On Tue, 14 Oct 2008 10:59:39 +0200
Jose Luis Rivero <[EMAIL PROTECTED]> wrote:

> On Mon, Oct 13, 2008 at 05:38:34PM -0700, Donnie Berkholz wrote:
> > On 02:03 Tue 14 Oct     , Jose Luis Rivero wrote:
> > > 
> > > There are some others sceneries but are not so common as the one
> > > presented could be. Any decent solution for this case?
> > 
> > There are only a few obvious ones, you'll have to pick which one
> > you like best. Most of the other options basically duplicate these
> > in some way or add more work to them for negligible gain:
> > 
> > - Backport the ebuild from EAPI=2 to EAPI=0
> EAPI-2 to EAPI-0 could imply lot of changes (not talking about what is
> going to happen when we release new and more feature rich EAPIs), and
> changes usually come with bugs. The ebuild is committed directly to
> stable implies bugs in stable, which for me is a no-go.

Assuming the ebuild changes between foo-1 and foo-2 are mainly due to
the change from EAPI=0 to EAPI=2 (which I'd expect to be true in many
cases) you could just reuse the foo-1 ebuild for foo-3.

If there are major differences between foo-1 and foo-2 not related to
the EAPI change then the maintainer probably didn't want foo-2 to
become stable anytime soon, so it's at least questionable if foo-3
should go straight to stable in the first place.

And adding a new version directly to stable always comes with a risk,
you can't eliminate that completely. It's all about risk assessment,
and how much work you're willing to do or time you want to spend to
minimize the risk.

> > - Backport the security patch to the EAPI=0 ebuild
> Which sometimes is going to be impossible, require lot of work, and we
> fall into the risk of bad backported patches when non trivial backport
> patches are needed (which turns into buggy patches in the stable
> branch)

And sometimes it's a very viable option when patches are provided by

In the end at least one of the above solutions should work in
almost every case. It might sometimes cause a bit more work than a bump
that doesn't involve any EAPI changes, but that's life.
If you have a real case where both suggested solutions aren't
realistic I'd like to hear about it, otherwise I think we're wasting
time making up solutions for a non-existant problem


Public Key at http://www.genone.de/info/gpg-key.pub

In the beginning, there was nothing. And God said, 'Let there be
Light.' And there was still nothing, but you could see a bit better.

Attachment: signature.asc
Description: PGP signature

Reply via email to