[Mageia-dev] Backports Summary

[andre999]

Thomas Backlund a écrit :
> Sander Lepik skrev 26.6.2012 23:15:
>> 26.06.2012 22:25, Thomas Backlund kirjutas:
>>> * backports is supported as long as the rest of the release
>>>
>>>
>>> Comments? Questions ?
>> I think we should change the wording from "supported" to "tested". 
>> Currently we can
>> "support" backport with a newer version of the backport. But i don't 
>> think it's a wise move
>> to mark backports repo as an updates repo. So i don't see how we can 
>> _support_ backports.
>> And QA has no time to deal with updates for backports (i mean to 
>> search for security holes
>> in backports). But this can be discussed tomorrow.
>
> Well,
>
> It's the backporters job to make sure its fixed for security issues as 
> stated by:
>
> * if you backport anything, (regardless if you are the real
>   maintainer or not) you accept the responsibility of
>   handling the bugreports against the backport and make sure
>   it gets patched (or upgraded) to get security fixes.
>
>
> It's not supposed to be flagged as an update repo as that would make 
> it upgrade all packages it find in the system with matching backports 
> packages.
>
> So we need to either create a "backports update applet" or extend 
> current update applet.

I would favour extending the current update tools, and then flagging 
backport repos as updates, so that newer backports would be treated as 
updates to already installed backports at the same time as other updates.

> (or "worst case" until we get it automated tell the user of backported
>  packages to make sure they check if a new/fixed rpm is available in
>  backports)
>
> And there will still be some advisory notifying people of new backports,
> just like we do for security and bugfix updates now.

+1
>
> -- 
> Thomas
>


-- 
André