Re: Backports upgrade policy (ButAutomaticUpdates:yes)

[Joerg Jaspert <joerg@debian.org>]

On 13101 March 1977, martin f. krafft wrote:

>> I always understood that I had a responsibility as a backporter to release
>> security fixes as necessary, and if I wasn't going to do that, I shouldn't
>> upload the backport in the first place.  I handle backport security fixes
>> exactly the way that I handle stable security fixes.

> And say that a year later 2.3 comes out and it's the bee's knees
> because it fully replaces 1.1 except that the configuration cannot
> be automatically migrated, and all the power users on #debian-devel
> persuade you to backport it, what do you do?

Backport it. Thats one of the points backports is for. I would actually
ask wth 2.2 wasn't backported before.

> I feel that more software goes through the backports archive because
> of new features and updates that wouldn't pass our stable release
> policy, than security fixes to previously backported software.

Thats one more point of backports. You won't get it into stable (the
stable release policy does limit it to security and few other changes
for a reason, not new features).

> And yet, setting "ButAutomaticUpdates: yes" pretends that it's the
> other way around.

If you decide to install a backport - you do that. You decide to get
that most recent version. Which includes keeping it most recent.

If you really want it only when you explicitly say so, including
upgrades to (possible) security fixes, I don't think ButAutomaticUpdates
overrides local pinnings?!

-- 
bye, Joerg
Your mother seems really upset about something. I better go have a talk
with her… during the commercial.