[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: python-django_1.8.18-1~bpo8+1_amd64.changes REJECTED

* Raphael Hertzog <hertzog@debian.org> [2017-05-24 13:00:41 CEST]:
> On Wed, 24 May 2017, Adrian Bunk wrote:
> > If the person who did two years ago the jessie backport of a package 
> > used by DSA retired from Debian a year ago or is one of the many MIA 
> > developers, how are the machines maintained by DSA kept secure today?
> 
> Adrian, you keep diverting the discussion to something entirely else.
> I'm stopping here. You are bringing into light known problems
> that have currently no good answers. But those problems exist with
> the current policy already. So they are irrelevant in the discussion
> of my requested change. My request is not making that worse
> or better.

 No, Adrian doesn't do that, that's a very core point.  The way you
handle it noone is able to pick up the package in the way you do it
without serious effort.  You are the user of the package and thus have
the very internal motivation to keep it there.  If you are gone noone is
able to pick it up because it doesn't follow the rules.  It is very much
not irrelevant, as much as you like to claim that.

> > Imagine someone else would have done the python-django backport,
> > and would upload 1.10 to jessie-backports today.
> > What would you as user do?
> 
> You are again diverting the discussion to another problem. This is
> not my situation... in the general case, the user can't rely on
> the version in jessie-backports to not change in backwards incompatible
> way.

 But that's what you like to accomplish with your backport.  It's again
no divergating.

> But I'm the maintainer and I can promise more than the baseline. I can
> tell my users "I will keep maintaining the current LTS version as long as
> it's support upstream" in $stable-backports.

 You are still a single person, and goddess forbids anything bad happens
to you but you might move away from that area at some point.  This is
not hypothetical, this has happened in the past.  People had to pick up
backports because the former people didn't care for it.  And you are
putting the maintenance overhead for maintaing a package that is nowhere
else in the archive but only in backports over the possibility to keep
it in low maintenance state.

 Just because you don't like the arguments of others doesn't mean that
they aren't there, so please try to not ridiculate them.

 Enjoy,
Rhonda
-- 
Fühlst du dich mutlos, fass endlich Mut, los      |
Fühlst du dich hilflos, geh raus und hilf, los    | Wir sind Helden
Fühlst du dich machtlos, geh raus und mach, los   | 23.55: Alles auf Anfang
Fühlst du dich haltlos, such Halt und lass los    |
Reply to: