Re: Version numbering for security uploads of native packages
On Sun, Mar 16, 2008 at 11:36:20AM +0100, Thijs Kinkhorst wrote:
> On Sunday 16 March 2008 00:52, Adam D. Barratt wrote:
> > We're aware that the Developers Reference specifies that the latter
> > format should be used, but it is problematic as -0.1 sorts before +b1
> > and, as such, the NMU will not supersede any previous binNMUs of the
> > same package version.
> > Whilst looking at this change, the question arose of what format
> > security uploads of native packages should use, both in general and
> > specifically when debchange's --security option is used.
> There may not be a good solution since MU's, NMU's and security uploads can
> currently be interleaved in any particular order, so it seems hard to make a
> scheme that would work reliably.
> Occasionally there are problems with an upload being lower than a binNMU.
> binNMU's are problematic in this regard as they are often done without
> maintainer notification, and if you fetch the source package there's also no
> trace of them, both making it very easy to overlook. That would prompt me
> that reducing these problems may be sought in finding a better binNMU
> numbering scheme, one that sorts only just above the last sourceful upload
> but is very likely to be smaller than any time of new sourceful upload (mu,
> nmu or security) after it.
The current binNMU numbering scheme was selected explicitly to allow
security uploads to sort later by numbering as
<last_version>+<release><serial>; e.g., 1.2-5.1+etch1.
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/