[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Q to all candidates: NEW queue



On Friday, March 27, 2020 8:40:11 AM EDT Lucas Nussbaum wrote:
> On 27/03/20 at 12:23 +0100, Martin Pitt wrote:
> > At least during my many years of Ubuntu archive administration I've
> > actually seen quite a lot of packages which contained non-distributable
> > files, had hilariously broken maintainer scripts (which could then also
> > damage *other* software on your system), and the like. For these an
> > initial NEW review was quite important.
> > 
> > That proposal is assuming that the "package gets reviewed, a bug is filed"
> > step actually happens timely, but that is precisely the problem -- with
> > such a workflow we would essentially stop having NEW review and just hope
> > that someone catches bad packages before they get released. So IMHO this
> > is not a solution, and only causes buggy packages to creep into unstable.
> 
> So in my original mail, I proposed that new packages would get
> immediately accepted into unstable, but would still require a review
> before migrating to testing. I believe that it's an interesting compromise,
> because:
> - while in unstable, they would get tested by our regular QA tools, that
>   are likely to find some of the issues ftpmasters would have found
> - it makes it possible for the maintainer to get early feedback from
>   users, and to continue working on packaging reverse dependencies.
> - it's unstable, so even if it's severely broken, it's probably not a
>   big deal. We have lots of packages in unstable that have been severely
>   broken for years anyway.
> - it protects 'testing' (and our stable releases) from unreviewed
>   packages.
> 
> Of course this only works if Debian doesn't get sued for copyright
> infringement too often. I wonder if that would be a problem (it's
> probably less likely to be a problem for packages in 'main' than for
> packages in 'non-free').
> 
> Lucas

What's "too often"?

Scott K

Attachment: signature.asc
Description: This is a digitally signed message part.


Reply to: