Quoting Pekka Savola <pekkas@xxxxxxxxxx>: > On Fri, 23 Sep 2005, Eric Rostetter wrote: > >> I didn't yet update the PUBLISH votes, because the patches need to be > >> verified, check the requirements at: > >> > >> http://www.fedoraproject.org/wiki/Legacy/QAPublish > > > > That doesn't explicitely state that I must do so. If each of the things > > there *must* be done, then you need to make that more clear, and restate > > things that are optional as being optional, and restate what you mean since > > it isn't clear. > > It should: the first three steps are mandatory. I tried to see if I > could add clarification on this, but apparently I don't have the edit > rights for the page (shouldn't it be more open?) It isn't open any more due to the spam/abuse it was receiving previously. The "Required checklist" is at the bottom of the page. It says "Patches should be mainly taken from publicly available sources, e.g., other distributions such as RHEL, so that their correctness can be more easily verified." I didn't read this as "I need to do a direct comparison of the patch source code with the upstream provider's patch source code." So maybe it should be made more explicit. > The latter bullet points are optional (which is mentioned there), > implying (but not saying) that the previous ones are mandatory. I wouldn't count on that being interpreted that way. Especially since at the bottom of the page you have a "Required Checklist" for Publish which differs from the list at the top that you are trying to say is the required checklist. > > No, I don't run FC1. Yes, I said that, but it is wrong. Since you don't want me to actually test the code (which I did before) I don't need to run the code, so it doesn't matter that I don't run FC1, so I now retract that stupid statement. > As you wish, but note that giving PUBLISH votes does not require one > to run the OS version in question. I.e., it is not required to test > the package; just reviewing 1) source integrity, 2) the .spec file, > and 3) the new patches [if they come from an already-QA'd source] is > sufficient. I thought that was what I did, but you say I didn't since I didn't do a literal comparison of sources, but the wiki is unclear as to what needs to be done... > I'm a bit impartial in this because I proposed the packages in the > first place, but I think verifying the patches is essential. Even > thorough testing of the packages may not show problems if the patch is > not (quite) right. True. If I can get the time Monday I'll try to redo the tests. But someone really needs to re-write the wiki page, and when Pekka asks for help with QA he needs to make sure he says only PUBLISH votes following the wiki required checklist will be accepted. This requirement does not exist for VERIFY votes, and that should probably also be noted in Pekka's mails. This will avoid the confusion in the future. > Pekka Savola "You each name yourselves king, yet the > Netcore Oy kingdom bleeds." > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings > > -- > > fedora-legacy-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-legacy-list > -- Eric Rostetter -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
