Op 3-6-2017 om 0:59 schreef Leo Gaspard:
You mean al the tests that didn't catch the bug in the first place? Or the tests that assure the fix will be installed without problems?On 06/02/2017 06:54 PM, Frank wrote:Op 1-6-2017 om 23:32 schreef Leo Gaspard:Hi all,I just wanted to point out an issue with hydra: it doesn't make any distinction between security updates and normal changes.Why is this an issue? Security-updates are just as likely to introduce bugs as every other update.If I have to choose between having a security vulnerability and having some installer tests that don't build (as these seem to be the source of most test failures)... I know what I'd rather have (especially given install images aren't generated from every commit of nixpkgs), don't you think?
If the testing is a problem for distributing the software, the tests are probably wrong. You can't fix things by testing, so don't try to repeat and improve the upstream testing (not during distribution at least).
The focus of the distribution is, distributing software, that installs well on all target systems. And if your fix breaks some systems it doesn't matter how important it is for security.
I really agree, it's important to roll out security fixes fast. But I don't see why other updates should be very time consuming.
Greetings,
Frank
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev
