Re: virtualbox, backports, and fasttrack

[Pirate Praveen <praveen@onenetbeyond.org>]

On Wed, Oct 2, 2019 at 23:23, Bernd Zeimetz <bernd@bzed.de> wrote:

Hi Lucaus,

Given that backports are a no-go, I hope that http://fasttrack.debian.net/ will make quick progress and turn into an official service soon.

basically a good idea, but

I'm part of the Fast Track team and I'll try to answer your questions.

- what are your requirements for packages that are being uploaded there?

buster-fasttrack suite:

If a package cannot be part of a stable release because we cannot provide security updates for the entire stable li fecylce then that package cannot be in testing or backports. Those packages get security updates along with new upstream versions and such software can be in FastTrack.

buster-backports suite:

We also allow dependencies of packages in fasttrack to be updated from experimental during special cases like freeze, transitions or for new security update (backport-new can take some time). In the normal course, they should be uploaded to official backports since they qualify for backports.

You can see the original proposal that explains things in detail.

https://lists.debian.org/debian-devel/2018/12/msg00297.html

- how do you want to avoid that this service becomes a mess? who removes packages when, who makes sure maintainers actually take care of what they upload? how are bugs being reported? What about security issues?

We have not really thought about removals yet (probably we have not reached that stage yet as we only have one package there ie, gitlab and it is maintained well.). But we could follow the same rules as testing and backports (except for the meta rc bug that is present only to prevent testing migration).

Secutity issues are fixed by uploading new upstream releases.

Thanks, Bernd

--

Bernd Zeimetz Debian GNU/Linux Developer http://bzed.de http://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F