On 4/16/20 11:42 PM, Jan Kratochvil wrote:
On Fri, 17 Apr 2020 06:55:10 +0200, Michel Alexandre Salim wrote:
For kernel updates this is probably not a good idea. Given that updates
potentially introduce regressions, being able to distinguish updates with
known CVEs that we do need to roll out immediately, versus other updates we
can do more compatibility testing on, is critical.
Even when there is a kernel regression a -1 vote gets immediately overvoted by
the +1s of majority so the update gets pushed anyway. So I do not see what is
the purpose of the voting at all. As an example:
https://bodhi.fedoraproject.org/updates/FEDORA-2020-3cd64d683c#comment-1258825
= kernel-5.5.6-201.fc31
Sure, but OP's proposal is to consider any kernel update as a security
update. Right now we auto-apply security updates to our fleet but let
users apply non-security updates at their own leisure.
(We do find it a bit painful that the repos only contain the initial
version of a package plus the latest update, but that's a different
discussion).
Best,
--
Michel Alexandre Salim
profile: https://keybase.io/michel_slm
GPG key: 96A7 A6ED FB4D 2113 4056 3257 CAF9 AD10 ACB1 BEF2
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
