On Fri, Feb 08, 2002 at 11:12:59AM -0600, Adam Heath wrote:
> > Whot? That's silly. Dpkg. Dpkg-source. Two different things, two very
> > different sets of upgrade requirements.
>
> No, it's not. For real security, we must support source packages built on
> unstable being extractable with tools in stable.
Oh, so we'll be able to use the features in what, three years or so, when
sarge is finally released?
This message is not half as smart-assed as it sounds. Stable releases
are clearly taking longer and longer to get out the door. I don't think
anyone expects woody to be out before summer at the most liberal estimate.
If you graph the time between each of Debian's releases, and if the trend
continues, it will take nearly three years for sarge CDs to get pressed.
I don't think it's at all reasonable to wait that long for dpkg-source 2
features. Current Debian source packages are unpackable with standard
unix tools after all, and I can't even guess when the last time I used
dpkg-source was, though I can tell you the last time I downloaded a source
package and rebuilt it was less than a week ago to resolve dep issues the
CVS SDL packages I built for local development.
As long as you can unpack the things with a minimal set of unstructions,
that's all that is needed. I realize I'm concerning myself with a symptom
of a bigger problem, but the bigger problem was beaten to death back in
1998 or so, yet has somehow been dragged out for further beatings every
time we have a freeze that seems to be going on indefinitely. Until one
of us comes up with a magic bullet to fix the increasing time between
releases, we're going to have to deal with the ramifications of having a
stable dist literally years behind what's being done in unstable, as we
have with potato now. It's tempting to wave goodbye to incrementality
even for binary packages (though it clearly should not be done if only
because it makes it harder for people to install potato's base off CD and
upgrade to unstable or testing immediately.
Of course the arguments above are moot if standard tools cannot unpack the
new format, but from what I recall of the discussion of that format years
ago already, that was not a concern at that time.
--
Joseph Carter <knghtbrd@bluecherry.net> I swallowed your goldfish
<knghtbrd> rcw: Oh yay---I haven't been involved in a good flamewar in at
least ... 5 minutes!
Attachment:
pgpv9J9FKKgxi.pgp
Description: PGP signature