On Sun, Mar 31, 2024 at 6:50 AM Kevin Kofler via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > Kevin Fenzi wrote: > > Branched enables updates-testing... so if you installed f40 anytime, you > > will have it enabled and if you then applied updates it would be in them > > Yet another thing I always said was a bad idea, and this incident proves it. > This would have been filtered before reaching most people if we made people > only test what actually ends up in the composed Beta and Final images, i.e., > updates that made it out to stable. In addition, having updates-testing > enabled makes it unsafe to upgrade a Beta installation to Final because > suddenly updates-testing gets disabled, but people still have packages from > updates-testing (such as the backdoored xz, but also tons of untested > packages or ones that explicitly failed testing) installed. > Well, an easy solution is to make it so "dnf update" is coerced to "dnf distro-sync" for development releases. Then it doesn't matter. We could make that happen for Fedora 41 with the DNF 5 transition (there's already code to make this possible with PackageKit with the current DNF backend, it needs to be migrated into DNF 5). Disabling updates-testing is a bad plan, because we want updates more aggressively tested during the development cycle. -- 真実はいつも一つ!/ Always, there's only one truth! -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
