Mike McCarty wrote:
Rahul Sundaram wrote:
This is not a discussion about personal opinions on QA policies within
I haven't presumed to dictate the content of your messages, or state
what your intended topic was. Please grant me the same privilege.
Or are you acting as a moderator?
No but
Rahul Sundaram wrote:
This is not a discussion about personal opinions on QA policies within
I haven't presumed to dictate the content of your messages, or state
what your intended topic was. Please grant me the same privilege.
Or are you acting as a moderator?
Mike
--
p="p=%c%s%c;main(){pri
Hi
Other distros do have better QA, as Red Hat itself says about FCx.
RHEL has, per Red Hat, better QA than FC.
Comparing a commercial product to a community project is unfair. Lets
hear about QA processes documented in other community projects.
Eh? My comment, as I asserted again, was
Rahul Sundaram wrote:
Mike McCarty wrote:
Rahul Sundaram wrote:
Hi
Yes, my indictment earlier was for *all* distributions of Linux.
But Legacy has gone further than I can follow along, that's all.
We are merely discussing a proposal so legacy process hasnt gone further
That is no
Mike McCarty wrote:
Rahul Sundaram wrote:
Hi
Yes, my indictment earlier was for *all* distributions of Linux.
But Legacy has gone further than I can follow along, that's all.
We are merely discussing a proposal so legacy process hasnt gone further
That is not my understanding.
at a
Quoting Mike McCarty <[EMAIL PROTECTED]>:
I sent out an e-mail some weeks ago suggesting that if
there were an easy way for me to test without endangering the stability
of my system, then I'd be willing to do some QA testing. The silence
in response to that message was completely deafening.
Th
Rahul Sundaram wrote:
Hi
Yes, my indictment earlier was for *all* distributions of Linux.
But Legacy has gone further than I can follow along, that's all.
We are merely discussing a proposal so legacy process hasnt gone further
That is not my understanding.
at all. You also state that o
Hi
Yes, my indictment earlier was for *all* distributions of Linux.
But Legacy has gone further than I can follow along, that's all.
We are merely discussing a proposal so legacy process hasnt gone further
at all. You also state that other distributions QA process is better.
How do we know?
Rahul Sundaram wrote:
Marc Deslauriers wrote:
On Tue, 2006-02-14 at 14:44 -0600, Mike McCarty wrote:
Since Legacy is no longer in my yum configuration, it's no longer
an issue for me, good or bad. I don't wish to subscribe to "testing".
Since "testing" and "release" have been merged, I have
Hi
CentOs does, I know. I've also read that for Scientific Linux.
Scientific Linux makes sure that they rebuild the same binary
as RHEL. It isn't what I like, but it's better
than "no one has actually used it for two weeks, so I guess
we'd better put it on your machine."
I would like to see w
Marc Deslauriers wrote:
On Tue, 2006-02-14 at 14:44 -0600, Mike McCarty wrote:
Since Legacy is no longer in my yum configuration, it's no longer
an issue for me, good or bad. I don't wish to subscribe to "testing".
Since "testing" and "release" have been merged, I have unsubscribed
from "rel
Marc Deslauriers wrote:
On Tue, 2006-02-14 at 14:44 -0600, Mike McCarty wrote:
Since Legacy is no longer in my yum configuration, it's no longer
an issue for me, good or bad. I don't wish to subscribe to "testing".
Since "testing" and "release" have been merged, I have unsubscribed
from "releas
On Tue, 2006-02-14 at 14:44 -0600, Mike McCarty wrote:
> Since Legacy is no longer in my yum configuration, it's no longer
> an issue for me, good or bad. I don't wish to subscribe to "testing".
> Since "testing" and "release" have been merged, I have unsubscribed
> from "release". If the security
Mike McCarty wrote:
Eric Rostetter wrote:
Quoting Mike McCarty <[EMAIL PROTECTED]>:
Then the Legacy Project has removed my ability not to subscribe
to "testing".
No, the Legacy Project has _proposed_ to that, at least in your opinion.
It was followed by something like "unless we get a lo
Eric Rostetter wrote:
Quoting Mike McCarty <[EMAIL PROTECTED]>:
Then the Legacy Project has removed my ability not to subscribe
to "testing".
No, the Legacy Project has _proposed_ to that, at least in your opinion.
It was followed by something like "unless we get a lot of objection" so
pleas
Jesse Keating wrote:
On Tue, 2006-02-14 at 15:09 -0600, Mike McCarty wrote:
I have been apalled at what generally passes as QA in the
"Linux Community" generally, and FC specifically. Since I
barely tolerate what exists now, it is difficult to contemplate
someone considering even more laxity sa
Quoting Jesse Keating <[EMAIL PROTECTED]>:
On Tue, 2006-02-14 at 15:45 -0600, Eric Rostetter wrote:
The problem is two fold:
1) You can't use Fedora standards for the RHL releases, only for the
Fedora releases.
You are correct. However Fedora Legacy originally was just for Fedora.
It was m
Quoting Jesse Keating <[EMAIL PROTECTED]>:
Our hope is that if this proposal scares some people, it will scare them
into finding ways to help out the project so that little to no packages
escape updates-testing w/out some QA done on it.
My fear is that we spend more time arguing about these th
On Tue, 2006-02-14 at 15:35 -0600, Eric Rostetter wrote:
>
> But it was not a misunderstanding, it was a real proposal made to the
> list.
Then the misunderstanding was on my part, as I was not aware a real
proposal was made to this affect. The proposal about shortening the
timeout I was aware
On Tue, 2006-02-14 at 15:45 -0600, Eric Rostetter wrote:
>
> The problem is two fold:
>
> 1) You can't use Fedora standards for the RHL releases, only for the
> Fedora releases.
You are correct. However Fedora Legacy originally was just for Fedora.
It was my choice and the choice of other use
David Eisenstein wrote:
Hi Mike, and all,
I just want to let you know that I have reservations about this as well.
You are not alone in the way you feel about this proposed and now
implemented way of ... of getting stuff done here.
For my systems, I end up choosing not to use yum's automated up
Quoting Mike McCarty <[EMAIL PROTECTED]>:
Then the Legacy Project has removed my ability not to subscribe
to "testing".
No, the Legacy Project has _proposed_ to that, at least in your opinion.
It was followed by something like "unless we get a lot of objection" so
please, if you object, let it
Quoting Jesse Keating <[EMAIL PROTECTED]>:
On Tue, 2006-02-14 at 22:34 +0200, Pekka Savola wrote:
The current policy change proposal was about reducing the amount of QA
for moving updates-testing packages to updates.
So, I'm not sure why we're having this conversation..
It is just a case of
Quoting Jesse Keating <[EMAIL PROTECTED]>:
On Wed, 2006-02-15 at 02:20 +0530, Rahul Sundaram wrote:
Seems to be a misunderstanding here. There are separate repositories
for
testing and general legacy updates. Yes?
He is speaking in virtual terms. Since we would introduce a timeout, he
is af
Quoting Rahul Sundaram <[EMAIL PROTECTED]>:
Then the Legacy Project has removed my ability not to subscribe
to "testing".
Seems to be a misunderstanding here. There are separate repositories
for testing and general legacy updates. Yes?
Under the new proposal, the "testing" channel becomes no
On Tue, 14 Feb 2006, Mike McCarty wrote:
>
> >>Unless I hear major objections in two days, I'll start the two-week
> >>clock (from today) for all the pending packages.
>
> Ok then, it seems to me that there is no longer any distinction
> between the released repository, and the test repository.
Quoting Pekka Savola <[EMAIL PROTECTED]>:
There has been little or no discussion or proposals regarding doing
away with QA to get to updates-testing, except for a couple of
misunderstandings and an idea about "trusted fedora legacy [core]
members" who could create updates-testing packages on the
Mike McCarty wrote:
Jesse Keating wrote:
Our hope is that if this proposal scares some people, it will scare them
into finding ways to help out the project so that little to no packages
escape updates-testing w/out some QA done on it.
