[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: R 3.0.0 and required rebuilds of all reverse Depends: of R

On 2013-04-03 20:14:32 +0200, Philipp Kern wrote:
> On Wed, Apr 03, 2013 at 02:12:22PM +0200, Vincent Lefevre wrote:
> > In general, bug-fix releases (which are also blocked by the freeze)
> > don't introduce new bugs.
> Case in point:
> http://www.h-online.com/open/news/item/Security-updates-break-ownCloud-installations-1834507.html

Of course, there are exceptions. But you can see that the problem
has been fixed very quickly (in less than 24 hours). If such a thing
happens in Debian, the intermediate broken versions wouldn't even
have the time to reach testing.

One may also wonder whether the broken versions have sufficiently
been tested. Perhaps not, to quickly fix a security problem. But
even in this case, this may be the right thing to do.

> We know from some projects that they have regression testing we deem
> sufficient to trust that assertion. But I'm not sure it's generally
> true.

Couldn't Debian packages have some field about the quality of
regression testing?

Vincent Lefèvre <vincent@vinc17.net> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to: