Warren Togami wrote:
Steve Grubb wrote:
On Sunday 14 September 2008 12:37:59 Warren Togami wrote:
The goal of preventing force-tag is to better guarantee that .src.rpm
comtents match tags.
Is this really a problem in practice? I honestly do not care what is
or has been in cvs between actual releases. The srpm has all the files
that are part of a build. I never use cvs to research a problem.
It is useful and important to keep the CVS matching .src.rpm's. One of
many checks after the intrusion that we did was comparing the CVS tags
to .src.rpm contents.
4 packages out of a sample of 3396 were not matching between .src.rpm
contents and the matching CVS tag. Manual inspection however found the
differences to be inconsequential and the result of incorrect use of
force-tag.
The "Better force-tag" proposal would have prevented these four problems
from occurring without restricting legitimate uses of force-tag.
Warren Togami
wtogami@xxxxxxxxxx
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
