo. And a typo is just a
+> extreme case, and a simplificaition. If we start to have a complex
+> update policy, we are just losing time for almost nothing.
+
+No doubt about that - the above statement was more meant in the terms
+of only applying selective fixes by patch, as opposed to taking the
+release that has those bugs fixed+additional easy stuff.
+So why only fix "bug that is reported in mageia's bugzilla", but not
+"the typo that was fixed upstream".
+
+>> Sure, you cannot be save of regressions, but what makes you think you
+>> are smarter than upstream? What makes you so sure that not the one
+>> commit you add as a patch to your package is the one that causes the
+>> regressions?
+>
+> For 1, we usually do not do distro patch. I personnaly think this should
+> be avoided as much as possible, and that we should push as much patch
+> upstream. We have a rather huge backlog to clean.
+>
+> For 2, we also usually take patch from upstream. Some of us are also
+> good enough to understand patchs, and to see what they mean, if they fix
+> something, etc. Of course, there is some software that are rather
+> specialized or obscure, but that's far from being the majority.
+
+So then again: what makes selectively fixing bugs better in terms of
+regression prevention than applying a bugfix release from upstream?
+You an Juan Luis basically say: Less changes, less chance for
+breakage. This is a "Milchmädchenrechnung"  (naive assessment of the
+situation). Fixed done by upstream are applied by people familiar with
+the code in question, usually way  more familiar than the package
+maintainer. Yes the regressions do happen. Even if a fix looks simple,
+it can introduce a regression.
+And by only selectively applying patches it means that: You might have
+a "lesser chance" of regressions, but instead of the regressions you
+still have the other "regular bugs" that were fixed.
+
+>> Regressions have the nice habit of being triggered by changes in
+>> apparently unrelated code...
+>
+> And that's why we should reduce the number of changes.
+
+That's why reducing the number of changes won't help.
+
+> Maybe if you started to be less insulting, and instead started to look
+> at the discussion on the ml in the past on the list,
+
+I might have had if the wiki policy did point to it.
+
+> when the policy was
+> discussed ( and access to the old wiki too ), you would likely find the
+> reasons saner.
+
+Even with your explanations (thanks for taking the time), I still
+disagree and still don't find them any more sane than before.
+
+The only good thing that you made clear is that you discourage
+distro-only patches, but instead favor fixed that are directly from
+upstream.
+
+ciao
+Christian
+