Ralf Corsepius wrote: > I.e. except for severe security bugs, extending EOL of FC3, to > maintainers condenses to monitoring PRs and to react if something > critically happens. In probably the vast majority of cases, such > critical bugs also affect FC4 and Rawhide, so maintainers would have to > investigate PRs in any case. So, in probably the vast majority of cases, > extending life time for few months, doesn't mean much additional work. Yes that's the situation then, it is only a question of reliability of security coverage going on. > I.e. it all is a matter of organization, coordination and collaboration. > One way to achieve this would be RH to silently let the "legacy team" > take over maintenance, and continue to ship packages through Core. I did suggest this on -devel. https://www.redhat.com/archives/fedora-devel-list/2006-January/msg00754.html The situation seems to be that there was already a plan to make the Legacy transition more seamless, and several people dislike the name 'legacy': https://www.redhat.com/archives/fedora-devel-list/2006-January/msg00841.html although not everyone: https://www.redhat.com/archives/fedora-devel-list/2006-January/msg00805.html It seems there is some desire in RHAT to make explicit their washing their hands of a release at some point. I guess this is driven by liability concerns somehow, ie, stopping people arguing in 2011 when there is a worm based on something that was left unpatched in FC3 that they trusted RHAT to still be there for them; hence the desire for an unmistakable "EOL" handwashing action. Anyway it does seem that the Legacy guy Jesse Keating is planning to react to this stuff. However fundamentally these are issues related to perception. The underlying action remains the same that RHAT folks stand by the security for some months and afterwards it is other folks doing it. In theory nothing stops the other folks being so bug-eyed zealous and shuddering with desire to have good security coverage that they exceed the performance of RHAT. So it seems to talk about this meaningfully one has to assess Legacy performance compared to RHAT in terms of security latencies. >> While I am sure that you have a big heart and that you are supplying >>the packages to Extras simply because of that heart (i.e. you are not >>actually using them yourself), > > Not quite, ... Hm well I for one appreciate your packaging activity. It's nice when yum install $RANDOMPACKAGE actually does something and that isn't happening by itself. -Andy
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
