On Sun, 31 Oct 2010 04:37:38 +0100, Kevin wrote: > Martin Stransky wrote: > > there's a new Firefox update waiting in Bodhi and we can't push it to > > stable because of new rules. We recommend you to update to it ASAP as it > > fixes a public critical 0day vulnerability > > (https://bugzilla.mozilla.org/show_bug.cgi?id=607222). > > Looks like the F13 build got karma quickly enough to land directly in stable > after all, the F12 build, on the other hand, was stuck in testing for 2 days > before finally making it out to stable. Yet another blatant example of > failure of the Update Acceptance Criteria, needlessly exposing our users to > critical vulnerabilities. > > (And no, by giving yet another special exception to Firefox wouldn't be a > solution. ;-) This problem can hit any other app as well.) > > Kevin Kofler Okay, feedback time. Lately, there have been several attempts at urging proventesters (and not just testers in general) to give positive karma for aging critpath updates. It also has been decided by someone (or maybe even a comittee) to spam proventesters daily with "[old_testing_critpath]" messages for all three dist releases, with no day to unsubscribe from that (other than leaving proventesters group, which is what at least one person has threatened with, or filtering those messages). Dunno about other testers (and there aren't many yet), but I have abandoned F-12 long ago due to lack of time when F-13 became the one to use on a daily basis. And some time before F-14 Beta, my desktop has been switched to boot F-14 by default. That's the only opportunity to evaluate F-14 early and possibly find issues prior to its release. On the contrary, most of Fedora's users will wait for the final release, and many users will wait even longer. It's highly likely that bugzilla can confirm that. F-14 is the the only way forward, and don't like to spend time on F-13 and older anymore. That also applies to packagers I maintain or monitor. I simply don't see the user base [target group] anymore. About positive karma in bodhi, I don't feel comfortable signing off arbitrary updates just because they didn't crash for me after five minutes. With some updates, regression has slipped through already. And the more bugs an update addresses with either patches or a version upgrade, the more careful I would like to be when testing something. Also, in my book, an update working on F-14 may still malfunction on an older dist release due to differences in dependences and the core setup. I still don't understand why some non-security updates are rushed out with sometimes not even the package maintainer(s) having tested them at all. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel