On Sun, 16 Oct 2005, Steve Langasek wrote: > Why are you telling maintainers that you are going to NMU for the openssl > transition? Such NMUs have not been discussed with either the release team
Well, I am not telling maintainer*s*, so far I just filed a single bug against net-snmp. Because of ld being quite clear that my system was about to go to segfault-happy land, and warning me I was getting stuff doubly linked against openssl 0.9.7 and 0.9.8 already (and net-snmp was the one bringing 0.9.7 to the chain). The openssl transition is under way, the release team was not clear on what we were to do about it, either. I was fully expecting 0.9.8 to be removed off the archive immediately until it was properly fixed. No such luck. The packages for 0.9.8 were not removed, we all waited for a proper fix (versioned symbols) for a bit (thread on d-devel), none was forthcoming and the maintainer made it clear he wouldn't do it without the blessing of upstream or the other distros (but no status updates came about whether such a thing was being attempted or not). 0.9.7 made it back to the archive, with no conflicts and no versioned symbols. I filed a grave/critical bug about 0.9.8 not conflicting with all libs built against 0.9.7... cc'ed to d-devel, even. No reply whatsoever. What is one to do in these conditions? I filed a bug, waited a bit for the NMU (which I didn't even upload, because the maintainer acted much faster), and even if I had, it would have stalled for 2 days. A conservative approach IMHO, given the facts outlined above. I hope my reasons for filling the bug are crystal clear, now. I really AM sorry for disturbing the C++ transition even further, the sooner it is done, the better. But the scenario was not exactly set up to make it easier for such a mistake not to be made. > or the QA team, and they would be disruptive of the release team's efforts > to complete the C++ ABI transition for KDE and related libraries -- of which > there are about a dozen tied in that do *not* come from KDE, and net-snmp is > one of them. The openssl transition is not a priority compared to the C++ The net-snmp maintainer clearly was not well informed of this, otherwise instead of doing the upload, he would have told me to hold the NMU (which I would have). > ABI transition, and uploads like the net-snmp 5.2.1.2-4 upload that your bug > prompted will delay the C++ transition without helping the openssl > transition. (net-snmp will have to be rebuilt anyway once libssl0.9.8 > provides versioned symbols.) AH, so *now* we are officially told that there WILL be a 0.9.8 with versioned symbols? Glad to know, I certainly could not guess such would happen in the foreseable future, given the messy 0.9.7 upload + callous 0.9.8 upload_s_ we have had so far, and the fact that I read no replies whatsoever to that effect in the d-devel thread. I am less than impressed with the OpenSSL team's way of handling this, so far. > Please refrain from bug reports or NMUs for the openssl transition without > first discussing the specific case with the release team. I will refrain from doing it of course, now that I have been told about it. > Jochen, if you weren't already aware, the libsnmp9 transition is tangled up > with the KDE transition because php4 and php5 depend on both; so if you > could also hold off on further net-snmp uploads except for RC bugfixes until > libsnmp9 makes it into testing, that would also be appreciated. May I humbly suggest that from now on, we have weekly d-d-a emails about all ongoing transitions and naming all packages that are to be left alone (no NMUs, no maintainer uploads without first talking to the release team) ? Better yet, da-katie could be improved to put a source package on hold for manual approval by the release team (after it is approved by the ftp-masters or builtin katie policies) to enforce these transitions more smoothly. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]