On Fri, Dec 12, 2008 at 5:49 AM, Kevin Martin <kevintm@xxxxxxxxxxxxx> wrote: > FWIW, the 3 layer model is used to great effect in everyday business. > First, there's "testing" where the developers get to play to their 3 layers.. without referencing rawhide: Koji scratch builds: developers and maintainers have access to binaries in Koji and can do a number of scratch builds as needed before submitting them to the updates system for general consumption. Maintainers can and do list Koji urls in bug reports to get pre-release feedback from bug reporters if its warrented, before even moving to updates-testing. updates-testing: Where community QA is meant to happen. How many people have updates-testing enabled? Do you? updates: Stable updates which 'typically' have gone through updates-testing and gotten feedback. caveat: Maintainers have the discretion to bypass updates-testing for critical fixes and security updates. The dbus update was marked as security update with a valid CVE listing. It was inadvertently pushed to stable in error bypassing testing. I'm not sure what sort of policy change could have prevented this and yet would not have also significantly impacted the speed at which security updates are made available. Are you willing to have all security updates held back for a week in updatest-testing to protect against what happened with dbus? I don't think I can justify that as a policy initiative. The only thing which is going to help prevent what happened with dbus, is implementing "enough" mandatory automated testing somewhere in the process that all packages submitted to stable must go through...even all security tagged updates. Even automated testing has costs, and if we have "too much" it will also impact the speed at which security updates can be delivered. Are you willing to help implement more automated testing? -jef -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
