On 2015-02-17, Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> wrote: > On Thu, Feb 12, 2015 at 1:32 PM, Stephen Gallagher > <sgallagh@xxxxxxxxxx> wrote: >> == Proposal == >> With these things in mind, I'd like to propose that we amend the >> packaging policy by splitting it into two forms: > > I think this needs to go beyond simple policy. It needs some > buildsystem enforcement as well. [...] > With the definition you have here, I'm afraid we are going to be > constantly playing "is or isn't" on whether a package is core or not. > E.g. things get sucked into the install media due to dependencies and > nobody notices until it's time to trim the size. It just doesn't seem > like this would scale, particularly since the distro is rather fluid. > > Perhaps instead the Base WG could come up with what they consider > core, and we could really stick to that? Meaning, things in core > cannot Require packages outside of core at runtime. [...] > I'm OK with this if Ring packages land in a separated repo. That > could be done by having a separate koji target that spits out things > into a rings repo. > > My concern here is that if everything (ring and core combined) lands > in the same koji tag and goes through koji just like packages do > today, we're going to wind up with a big mess. Having dependencies on > ring packages is going to entangle things and make it very hard to > clean up later. > I agree. While it's tempting to "just tune policy a little" (i.e. reduce packaging guidelines), it's not enough. The implications are huge (from security, suistainability, trust point of view). My impression from reading this thread is people do not want mixed system. Why not to create a new repository with reduced policy as Stephen proposed with the one-way dependency rule (between current Fedora and the new easy-for-beginners repository)? If the repository was fully supported by Fedora project (package databse, dist-git, koji, bodhi, bugzilla) with yum/dnf configuration knowing the easy-for-beginners repository, then both groups (deniers and supporters of the mixed system) would be satisfied. After some time, we can evaluate if the easy-for-beginners repository is a viable solution (from all the points of view I listed above). If the reduced policy is really the golden solution, then we will witness spontaneous move of packages from Fedora to easy-for-beginners repository. -- Petr -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
