Re: Upstream "stable" branches and Debian freeze
Hi, Ian:
On Tuesday 01 February 2011 14:11:44 Ian Jackson wrote:
> Thijs Kinkhorst writes ("Re: Upstream "stable" branches and Debian freeze"):
> > In the past such things have not been allowed with the argumentation that
> > even though stable may contain bugs, users rely on the behaviour that
> > stable has. They may know about a bug but may have worked around it (and
> > the update may break the workaround) or they do not know about a bug but
> > a fix for it may break a previously functional system. And of course as
> > we all know: bugfixes are not zero-risk and do have chances on new bugs
> > being introduced.
>
> Basically this argument is "the update may break things".
[...]
> I think there is room for us relaxing our policy for stable updates.
> Where upstream have a good track record of not breaking their own
> stable branch, I think providing those updates to our users is
> probably sensible.
I don't think "relax" is the word but "reinterpret".
Why is the policy exactly the way it is? It's obvious that changes are
allowed as security and point releases show. The "why" is obvious too:
because security and/or severe malfunctions overweight the risk of breaking
things *and* Debian release/security team try to minimize that risk by
patching the bare minimum to achieve the intended result.
That said, I find that to be the proper way for a maintenance policy and an
interesting one to push forward to upstream maintainers: it's not Debian,
it's proper engineering to strictly segregate bug fixing from new
functionality; it's proper engineering comitting for long term maintenance
for selected versions of your software and it's proper engineering taking
responsibility for the software one publishes and the bugs that come along
with it.
So, may I propose (if not already done) a document that outlines with enough
detail what Debian maintenance policy is and why from an upstream point of
view, and then allow for within Stable upgrades for software that has
demonstrated to pursue the same standards as Debian? Kindof a "quality seal"
that will allow to push minor versions: it would mean "more with less" since
Debian maintainers wouldn't need to maintain their own patch sets and they
would know in advance what the "proper" version to pack for Stable is (the
one that upstream publishes for long term maintenance within the time-frame
for the new Stable version). For those upstreamers interested in doing the
things the proper way, they could find Debian people to be knowledgeable and
helpful about it (since they've been doing it for years and it's in their own
interest).
Cheers.
Reply to: