On Fri, 17 Dec 2010 13:34:15 -0500, Matt wrote: > On Fri, 2010-12-17 at 18:32 +0100, Ralf Corsepius wrote: > > * we are building packages against the known-to-be-broken package > > The old package is already in stable. We're not doing additional harm > by building against it unless the "breakage" is a regression that > affects the building of dependent packages. At most, we waste the > effort of performing the build. Emphasis on "stable". Koji buildroot production is not just about security. Packages in the buildroot are supposed to be usable and not "known-to-be-broken" as Ralf put it. The majority of updates consists of a bug-fix for run-time issues or a version bump that also affects build deps. Buildroot poisoning can also be done with bad builds that break dependencies or the entire buildroot. Unexpectedly or even expectedly. > > whose > > replacements already are waiting in updates-testing. ... and are __waiting__ (!) to be tested. One could say they are waiting to be tested also as a build requirement for other packages, but certainly not in a throw-and-forget fashion -- where eventually packagers will notice that a dependency cannot be rebuild anymore. And nobody has tested that much earlier. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
