On 8/9/19 1:47 AM, Quanah Gibson-Mount wrote: > --On Wednesday, August 7, 2019 8:08 AM -0400 David Magda > <[email protected]> wrote: > I.e., 'providing' a build of OpenLDAP has a number of complexities.
Full ack. It's really hard to decide what is needed in a package. Linux distributions tend to enable all features to please everybody. But for highly secured systems it is mandatory to disable unneeded functionality. E.g. I'm maintaining the full-featured builds for openSUSE but personally I'm using stripped down builds without all deprecated backends. Also Linux distros implement pseudo config management in there packages which trys to create a default config. Mostly this defeats serious deployments using a decent config management. I saw production systems break after a "yum update" or "apt-get upgrade" because of overzealous package post installation tasks. >>> 2015 had a lot of serious bugs in its release, the releases were rushed, >>> and the result of rushing was bad. I don't think 2015 is a "good" >>> example of how things should be done. >> >> That is an argument for timed releases. > > I fail to see how that's the case. Me too. Especially because timed releases can also lead to some kind of rush before the release date. > What I see is that we need to: > a) Ensure we have CI/CD > and > b) Better/expanded test cases & databases to validate against > and > c) more participation from the community in testing/validating new > features and code fixes. Again, full ack here. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
