[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: about volatile.d.o/n

* Martin Schulze (joey@infodrom.org) [041017 11:20]:
> Andreas Barth wrote:
> > * Henning Makholm (henning@makholm.net) [041011 18:30]:
> > > The goal should be that I, as a user, can add volatile to my
> > > sources.list and periodically do an apt-get upgrade - without risking
> > > to suddenly have my web browser updated to a new major release where
> > > it starts behaving differently, all my users' preferences get out of
> > > kilter, etc.

> > I think this is one of the most important statements - and I think it
> > describes our policy quite well.
> > 
> > I could however see the possiblity to add a new package "mozilla1.7",
> > that users can optionally install. However, I also won't like it.
> Please be very careful with packages like these.  It may require a
> new version of libfoo1 and libbar2g and libbaz0g etc. which people
> may accidently install, which in turn can hurt them in other areas
> and contribute "strange" bug reports.

As soon as it requires new versions of some libraries, this is a no-go.
People who want it may go to backports.org or so. Perhaps we may add an
news item on volatiles page about that then.

The main word is "above all, do no harm". The default action is to not
add something.

> If you plan something like this, please at least use the componentised
> layout of backports.org and don't pollute the main volatile archive
> with this.  (Still, I don't believe, such a packages incl. dependencies
> should go into volatile.debian.net.)

I'm definitly not adding a new package to volatile without being
definitly sure that it should go in (and as long as you disagree, I'm
not sure about that). And, as long as somebody thinks this polutes
volatile, this also can't be the right thing. Volatile usage should be
risk-free (as in security usage).

   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to: