On Tue, 2006-10-31 at 19:47 +0100, Fernando J. Pereda wrote:
You probably want a shell account on a mips/alpha/... machine so you can
start helping, right?
Not attempting to join this ruckus - but I'll meekly raise my hand and
say that'd be awesome. I have an account on a mips box, but its
Michael Cummings wrote:
Not attempting to join this ruckus - but I'll meekly raise my hand and
say that'd be awesome. I have an account on a mips box, but its
connection to the internet has been unstable in recent months (which I
was warned about ahead of time - that isn't a gripe).
Just FYI,
On Tuesday 31 October 2006 02:57, Paweł Madej wrote:
I'm not a dev but I suppose i got resolution for that problem. Lets make
another subproject (don't know how to name it properly) in bugzilla
you mean like the Gentoo Security bugzilla product ?
-mike
pgp1nEpXBCUUN.pgp
Description: PGP
Paweł Madej wrote:
I'm not a dev but I suppose i got resolution for that problem. Lets make
another subproject (don't know how to name it properly) in bugzilla in which
there will be only bugs affected by security flaw. That bugs will have
highest priority from every other ones. And devs
Dnia wtorek, 31 października 2006 09:02, Mike Frysinger napisał:
On Tuesday 31 October 2006 02:57, Paweł Madej wrote:
I'm not a dev but I suppose i got resolution for that problem. Lets make
another subproject (don't know how to name it properly) in bugzilla
you mean like the Gentoo
Dnia wtorek, 31 października 2006 09:06, David Shakaryan napisał:
Paweł Madej wrote:
I'm not a dev but I suppose i got resolution for that problem. Lets make
another subproject (don't know how to name it properly) in bugzilla in
which there will be only bugs affected by security flaw. That
On Tuesday 31 October 2006 03:38, Paweł Madej wrote:
Dnia wtorek, 31 października 2006 09:02, Mike Frysinger napisał:
On Tuesday 31 October 2006 02:57, Paweł Madej wrote:
I'm not a dev but I suppose i got resolution for that problem. Lets
make another subproject (don't know how to name it
Dnia wtorek, 31 października 2006 09:52, Mike Frysinger napisał:
On Tuesday 31 October 2006 03:38, Paweł Madej wrote:
Dnia wtorek, 31 października 2006 09:02, Mike Frysinger napisał:
On Tuesday 31 October 2006 02:57, Paweł Madej wrote:
I'm not a dev but I suppose i got resolution for
On Tuesday 31 October 2006 04:08, Paweł Madej wrote:
Dnia wtorek, 31 października 2006 09:52, Mike Frysinger napisał:
we already have the products available for people to sort arch bugs
between stabilize random pkg for fun and stabilize random pkg for
security ... in fact, the bug e-mails
Dnia wtorek, 31 października 2006 10:17, Mike Frysinger napisał:
On Tuesday 31 October 2006 04:08, Paweł Madej wrote:
Dnia wtorek, 31 października 2006 09:52, Mike Frysinger napisał:
we already have the products available for people to sort arch bugs
between stabilize random pkg for fun
Ciaran McCreesh wrote:
On Mon, 30 Oct 2006 22:33:26 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| Ciaran McCreesh napsal(a):
| | What on earth are you talking about here? And why almost 6 months
| | is not enough for someone to respond on a bug with a simple
| | we'll only support newer versions
On Tue, 31 Oct 2006 16:36:13 +0100
Stuart Herbert [EMAIL PROTECTED] wrote:
Would it be possible to have some arch team leaders join in this
debate? Atm, it just seems to be bouncing back and forwards between
package maintainers asking questions, and a Gentoo user filling the
void left by the
On Tuesday 31 October 2006 16:02, Stuart Herbert wrote:
3) ??
Profit
--
Roy Marples [EMAIL PROTECTED]
Gentoo Developer (baselayout, networking)
--
gentoo-dev@gentoo.org mailing list
On Tuesday 31 October 2006 14:46, Steve Dibb wrote:
That does bring up an interesting question though -- at what point do you
just ignore the arch and move on so that development can continue?
I just ignore the arches these days. After all, they ignore me. dhcp clients
where modified to be
Stuart Herbert wrote:
On 10/31/06, Ciaran McCreesh [EMAIL PROTECTED] wrote:
Uh, security bugs are not the highest priority.
Would it be possible to have some arch team leaders join in this
debate? Atm, it just seems to be bouncing back and forwards between
package maintainers asking
On 10/31/06, Ciaran McCreesh [EMAIL PROTECTED] wrote:
Uh, security bugs are not the highest priority.
Would it be possible to have some arch team leaders join in this
debate? Atm, it just seems to be bouncing back and forwards between
package maintainers asking questions, and a Gentoo user
On Tue, 31 Oct 2006 12:30:24 -0500 Alec Warner [EMAIL PROTECTED]
wrote:
| I'm just trying to make my life as an ebuild maintainer easier. This
| means some individuals may file bugs against an old crusty version of
| a package that I maintain because $arch hasn't keyworded a newer
| version yet.
On Tue, 31 Oct 2006 17:02:46 +0100
Stuart Herbert [EMAIL PROTECTED] wrote:
1) Leave the older versions in the tree, even though they are
insecure and possibly/probably no longer supported by package
maintainers. This keeps minority arches happy at the expense of the
larger group of package
Stephen Bennett napsal(a):
On Tue, 31 Oct 2006 18:18:26 +0100
Jakub Moc [EMAIL PROTECTED] wrote:
Sure I did... Could you tell me why should we accumulate broken and
vulnerable junk in the tree for years? (Outdated ebuild A depends on
junky outdated ebuild B which depends on crappy,
On Tue, 31 Oct 2006 17:02:46 +0100 Stuart Herbert
[EMAIL PROTECTED] wrote:
| 2) Or, remove the older versions from the tree after a suitable
| waiting period (say, 3 months for arguments sake). This will keep
| package maintainers happy, and our users (less cruft in the tree to
| rsync and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 31 Oct 2006, Stuart Herbert wrote:
On 10/31/06, Ciaran McCreesh [EMAIL PROTECTED] wrote:
Uh, security bugs are not the highest priority.
Would it be possible to have some arch team leaders join in this
debate? Atm, it just seems to be
On 10/31/06, Stephen Bennett [EMAIL PROTECTED] wrote:
Having a system that actually works is usually reckoned to be more
important than patching minor security holes on architectures that
aren't security-supported anyway. On systems that are almost never used
in production or in externally
On Tue, 31 Oct 2006 11:57:37 -0500 Alec Warner [EMAIL PROTECTED]
wrote:
| I picked a random e-mail to reply to. I don't maintain that many
| packages (maybe 10 or so?). But if I have a bug (particularly a sec
| bug as in this case) and you haven't stablized it after five months
| then I'll
Dnia wtorek, 31 października 2006 17:04, Stephen P. Becker napisał:
[snip]
Don't dismiss his responses as noise from some random Gentoo user who has
no idea what they are talking about. You should know better then that
Stuart.
-Steve
This Random Gentoo user as you wrote says no noise but
Ciaran McCreesh napsal(a):
On Tue, 31 Oct 2006 11:57:37 -0500 Alec Warner [EMAIL PROTECTED]
wrote:
| I picked a random e-mail to reply to. I don't maintain that many
| packages (maybe 10 or so?). But if I have a bug (particularly a sec
| bug as in this case) and you haven't stablized it
On Tue, 31 Oct 2006 17:16:31 +0100
Stuart Herbert [EMAIL PROTECTED] wrote:
Arch team leaders set policy on this issues, not Ciaran.
