Re: another question to all candidates about stable point releases
On Tue, Mar 07, 2006 at 11:18:31AM -0700, Bdale Garbee wrote:
> firstname.lastname@example.org (Marc 'HE' Brockschmidt) writes:
> > What would you do to make regular point releases possible?
> An even more interesting question for all of the candidates is "what do you
> think should be included in point releases"?
I think it's important to maintain the property that stable releases
won't contain gratuitous changes without very good reason, a policy
that's been stringently applied by our SRM so far. However, I don't see
a problem to have things like timezone data updated, if they happen to
need changes for changes circumstances. Of course, provided that such
change really would not break anything.
If some (part of) a package is broken due to external changes
anyway, and there's a non-regressing update possible, that should
certainly be considered. For example, I'm thinking of ClamAV engine
changes that can, at a quite internal level, deal with more types of
virus-definitions in the distributed data files. If nothing from the
outside would change on clamav, I don't see why not to include such
I realize, however, that's very hard to draw a clear a line, and in any
case, I don't think the current (clear) line is far off the ideal line,
whatever that would be exactly. I notice, for example, several updates
that fix previously totally-broken packages.
> Point releases are currently primarily a folding-in of security fixes, with
> the occasional exception for fixing some bad but not security-related bugs.
> Should other content be acceptable for point releases? Do you know about
> volatile and have some vision for how it should evolve and/or relate to the
> rest of our release processes? Etc.
Volatile is a nice effort exploring the issue of stable updates --
efforts like volatile are a nice example of how to achieve things in the
open source world, including in Debian: show the code, experiment, and
if your work turns out to be wanted, it can be included proper in the
official places, wherever that might turn out to be.
I think it'd be better on the longer term though to have the stable
update policy just slightly more relaxed so that what's in volatile
could go into stable proper (clamav, jwhois) -- or alternatively, the
packages using it should gain themselves some auto-update feature if
it's really predicteable to be needed numerous times during the lifetime
of a package to have new data files. I don't have a particularly strong
opinion on this though, but I'm a bit wary for having too many suites
for users, which makes things all the more complicated.
Jeroen van Wolffelaar
Jeroen@wolffelaar.nl (also for Jabber & MSN; ICQ: 33944357)