[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Freeze Please?

On Fri, Feb 07, 2003 at 12:38:49AM +1000, Anthony Towns wrote:

 > >  There are packages with not so trivial bugs stuck in it, and it
 > >  has been said over and over again, it contains packages with
 > >  security holes.
 > Are you offering to help, or just bitching?

 I was expecting that.

 I'm saying that your assertion that testing is working ok is self

 If you want to have it more verbosely, I'm saying that testing is a
 nice experiment, but we have found empirical evidence that it does not
 work as well as we hoped initially.  As far as the theory goes, a few
 loonies (aka, developers) will be using unstable and ironing the most
 serious and evident bugs out, while more conservative users will stick
 to testing, find bugs in that, which will be likewise squashed and at
 some point we decide that the thing can be released.  The reality is
 that a few packages can stop lots of stuff from moving into testing,
 significant bugs appear there and can't get fixed in a reasonable
 ammount of time, which in turn scares testers away.  Without testers,
 testing looses much of its value.

 Or put in another way, if the testing maintainance scripts are working
 ok, why can't we release testing today?

 > Seriously, if you or anyone else wants to do the work to do security
 > updates for testing on a regular basis, everything's in place -- all
 > you have to do is upload the source packages, and work out whether you
 > want to do it like stable security updates (on the separate server,
 > made instantly available, possibly prepared before publication, with an
 > advisory), or just as an "out-of-band" update.

 That's good to know.  Do we have testing autobuilders?

 > All this stuff has been in place since the new security architecture
 > came into being

 I have no clue what you are talking about.


Reply to: