On Tue, Feb 03, 2004 at 05:06:01PM +0200 or thereabouts, Dan Armak wrote: > A bigger inconvinience is that every developer will have to maintain a stable > tree system image (or real system) to test any off-cycle updates he may have > to do, often hurrying because of a major vulnerability already published. > will that be required? Is there a way around it?
There should be *very* few cases where this happens. For the most part, devs will only be committing things off-cycle to the stable tree that are already in the main tree. For example: Another half-dozen exploits are found in gaim. The gaim herd/maintainer fixes up the new ebuild and commits it first to the main tree (generally ~masked) and then to the stable tree (probably as ~stable). The only time where I can see a problem is when there is an ebuild still in the stable tree that no longer exists in the main tree. However, by then, I would hope all major/critical bugs have been worked out of it, so only security issues would be a problem. In this case, you're right -- the maintainer would need to have a stable tree around that they could use to test. However, I'm reasonably confident that this will be a very infrequent occurance. If you feel differently, please let me know. --kurt
pgp00000.pgp
Description: PGP signature