It doesn't frighten me at all, but it does discourage me
On Tue, 2006-02-14 at 15:09 -0600, Mike McCarty wrote:
> I have been apalled at what generally passes as QA in the
> "Linux Community" generally, and FC specifically. Since I
> barely tolerate what exists now, it is difficult to contemplate
> someone considering even more laxity saying "I'm not so
Eric Rostetter wrote:
[snip]
Proposal one does nothing but shorten the time period for pushing an
update-testing package that doesn't have enough QA postings.
Proposal two does nothing but make it possible to push packages through the
entire system with NO QA AT ALL being done on them.
Thank
Jesse Keating wrote:
Our hope is that if this proposal scares some people, it will scare them
into finding ways to help out the project so that little to no packages
escape updates-testing w/out some QA done on it.
It doesn't frighten me at all, but it does discourage me from using
the reposito
Jesse Keating wrote:
On Wed, 2006-02-15 at 02:20 +0530, Rahul Sundaram wrote:
Seems to be a misunderstanding here. There are separate repositories
for
testing and general legacy updates. Yes?
He is speaking in virtual terms. Since we would introduce a timeout, he
I was speaking in logi
On Tue, 2006-02-14 at 14:58 -0600, Mike McCarty wrote:
>
> AIUI, there will be objects put into "testing". These then will be
> automatically moved to "rlease" state after either some QA takes
> place, or some time lapses, whichever comes first. IMO, this is
> tantamount to merging "test" and "rel
Rahul Sundaram wrote:
Mike McCarty wrote:
Then the Legacy Project has removed my ability not to subscribe
to "testing".
Seems to be a misunderstanding here. There are separate repositories for
testing and general legacy updates. Yes?
AIUI, there will be objects put into "testing". These t
Quoting Rahul Sundaram <[EMAIL PROTECTED]>:
If people are interested in testing and providing feedback they would
be able to do that within the specified time limit. If a sufficient
True.
amount of people are not interested in providing feedback either the
platform can be dropped out of the
On Wed, 2006-02-15 at 02:20 +0530, Rahul Sundaram wrote:
> Seems to be a misunderstanding here. There are separate repositories
> for
> testing and general legacy updates. Yes?
>
He is speaking in virtual terms. Since we would introduce a timeout, he
is afraid that the quality of packages comin
Jesse Keating wrote:
On Tue, 2006-02-14 at 12:54 -0600, Eric Rostetter wrote:
[snip]
I don't think so. And in any case, I was refering to the suggestion on
this list that we don't do QA to move to updates-testing, which would
by-pass this whole issue you try to bring up.
Well I won't ag
Mike McCarty wrote:
David Rees wrote:
On 2/14/06, Mike McCarty <[EMAIL PROTECTED]> wrote:
I'm afraid I don't understand what you mean. Perhaps I misunderstood
what the proposal is. My understanding is that there are new
[snip]
That is correct. However, if the necessary QA votes get pub
James Kosin wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rahul Sundaram wrote:
It is referred from http://fedoraproject.org/wiki/Legacy which has a
link from the frontpage. How is that buried in clutter?. What can we do
to improve that?\
Don't get personal, I'm talking semantics her
David Rees wrote:
On 2/14/06, Mike McCarty <[EMAIL PROTECTED]> wrote:
I'm afraid I don't understand what you mean. Perhaps I misunderstood
what the proposal is. My understanding is that there are new
[snip]
That is correct. However, if the necessary QA votes get published
before the timeout
On Tue, 2006-02-14 at 22:34 +0200, Pekka Savola wrote:
>
> The current policy change proposal was about reducing the amount of QA
> for moving updates-testing packages to updates.
>
> So, I'm not sure why we're having this conversation..
It is just a case of misunderstanding. Generic terms re
On Tue, 14 Feb 2006, Jesse Keating wrote:
On Tue, 2006-02-14 at 12:54 -0600, Eric Rostetter wrote:
There has been talk the last couple days of doing away with QA to get it
to the updates-testing. This is what I was referencing, not the current
setup.
That is something I will not agree to. H
On Tue, 2006-02-14 at 12:54 -0600, Eric Rostetter wrote:
>
> There has been talk the last couple days of doing away with QA to get it
> to the updates-testing. This is what I was referencing, not the current
> setup.
That is something I will not agree to. However the timeout period is,
it strik
On 2/14/06, Mike McCarty <[EMAIL PROTECTED]> wrote:
> I'm afraid I don't understand what you mean. Perhaps I misunderstood
> what the proposal is. My understanding is that there are new
> versions of software which supposedly repair security defects in
> something called "testing". And that until t
Quoting James Kosin <[EMAIL PROTECTED]>:
Jesse Keating wrote:
If I'm not mistaken, the timeout period starts when there is a package
for updates testing.
There has been talk the last couple days of doing away with QA to get it
to the updates-testing. This is what I was referencing, not the
James Kosin wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rahul Sundaram wrote:
It is referred from http://fedoraproject.org/wiki/Legacy which has a
link from the frontpage. How is that buried in clutter?. What can we do
to improve that?\
Don't get personal, I'm talking semant
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rahul Sundaram wrote:
> It is referred from http://fedoraproject.org/wiki/Legacy which has a
> link from the frontpage. How is that buried in clutter?. What can we do
> to improve that?\
>
Don't get personal, I'm talking semantics here about not outli
Mike McCarty wrote:
Jesse Keating wrote:
On Tue, 2006-02-14 at 02:31 -0600, Mike McCarty wrote:
Ok then, it seems to me that there is no longer any distinction
between the released repository, and the test repository.
So, please send out an e-mail three days before the first
"timed release"
Jesse Keating wrote:
On Tue, 2006-02-14 at 02:31 -0600, Mike McCarty wrote:
Ok then, it seems to me that there is no longer any distinction
between the released repository, and the test repository.
So, please send out an e-mail three days before the first
"timed release" so I can pull a last te
Pekka Savola wrote:
On Tue, 14 Feb 2006, Mike McCarty wrote:
Ok then, it seems to me that there is no longer any distinction
between the released repository, and the test repository.
So, please send out an e-mail three days before the first
"timed release" so I can pull a last tested version be
James Kosin wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rahul Sundaram wrote:
Hi
http://fedoraproject.org/wiki/Legacy/QATesting.
OK,
It is a little buried in the clutter. I've seen this page many times,
but never really dig-ed into it.
It is referred from http://fedora
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rahul Sundaram wrote:
> Hi
>
> http://fedoraproject.org/wiki/Legacy/QATesting.
>
OK,
It is a little buried in the clutter. I've seen this page many times,
but never really dig-ed into it.
I'm printing this stuff out for further review.
Thanks,
Ja
Hi
Maybe we (Fedora Legacy) need to define the process of getting a package
from bug report (or SA) to QA released state, and stop arguing who is at
fault or how to bypass QA. If everyone knows the process and follows it
we all can benefit...
Maybe, its time I started witting something! A doc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jesse Keating wrote:
>
> If I'm not mistaken, the timeout period starts when there is a package
> for updates testing. We can't get to the updates testing package phase
> w/out somebody doing the first level QA which includes making sure the
> patch
On Tue, 2006-02-14 at 08:49 -0600, Eric Rostetter wrote:
>
> What we're proposing basically is a system in which someone can purposefully
> place a trojan horse or backdoor on all Fedora Legacy systems without any
> one checking for it ahead of time. You call that security? Putting all your
> eg
On Tue, 2006-02-14 at 02:31 -0600, Mike McCarty wrote:
> Ok then, it seems to me that there is no longer any distinction
> between the released repository, and the test repository.
> So, please send out an e-mail three days before the first
> "timed release" so I can pull a last tested version befo
Quoting Benjamin Smith <[EMAIL PROTECTED]>:
I'd rather err on the side of security.
-Ben
Then you would insist on a real QA test suite, one that also tested the
security of the test. You would be against pushing untested updates.
I think you would rather err on the side of timelyness rather
On Tue, 14 Feb 2006, Mike McCarty wrote:
Ok then, it seems to me that there is no longer any distinction
between the released repository, and the test repository.
So, please send out an e-mail three days before the first
"timed release" so I can pull a last tested version before
removing the lega
Benjamin Smith wrote:
With apologies to Benjamin Smith for replying "through"
his response.
On Sunday 12 February 2006 12:17, Pekka Savola wrote:
Hi,
It seems there's rather strong agreement for this.
Yep. (From me)
Unless I hear major objections in two days, I'll start the two-week
On Monday 13 February 2006 03:48, David Eisenstein wrote:
> Doing things this way may have the unfortunate effect of pretty much doing
> away with QA Testing, though. If a package is going to be released two
> weeks from when it is pushed to updates-testing, regardless of whether or
> not it has
On Sunday 12 February 2006 12:17, Pekka Savola wrote:
> Hi,
>
> It seems there's rather strong agreement for this.
Yep. (From me)
> Unless I hear major objections in two days, I'll start the two-week
> clock (from today) for all the pending packages.
Cool!
> After that I'll also update the
Mike McCarty wrote:
I'd rather run with a known security vulnerability than an untested
package. With a known security hole, I know some steps I can take
externally to my box, and know what my vulnerability is. With an
untested package, I know neither.
Mike, I would generally agree with that
Benjamin Smith wrote:
On Friday 10 February 2006 21:32, Pekka Savola wrote:
On Fri, 10 Feb 2006, Jesse Keating wrote:
This makes it even more complicated. points? how many are enough?
What makes one package more critical than another? How ambiguous could
this be?
I agree that this would
David Eisenstein wrote:
[snip]
Doing things this way may have the unfortunate effect of pretty much doing
away with QA Testing, though. If a package is going to be released two
weeks from when it is pushed to updates-testing, regardless of whether or
not it has been tested, people may end up s
On Sun, 12 Feb 2006, Pekka Savola wrote:
> Hi,
>
> It seems there's rather strong agreement for this.
>
> Unless I hear major objections in two days, I'll start the two-week
> clock (from today) for all the pending packages.
>
> After that I'll also update the Wiki entry for QaVerify unless so
Hi,
It seems there's rather strong agreement for this.
Unless I hear major objections in two days, I'll start the two-week
clock (from today) for all the pending packages.
After that I'll also update the Wiki entry for QaVerify unless someone
else has done it.
On Sat, 11 Feb 2006, Marc Des
On Sat, 11 Feb 2006, Jeff Sheltren wrote:
What I'd like to see is to have something like this (Pekka's idea above)
happen for regular package contributors (people that have submitted multiple
packages to FL). People that haven't submitted many packages should require
one of the trusted package
On Feb 11, 2006, at 1:32 AM, Pekka Savola wrote:
I agree that this would complicate the process further.
I have proposed something simpler, and still do:
1) every package, even without any VERIFY QA votes at all, will be
released automatically in X weeks (suggest: X=2).
exception: at pa
On Fri, 2006-02-10 at 22:00 -0800, Jesse Keating wrote:
> On Sat, 2006-02-11 at 07:32 +0200, Pekka Savola wrote:
> >
> > I agree that this would complicate the process further.
> >
> > I have proposed something simpler, and still do:
> >
> > 1) every package, even without any VERIFY QA votes at
On Friday 10 February 2006 21:32, Pekka Savola wrote:
> On Fri, 10 Feb 2006, Jesse Keating wrote:
> > This makes it even more complicated. points? how many are enough?
> > What makes one package more critical than another? How ambiguous could
> > this be?
>
> I agree that this would complicate
On Sat, 2006-02-11 at 07:32 +0200, Pekka Savola wrote:
>
> I agree that this would complicate the process further.
>
> I have proposed something simpler, and still do:
>
> 1) every package, even without any VERIFY QA votes at all, will be
> released automatically in X weeks (suggest: X=2).
>
On Fri, 10 Feb 2006, Jesse Keating wrote:
This makes it even more complicated. points? how many are enough?
What makes one package more critical than another? How ambiguous could
this be?
I agree that this would complicate the process further.
I have proposed something simpler, and still do
72 matches
Mail list logo