* Steve Langasek (vorlon@debian.org) wrote: > On Mon, Jul 12, 2004 at 08:17:24PM +0200, Goswin von Brederlow wrote: > > The longer that period lasts the more important having 2 packages is > > since otherwise you would have broken packages for the same amount of > > time. > > The counterargument is that, without the pressure of RC bugs, the > transitional period will last longer. I think we would need to be able to > file "please recompile" bugs at RC severity to avoid compromising our > ability to get the libs section in shape for a release. I agree w/ Steve on this. You real problem is upstream changing the SONAME very often. Educate them on why this is bad behaviour and try to encourage them to have a stable library ABI for a while and to queue up changes to reduce the overhead on the rest of the system. An alternative, which takes alot more effort but works (better, imv), would be to use versioned symbols. > > As for security updates that's pretty easy. Remove the old lib. You > > wouldn't loose anything compared to removing it directly but you keep > > packages working as long as there is no security bug. > > This does nobody any good once we have a stable release that includes the > parallel package for the old library. > > And even "just remove the library" means piling more responsibility on our > straining security infrastructure that doesn't need to be there. Agree, this just doesn't work in reality. Stephen
Attachment:
signature.asc
Description: Digital signature