On 02:03 Tue 14 Oct , Jose Luis Rivero wrote: > Hi all: > > Reading a random discussion in our dev mailling list, I came with a > doubt about our new EAPI policy and its procedures. I couldn't find it > documented nor discussed anywhere so I bringing it here. > > Supposing that anyone can currently add an ebuild using EAPI-2 under the > testing branch: what are we going to do if an EAPI-2 ebuild (which are > only managed by ~arch package managers) needs to go stable due to some > kind of major reason like security? > > Hypothetical case: foo-1 (eapi-0) marked as stable and foo-2 (eapi-2) > with new features marked as testing. A security problem appears > affecting both. UPSTREAM release foo-3 to solve the security issue. > > There are some others sceneries but are not so common as the one presented > could be. Any decent solution for this case?
There are only a few obvious ones, you'll have to pick which one you like best. Most of the other options basically duplicate these in some way or add more work to them for negligible gain: - Backport the ebuild from EAPI=2 to EAPI=0 - Backport the security patch to the EAPI=0 ebuild - Stabilize portage quickly -- Thanks, Donnie Donnie Berkholz Developer, Gentoo Linux Blog: http://dberkholz.wordpress.com
Description: PGP signature