[Mageia-dev] Backports Summary

Wed Jun 27 10:45:42 CEST 2012

Thomas Backlund a écrit :
+> Sander Lepik skrev 26.6.2012 23:15:
+>> 26.06.2012 22:25, Thomas Backlund kirjutas:
+>>> * backports is supported as long as the rest of the release
+>>>
+>>>
+>>> Comments? Questions ?
+>> I think we should change the wording from "supported" to "tested". 
+>> Currently we can
+>> "support" backport with a newer version of the backport. But i don't 
+>> think it's a wise move
+>> to mark backports repo as an updates repo. So i don't see how we can 
+>> _support_ backports.
+>> And QA has no time to deal with updates for backports (i mean to 
+>> search for security holes
+>> in backports). But this can be discussed tomorrow.
+>
+> Well,
+>
+> It's the backporters job to make sure its fixed for security issues as 
+> stated by:
+>
+> * if you backport anything, (regardless if you are the real
+>   maintainer or not) you accept the responsibility of
+>   handling the bugreports against the backport and make sure
+>   it gets patched (or upgraded) to get security fixes.
+>
+>
+> It's not supposed to be flagged as an update repo as that would make 
+> it upgrade all packages it find in the system with matching backports 
+> packages.
+>
+> So we need to either create a "backports update applet" or extend 
+> current update applet.
+
+I would favour extending the current update tools, and then flagging 
+backport repos as updates, so that newer backports would be treated as 
+updates to already installed backports at the same time as other updates.
+
+> (or "worst case" until we get it automated tell the user of backported
+>  packages to make sure they check if a new/fixed rpm is available in
+>  backports)
+>
+> And there will still be some advisory notifying people of new backports,
+> just like we do for security and bugfix updates now.
+
++1
+>
+> -- 
+> Thomas
+>
+
+
+-- 
+André
+
+