Re: how to deal with widely used packages unsuitable for stable (was Re: [Git][security-tracker-team/security-tracker][master] Add radare2 to dla-needed.txt with comments.)
- To: Raphael Hertzog <hertzog@debian.org>, Pirate Praveen <praveen@onenetbeyond.org>, Dan Clery <dan@savevsgeek.com>, Abhijith PA <abhijith@disroot.org>, Paul Gevers <elbrus@debian.org>, Holger Levsen <holger@layer-acht.org>, debian-release@lists.debian.org, debian-lts@lists.debian.org, debian-security@lists.debian.org
- Subject: Re: how to deal with widely used packages unsuitable for stable (was Re: [Git][security-tracker-team/security-tracker][master] Add radare2 to dla-needed.txt with comments.)
- From: Alexander Wirt <formorer@formorer.de>
- Date: Fri, 30 Aug 2019 22:02:18 +0200
- Message-id: <[🔎] 20190830200217.GC16671@marge.snow-crash.lan>
- Mail-followup-to: Raphael Hertzog <hertzog@debian.org>, Pirate Praveen <praveen@onenetbeyond.org>, Dan Clery <dan@savevsgeek.com>, Abhijith PA <abhijith@disroot.org>, Paul Gevers <elbrus@debian.org>, Holger Levsen <holger@layer-acht.org>, debian-release@lists.debian.org, debian-lts@lists.debian.org, debian-security@lists.debian.org
- In-reply-to: <[🔎] 20190830144933.GB11050@home.ouaza.com>
- References: <[🔎] 20190829122853.GA18557@home.ouaza.com> <[🔎] 090bd09f-8c14-dd50-cb44-63a5383cb60f@debian.org> <[🔎] bcb8d816-df22-7cc5-567b-3f8e206a6f3a@disroot.org> <[🔎] CAHBOX4pi98LWNDpngK-foh_5fBesdOGBb+JdtBuCV908hHh5fg@mail.gmail.com> <[🔎] 464C6643-D04A-4CC2-B096-EC12989E912A@onenetbeyond.org> <[🔎] 20190830071732.GA1688@home.ouaza.com> <[🔎] 20190830072959.GB5309@lisa> <[🔎] 20190830085652.GB1688@home.ouaza.com> <[🔎] 20190830090744.GC5309@lisa> <[🔎] 20190830144933.GB11050@home.ouaza.com>
On Fri, 30 Aug 2019, Raphael Hertzog wrote:
> Hi,
>
> On Fri, 30 Aug 2019, Alexander Wirt wrote:
> > > We're not speaking of crap software, we're just speaking of software that
> > > can't be maintained multiple years by backports of security patches, where
> > > we get fixes only with new upstream versions (mixed with new features).
> > I don't want to draw that line, someone would have decide if the software is
> > just crap, the maintainer too lazy or if its really fast pacing. Wordpress is
> > an example of a software that should really be supported within stable. If
> > not its just crap.
> >
> > Imho we should have packages in testing that will not be part of the next
> > release. And we don't want any form of automated migrations. Full stop.
> > People should build and *test* their packages against stable.
>
> I don't know if I'm expressing myself very badly, but there's clearly a
> misunderstanding.
>
> Right now there is no "stable" release where you would build packages for
> bullseye-backports. If you keep the same logic of building next release
> packages against the current release, then for bullseye-backports that
> would mean building packages from unstable in a testing environment.
I have a problem with your definition(s). There is no bullseye-backports yet
and it will only be available short before its release. Backports is meaned
to support a stable release.
Alex
Attachment:
signature.asc
Description: PGP signature
Reply to: