On Tue, 2020-11-03 at 07:13 +0200, Joonas Niilola wrote: > I'm suggesting a new QA policy to disallow any "live-ebuild-only > packages" being hosted in ::gentoo.
I'm with you on this though I think it should be relaxed to disallow only long term presence of pure live packages. It's fine to add a live ebuild first for a month or two if you're still working on something (just like it's fine to add a masked package). However, it's not fine to leave things like this for years. That said, maybe the policy should cover 'long-term masked packages' in general. See below. > Rationale being the same as why > -9999 packages can't have KEYWORDS: They are unpredictable and > potentially insecure. Unpredictability could mean upstream repo being > broken at any given time placing users in an awkward situation, where > they are able to build some packages while not the others. Upstream > repo can also be force-pushed over. I feel like packages offered in > ::gentoo shouldn't have these issues, and the need to have at least one > safe release available to users that's guaranteed to build. I agree with this but I'd like to emphasize one point: these packages are not installable for users out of the box. They are not tested as part of tinderboxing. They simply can't be installed in some environments (e.g. network-restricted) though obviously they're not production-ready by design. -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
