On Saturday 15 Dec 2012 16:50:55 xor wrote: > On Saturday, December 15, 2012 11:12:46 AM Matthew Toseland wrote: > > > > Even for Ubuntu this would not work. > > > > > > Why? > > > > > > I've been seeing lots of non-security package updates for Ubuntu over the > > > years. I don't understand why packaging it would require us to "freeze" > > > it. > > > I am not even certain what you mean by "freezing" it? > > > > LTS releases are frozen for 7 years. Even normal releases typically are run > > for at least a year. > > > > Frozen = no code changes other than important bug fixes. In particular, > > major changes to solve architectural problems (e.g. to improve security) > > are unacceptable. > > I don't get this. You're trying to tell me that Ubuntu doesn't accept > security > updates? Of course they do. My machines even install security updates > automatically and email me the changelogs and tell me to reboot if needed.
They don't accept major changes. Like every other distro. And at this stage, it can be hard to separate major changes from security updates - because security fixes may well be major changes, if we have serious architectural issues which affect your level of anonymity. Which we do. In any case we need to be able to deploy changes and see what happens, to make any headway on performance issues. Having a large chunk of the network running frozen code for several years is not acceptable at this stage. It may be post-1.0, when we have a lot more nodes and can build a really huge testnet, or when we've dealt with the major architectural issues. > > > But go look up the policies for yourself if you don't believe me. > > I believe you that there are certain restrictions. > But I think you are exaggerating their imptact. > > What I especially dislike is that we don't do proper maintenance of the > Windows installer because we all use Linux AND don't offer proper Linux > packages, which is a MAJOR drawback for Linux users. > If we are completely honest, the convention with Linux is: Don't install > stuff > which is not in the package manager, it is dangerous. We've already been over this. We can provide packages. We just shouldn't try to get them into the official, frozen repositories. For some linux distro's there may be alternative repo's with laxer rules which we can usefully contribute to. IIRC there are several different Ubuntu repo's, for example. Even on debian we might apply to volatile, but I dunno what exactly their policy is. Providing your own repository for up to date packages is far from unusual. Wine does it, for example. > > Given that Ubuntu is the #1 Linux distribution - like it or not - we should > at > least *try* to get into their official package management. > I think the restrictions which you are talking about probably only apply if > you expect the Ubuntu folks to maintain the packages on their own. > I highly doubt that they will reject volunteer package maintenance. They are > an open source project just like we are, and probably are happy about every > volunteer they can get. If they are anything like debian they will have strict standards on what can go into stable and what can't. And they have these for good reason. But they are incompatible with our current stage of development. > > I would like to close this mail with a forward of the update list my > Ubuntu12.10 laptop sent me a week ago - all those updates became available in > one day: That's called a "point release". They save up a bunch of updates and then deploy them all at once as a minor revision to the OS. Also I think you'll find most of the packages are actually parts of KDE, which presumably has a single source package.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
