On Wednesday, October 26, 2016 2:03:20 PM CEST Florian Weimer wrote: > > However, extending Koji to support "hidden builds" is certainly a good > > idea. > > Trust me, it's not. Embargoes are against the spirit of Fedora, and a > general hassle for everyone involved. Vague argument, sorry. Please elaborate what's against Fedora. The "status quo" is bad, our _users_ are the ones who suffer from delays in CVE fixes. We should care take about users, in the first place. > Deploying a lot of infrastructure for the one or two cases per year > where it comes in handy does not make sense. That's more than _two cases_ a year and I'm talking about _single_ package, at least I've heard mariadb/mysql guys have it similarly. Upstream maintainers are *asking us* in advance to report them back whether the release tarball works for us! And they would willingly fix the release tarballs or help us with issues, but we are unable to respond (that's shame). Yeah, I'm able to do my local build on x86_64 machine (and build in i686 mock), but that's everything I can do; if the aarch64 fails for me, then we'll have nontrivial delay.. Side note: Really typical for Fedora devel, we always suggest people to do either of those: - Do nothing. - Wait. Other (in many times unrelated project) will fix this. (== never) - Deal with that, that's not what Fedora is about. I'm OK to accept the fact "hidden builds" are not perfect approach, that's right, but that could be relatively easy for implementation. Better to have something in the beginning rather than wait for "expensive feature" which we'll never have enough manpower for. Pavel _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
