Re: Arch qualification for buster: call for DSA, Security, toolchain concerns
- To: John Paul Adrian Glaubitz <firstname.lastname@example.org>, Matthias Klose <email@example.com>, YunQiang Su <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org
- Cc: DSA list <email@example.com>, firstname.lastname@example.org, Debian GCC Maintainers <email@example.com>, firstname.lastname@example.org
- Subject: Re: Arch qualification for buster: call for DSA, Security, toolchain concerns
- From: Gregor Riepl <email@example.com>
- Date: Tue, 11 Dec 2018 21:46:21 +0100
- Message-id: <[🔎] firstname.lastname@example.org>
- In-reply-to: <[🔎] email@example.com>
- References: <firstname.lastname@example.org> <CAKcpw6UH4XNfc4tZfWX7gsN+8vEqq01mMYR3Um5mCwbsWKf5mA@mail.gmail.com> <[🔎] email@example.com> <[🔎] firstname.lastname@example.org>
I do think this just reinforces the point that second-class architectures
should have better, more robust support from the Debian project.
For example, arch-specific packages most decidedly have a place in Debian
(although they should not be the norm). There will always be such packages, as
proven by many that are available on first-class archs but not on second-class
ones (protobuf springs to mind:
The build and package delivery infrastructure should offer the same features
for both first and second class archs, including installer image building for
all "tiers" (stable, testing, unstable).
The main difference should (IMHO) be the amount of support you get: While a
first-class arch will get faster fixes and a more stable dependency tree,
other archs will be more "sloppy", for example by not blocking stable releases
with their own RC bugs etc.
If this can be fulfilled, I don't think being a second-class arch will be such
a big deal. Not sure how far Debian is from this goal, but I can understand
that many DDs and DMs would rather invest their time into projects they have a
stake in, rather than hardware they don't (or don't want to?) understand.