Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]

To: Ian Jackson <ijackson@chiark.greenend.org.uk>
Cc: Philip Hands <phil@hands.com>, 904302@bugs.debian.org, Adrian Bunk <bunk@debian.org>
Subject: Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
From: Sam Hartman <hartmans@debian.org>
Date: Fri, 05 Oct 2018 08:40:03 -0400
Message-id: <[🔎] tslmursr2ho.fsf@suchdamage.org>
Reply-to: Sam Hartman <hartmans@debian.org>, 904302@bugs.debian.org
In-reply-to: <[🔎] 23479.18829.244474.328012@chiark.greenend.org.uk> (Ian Jackson's message of "Fri, 5 Oct 2018 12:22:53 +0100")
References: <877ekztkew.fsf@err.no> <87sh2aelmf.fsf@err.no> <87mushdxgz.fsf@hands.com> <87efdqo9j6.fsf@err.no> <871s9pek5g.fsf@hands.com> <[🔎] 20181003194111.GA9620@localhost> <87o9eyeofq.fsf@silentflame.com> <[🔎] 23478.2120.329278.218902@chiark.greenend.org.uk> <[🔎] 8736tlmv3g.fsf@hands.com> <[🔎] 20181004194806.GB5131@localhost> <[🔎] 87woqwlwfo.fsf@hands.com> <87o9eyeofq.fsf@silentflame.com> <[🔎] 23479.18829.244474.328012@chiark.greenend.org.uk> <87o9eyeofq.fsf@silentflame.com>

Actually directly switching on vendor seems fairly bad.

However, to the extent that downstream changes can be encapsulated into
options/deltas that someone might want, I think it may often be
reasonable to carry the delta in Debian.

So imagine that Ubuntu and several other downstreams care more about
security and hardening than they do about backward compatibility and
they choose to change a number of gcc and other tool defaults in support
of that.  I realize my example is not entirely hypothetical, but I want
to emphasize I have not researched to get all the details right, because
it doesn't matter.

Especially if multiple downstreams or individual users who build from
source might want the change, I think carrying the delta in  the Debian
source package can be valuable.  It needs to be balanced against a lot
of other concerns.

However, I do tend to agree with Ian that actually turning on that delta
in a specific vendor environment may be best carrief as a
vendor-specific source package.

That said, even there there are tradeoffs.
As an example, Ubuntu tries to use unmodified Debian source packages
where possible.  In some cases I think that the maintenance advantages
of doing this and the slight but real political pressure it creates to
push changes upstream to Debian may justify switching on dpkg-vendor.

I think my point here is that there's a lot of complexity, and I'm not
even convinced it would be desirable to recommend against using
mechanisms like dpkg-vendor.
I think what we can hopefully all agree on is that the dpkg vendor patch
series as bad.
Perhaps before we go and recommend something specific we can actually
write up some of these tradeoffs and give people the information they
need to make informed decisions.

And yes, in many cases dgit is the answer.  That said, if I were
maintaining the same package both for Debian and for the downstream I
work on, I might well value having a single source tree enough to use
dpkg-vendor or lsb-release or something to switch.

Reply to:

Follow-Ups:
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
  - From: Wouter Verhelst <wouter@debian.org>

References:
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive
  - From: Adrian Bunk <bunk@debian.org>
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive
  - From: Philip Hands <phil@hands.com>
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive
  - From: Adrian Bunk <bunk@debian.org>
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive
  - From: Philip Hands <phil@hands.com>
- Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>

Prev by Date: Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
Next by Date: Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
Previous by thread: Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
Next by thread: Bug#904302: Whether vendor-specific patch series should be permitted in the archive [and 1 more messages]
Index(es):
- Date
- Thread