Hi, On 25.03.20 23:39, Dmitry Smirnov wrote: >> Software packages like kubernetes, docker, and many of the other "hip >> tools of the day" are moving way too fast for our release scheme. > It is worth remembering that Debian is not only a stable release. > Statically built Golang apps are easy to install from testing/unstable into > stable and packaging still provides certain benefits. That, and in theory we also have a "volatile" archive for things that move too fast. > Stable Debian release protects users from sudden unexpected and disruptive > changes but some prefer to run their systems from "testing". I'd expect people running container hosts to prefer stable, but if upstream doesn't provide a "long term support" version (or anything that actually has a version number instead of a commit ID) and at the same time the software is too complex to branch off and maintain ourselves, then our hands are kind of tied. FWIW, I used to maintain software like this, and filed a "this software is unstable and should not be part of a stable release" RC bug against it, that's a completely valid state for a package to be in. For anything but container host software, the existence of containers even makes this somewhat manageable. We have an awful lot of packages with version numbers of the forms "0+git...", "0.0.2019..." or just a single large number, because upstream does not believe in traditional releases, but the processes Debian was built around expect software to be released and supported for a while and expect maintainers to be able to forward bug reports upstream and get a better reply than "tell your users to upgrade". Getting Firefox and Thunderbird as ESR versions into Debian was a massive amount of pain, but in the end it seems to have paid off, because we managed to convince upstream that there is demand for stable releases from users who do not want to roll out updates constantly and deal with the resulting stability issues. As a distribution, it is our job to communicate users' expectations to upstream, not just to facilitate an unidirectional flow of packages. Many upstreams already distribute .deb files from a robust mirror infrastructure, our value proposition should be a bit stronger than "you don't need to configure an additional source". Simon
Attachment:
signature.asc
Description: OpenPGP digital signature