[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Updating scanners and filters in Debian stable (3.1)

This one time, at band camp, Matthew Garrett said:
> Andreas Barth <aba@not.so.argh.org> wrote:
> > We can push neither of them into Debian via security.d.o. No, sorry,
> > this is not the way stable works.
> /Should/ it be the way stable works? We have the ability to change that.
> Providing that we only do it for the set of software that would
> otherwise be entirely useless by the time we make a new release, I don't
> see that it compromises any existing principles.
> Debian stable is about providing a stable platform that people can build
> upon. It's about providing something that can be trusted to work, rather
> than one where upgrades break things. It's not about slavish adherance
> to the idea that we should never change any of it. In the absence of
> more rapid releases, we should provide software that works rather than
> software that doesn't. Failing to provide useful software because we'd
> prefer to stick to the dogma of not changing anything serves nobody.
> If you can find one real person who believes that it would be better to
> either have no virus checker or one that will be entirely useless after
> 4 weeks than it would be to have updates that might actually provide new
> functionality, I'll be impressed.

This is exactly the problem.  I don't think that most people actually
think it would be better to release either no AV/spam/whatever software
or useless software.  I am getting the impression that people don't want
to disrupt the stability of the rest of the archive in order to provide
useful tools that must evolve rapidly, and this is difficult to resolve.
Obviously if the RM's aren't interested, there is nothing any of the
rest of us can do short of a GR, which I am not interested in.

I don't mind continuing to provide out of band updates on p.d.o, but I
don't think this is the best solution.  I don't really see the problem
with a new archive section myself, but then, I don't have to do the work
to set it up, either.  If it is really that much work, I am willing to
help with it if someone wants my help.  If not, and the objections are
mostly on principle, then I guess we are stuck.
|   ,''`.					     Stephen Gran |
|  : :' :					 sgran@debian.org |
|  `. `'			Debian user, admin, and developer |
|    `-					    http://www.debian.org |

Attachment: pgpPzpT2HY8dx.pgp
Description: PGP signature

Reply to: