-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 21 Aug 2014 11:02:23 -0400 (EDT) Miloslav Trmač <mitr@xxxxxxxxxx> wrote: > Hello, > ----- Original Message ----- > > As requested on this ticket, I'm opening this up for discussion. > > https://fedorahosted.org/fesco/ticket/1332 > <snip> > > (a) The reason for wanting packages to be retired so quickly has not > > been made clear by rel-eng. > > My reading of the ticket gives two reasons: > * Make the act of orphaning and the impact of removing a package more > connected to each other, allowing the reasons for orphaning > the package to be considered in the decision to retire or revive it. > (Retiring in smaller batches would help this as well.) > > * Make broken dependencies caused by retiring a package more > immediately visible after the orphaning, to avoid once-per-release > “time bombs” and the scramble to suddenly find maintainers. > > That our processes allows for such “time bombs” seems, to me, > an inherently bad thing that we should be fixing. Note that we can not remove anything the shipped in the GA tree of a release. that content is static forever. so while we can remove updates we can not remove a package completely, but removing from rawhide is very doable > > (b) The biggest reason for people to use one distro over another is > > based on number of packages available to be installed. By retiring > > packages more quickly we inevitably reduce this number thereby > > making Fedora less popular. > > We wouldn’t remove packages from released branches, and the > cumulative impact of the regular retirement cycles on rawhide would > AFAICT be exactly the same as the current one big retirement cycle. > > > (c) An orphaned package is not necessarily a risk ("security" has > > been mentioned here ...). > > We don’t want to gain a reputation of shipping packages that “are not > necessarily a risk but each user is required to verify this for > themselves”. Also, risk or not, an orphaned package is frequently a > _burden_ on whoever has to fix it up after failed rebuilds of the > package, or API breakage by its dependencies. > > > (d) 4 weeks is too short. Some people go on holiday for this long. > > That can obviously be tweaked. > Mirek -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJT90pmAAoJEH7ltONmPFDR3dUP/RReCsssCzLrQ0faS6H0Z25G 9vpZ+AuRbxu9r3v2rIUbqPG7SqD/iuaxrUnCj0M4GLlu4YODR4hBfFqjoZbRohFu lMzC4jMDWhUMtrs2rvkKWJ+prUl4Nfqah/E4cZd0EslwubTvCsBt4vkY7nGvBJVI bd9m6kjH7LTfTtothF9jbLWKGXkfWWYJAgmHHi6jqcT8L1AxfT9e7TMhG7CNtBvN Ro4PT8SsYCqkC5ZanS0G6IYj21ZCJrndnzsH/+Kqjm46VV/2uIOqfQSsqKsDRJ/d iM1Ecn4MbsAovmsV4ljdoYYWlHUHqqlau2UQfFYB188lfLqRY8VjDpEdYYJ1XLhS 9RkG+1+MbQ/MRJRBa3XZRZsFmlHi4VohiktrWJSxrwgi/ZI/Pi6TMEYdUeP7hdEn bTA6iraF6YyMP7tcrYo0rvIKL6zZ28fTYMCtvt76u77crNC0TVKD9Z2OBrcK2Z14 5YLr6LGhrNpzJNPeRgqpon8a7EztvCFd3A6F/9g+SP0nIVLD9AvansWq+np6QKbS QLN7MrB143m07FdHwS/n8r/4pfh2Mm6slR/7cBBfF79eekaXOsvQB0HGevHGeXUu RWAuJKJHD52LaSUFAIPzI4ArDBHhoTFbBpwzyz2v3cg6RCzkaWyKkC1LSJjrOCLo 8gt8P6xOxiJH2SgPKJ0S =k5Fh -----END PGP SIGNATURE----- -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
