Bug#90511: proposal] disallow multi-distribution uploads

To: Ben Collins <bcollins@debian.org>
Cc: 90511@bugs.debian.org
Subject: Bug#90511: proposal] disallow multi-distribution uploads
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Thu, 22 Mar 2001 07:31:18 +1100
Message-id: <[🔎] 20010322073118.A25574@gondor.apana.org.au>
Reply-to: Herbert Xu <herbert@gondor.apana.org.au>, 90511@bugs.debian.org
In-reply-to: <[🔎] 20010321103756.U28602@visi.net>; from bcollins@debian.org on Wed, Mar 21, 2001 at 10:37:56AM -0500
References: <[🔎] 20010320230602.X28602@visi.net> <[🔎] 200103210838.f2L8c8016922@gondor.apana.org.au> <[🔎] 20010321103756.U28602@visi.net>

On Wed, Mar 21, 2001 at 10:37:56AM -0500, Ben Collins wrote:
> Remember that the majority of uploads to stable are done by the security
> team and the buildd's. I don't think this is a lot of effort for the
> maintainers, since it isn't done often enough to be cumbersome, like it
> would have been for "frozen unstable" uploads.

Well this hasn't been the case in my experience.  Most of the security
problems that has occured in my packages resulted in uploads by myself, not
the security team.

> Think of a base system. If things are allowed to continue this way, it
> means the base system will be comprised of a lot of different versions
> of the same library. That makes a base install larger

This is a different issue.  Besides, you won't solve it by gettint people
to do different uploads since they can compile both on stable (some
developers only run stable machines immediately after a release).  What you
need to here is to file bug reports against packages that compile against
obsolete sonames.

> This isn't about keeping old libraries around. For one, people can
> always get it from the old dist, or they will just keep it installed and
> not remove it. This is about the libraries required by Debian packages
> themselves. New uploads should always strive to be built agains the
> latest packages, to reduce the dependency chain in the dist, and
> increase integrity of the compile base.

But you won't solve the soname problem by doing this since uploading to
unstable doesn't mean that the package was actually compiled on unstable.
Personally bug reports have been just fine in solving this problem.

And as I said in my previous message, for libraries with the soname
(like glibc), you do want to test it against old -dev packages to ensure
binary compatibility.
-- 
Debian GNU/Linux 2.2 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to:

Follow-Ups:
- Bug#90511: proposal] disallow multi-distribution uploads
  - From: Ben Collins <bcollins@debian.org>

References:
- Bug#90511: [proposal] disallow multi-distribution uploads
  - From: Ben Collins <bcollins@debian.org>
- Bug#90511: proposal] disallow multi-distribution uploads
  - From: Herbert Xu <herbert@gondor.apana.org.au>
- Bug#90511: proposal] disallow multi-distribution uploads
  - From: Ben Collins <bcollins@debian.org>

Prev by Date: Bug#90511: proposal] disallow multi-distribution uploads
Next by Date: Bug#90511: proposal] addressing objections (re: disallow multi-distribution uploads)
Previous by thread: Bug#90511: proposal] disallow multi-distribution uploads
Next by thread: Bug#90511: proposal] disallow multi-distribution uploads
Index(es):
- Date
- Thread