From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2012-June/016896.html | 193 +++++++++++++++++++++++++++++++ 1 file changed, 193 insertions(+) create mode 100644 zarb-ml/mageia-dev/2012-June/016896.html (limited to 'zarb-ml/mageia-dev/2012-June/016896.html') diff --git a/zarb-ml/mageia-dev/2012-June/016896.html b/zarb-ml/mageia-dev/2012-June/016896.html new file mode 100644 index 000000000..37be8879a --- /dev/null +++ b/zarb-ml/mageia-dev/2012-June/016896.html @@ -0,0 +1,193 @@ + + + + [Mageia-dev] Backports Summary + + + + + + + + + +

[Mageia-dev] Backports Summary

+ AL13N + alien at rmail.be +
+ Wed Jun 27 12:36:25 CEST 2012 +

+
+ +
> Thomas Backlund a écrit :
+>> Sander Lepik skrev 26.6.2012 23:15:
+>>> 26.06.2012 22:25, Thomas Backlund kirjutas:
+>>>> * backports is supported as long as the rest of the release
+>>>>
+>>>>
+>>>> Comments? Questions ?
+>>> I think we should change the wording from "supported" to "tested".
+>>> Currently we can
+>>> "support" backport with a newer version of the backport. But i don't
+>>> think it's a wise move
+>>> to mark backports repo as an updates repo. So i don't see how we can
+>>> _support_ backports.
+>>> And QA has no time to deal with updates for backports (i mean to
+>>> search for security holes
+>>> in backports). But this can be discussed tomorrow.
+>>
+>> Well,
+>>
+>> It's the backporters job to make sure its fixed for security issues as
+>> stated by:
+>>
+>> * if you backport anything, (regardless if you are the real
+>>   maintainer or not) you accept the responsibility of
+>>   handling the bugreports against the backport and make sure
+>>   it gets patched (or upgraded) to get security fixes.
+>>
+>>
+>> It's not supposed to be flagged as an update repo as that would make
+>> it upgrade all packages it find in the system with matching backports
+>> packages.
+>>
+>> So we need to either create a "backports update applet" or extend
+>> current update applet.
+>
+> I would favour extending the current update tools, and then flagging
+> backport repos as updates, so that newer backports would be treated as
+> updates to already installed backports at the same time as other updates.
+
+actually, since the applet will have to works like this: (cf bug 2317)
+
+1. mark media to get updates from
+2. mark seachmedia to get it's dependencies from (release)
+3. do updates
+
+extending this to backports does the following:
+
+1. mark update media + backport media
+2. mark search media to get it's dependencies from (release)
+3. do updates
+
+With regard to dependencies, this means we'd be including backports too,
+which means we could use my patch for bug 2317 anyway.
+
+If you don't want this, you'd have to do the updates and backports
+separately. which is again quite some complexity.
+
+(besides, if we do have strict requires, to make cherry-picking work, the
+problems we'd get from using the patch would go away anyway.
+
+>> (or "worst case" until we get it automated tell the user of backported
+>>  packages to make sure they check if a new/fixed rpm is available in
+>>  backports)
+>>
+>> And there will still be some advisory notifying people of new backports,
+>> just like we do for security and bugfix updates now.
+>
+> +1
+>>
+>> --
+>> Thomas
+>>
+>
+>
+> --
+> André
+>
+>
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1