Re: Freeze Please?
On Fri, Feb 07, 2003 at 12:38:49AM +1000, Anthony Towns wrote:
> > There are packages with not so trivial bugs stuck in it, and it
> > has been said over and over again, it contains packages with
> > security holes.
> Are you offering to help, or just bitching?
I was expecting that.
I'm saying that your assertion that testing is working ok is self
If you want to have it more verbosely, I'm saying that testing is a
nice experiment, but we have found empirical evidence that it does not
work as well as we hoped initially. As far as the theory goes, a few
loonies (aka, developers) will be using unstable and ironing the most
serious and evident bugs out, while more conservative users will stick
to testing, find bugs in that, which will be likewise squashed and at
some point we decide that the thing can be released. The reality is
that a few packages can stop lots of stuff from moving into testing,
significant bugs appear there and can't get fixed in a reasonable
ammount of time, which in turn scares testers away. Without testers,
testing looses much of its value.
Or put in another way, if the testing maintainance scripts are working
ok, why can't we release testing today?
> Seriously, if you or anyone else wants to do the work to do security
> updates for testing on a regular basis, everything's in place -- all
> you have to do is upload the source packages, and work out whether you
> want to do it like stable security updates (on the separate server,
> made instantly available, possibly prepared before publication, with an
> advisory), or just as an "out-of-band" update.
That's good to know. Do we have testing autobuilders?
> All this stuff has been in place since the new security architecture
> came into being
I have no clue what you are talking about.