Which they did a long time ago, which he got to know at that time, and
which haven't substantively changed since then. He's as well qualified
as anyone to answer,
On Tue, 2006-31-10 at 17:02 +0100, Stuart Herbert wrote:
This leaves package maintainers in the situation that there are
'old'/'insecure'/insert preferred adjective here versions of
packages that are hanging around only because arches have fallen
behind. Package maintainers want to be able to
On Tue, Oct 31, 2006 at 06:18:26PM +0100, Jakub Moc wrote:
Sure I did... Could you tell me why should we accumulate broken and
vulnerable junk in the tree for years? (Outdated ebuild A depends on
junky outdated ebuild B which depends on crappy, unsupported ebuilds C,
D and E which... )
Thats
On Tue, 31 Oct 2006 18:23:49 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| Ciaran McCreesh napsal(a):
| On Tue, 31 Oct 2006 11:57:37 -0500 Alec Warner [EMAIL PROTECTED]
| wrote:
| | I picked a random e-mail to reply to. I don't maintain that many
| | packages (maybe 10 or so?). But if I have a
On Tue, Oct 31, 2006 at 05:05:21PM +, Stephen Bennett wrote:
On Tue, 31 Oct 2006 17:57:06 +0100
Jakub Moc [EMAIL PROTECTED] wrote:
Of course it does... Lots of people can't remove outdated broken cruft
because $ebuild still depends on something since $arch has been
slacking for
Stephen Bennett napsal(a):
On Tue, 31 Oct 2006 17:57:06 +0100
Jakub Moc [EMAIL PROTECTED] wrote:
Of course it does... Lots of people can't remove outdated broken cruft
because $ebuild still depends on something since $arch has been
slacking for months. Lots of people are forced to maintain
On Tue, 31 Oct 2006 18:18:26 +0100
Jakub Moc [EMAIL PROTECTED] wrote:
Sure I did... Could you tell me why should we accumulate broken and
vulnerable junk in the tree for years? (Outdated ebuild A depends on
junky outdated ebuild B which depends on crappy, unsupported ebuilds
C, D and E
Steve Dibb wrote:
Ciaran McCreesh wrote:
On Mon, 30 Oct 2006 22:33:26 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| Ciaran McCreesh napsal(a):
| | What on earth are you talking about here? And why almost 6 months
| | is not enough for someone to respond on a bug with a simple
| | we'll only
On Tue, 31 Oct 2006 17:57:06 +0100
Jakub Moc [EMAIL PROTECTED] wrote:
Of course it does... Lots of people can't remove outdated broken cruft
because $ebuild still depends on something since $arch has been
slacking for months. Lots of people are forced to maintain outdated
junk in this way,
On Tue, 31 Oct 2006 17:57:06 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| How exactly does this affect package maintainers, apart from the
| cosmetic problems of having an old ebuild lying around? As far as I
| can see, it doesn't affect the maintenance burden,
|
| Of course it does... Lots of
Ciaran McCreesh wrote:
On Tue, 31 Oct 2006 11:57:37 -0500 Alec Warner [EMAIL PROTECTED]
wrote:
| I picked a random e-mail to reply to. I don't maintain that many
| packages (maybe 10 or so?). But if I have a bug (particularly a sec
| bug as in this case) and you haven't stablized it after
Ciaran McCreesh napsal(a):
| Accumulating broken old vulnerable and unsupported junk in tree
There is no accumulation. It's already there. And if packages are that
bad, perhaps you should ask yourself why they have a stable keyword at
all.
Eh, sure there won't be any accumulation of broken
On Tue, 31 Oct 2006 08:57:01 +0100 Paweł Madej [EMAIL PROTECTED]
wrote:
| I'm not a dev but I suppose i got resolution for that problem. Lets
| make another subproject (don't know how to name it properly) in
| bugzilla in which there will be only bugs affected by security flaw.
| That bugs will
Ciaran McCreesh wrote:
On Tue, 31 Oct 2006 18:50:58 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| Stephen Bennett napsal(a):
| On Tue, 31 Oct 2006 18:18:26 +0100
| Jakub Moc [EMAIL PROTECTED] wrote:
|
| Sure I did... Could you tell me why should we accumulate broken and
| vulnerable junk in
On Tue, 31 Oct 2006 18:50:58 +0100
Jakub Moc [EMAIL PROTECTED] wrote:
Ah. That's apparently much more important than not breaking users by
providing them w/ non-vulnerable, decently uptodate stuff that's not
ridden by tons of bugs. Yup. :P
You've never worked on an arch team, have you?
--
On Tue, 2006-10-31 at 18:23 +0100, Jakub Moc wrote:
Ciaran McCreesh napsal(a):
On Tue, 31 Oct 2006 11:57:37 -0500 Alec Warner [EMAIL PROTECTED]
wrote:
| I picked a random e-mail to reply to. I don't maintain that many
| packages (maybe 10 or so?). But if I have a bug (particularly a
On Tue, Oct 31, 2006 at 06:50:58PM +0100, Jakub Moc wrote:
Ah. That's apparently much more important than not breaking users by
providing them w/ non-vulnerable, decently uptodate stuff that's not
ridden by tons of bugs. Yup. :P
Why do you keep trying to tell arch maintainers how to do their
On Tue, Oct 31, 2006 at 07:12:58PM +0100, Jakub Moc wrote:
Oh well, this apparently doesn't go anywhere, slacking is just
wonderful, maintainers should just STFU and obey the almighty slacking
arches, security is the least of a concern and no priority, not
answering a on bug for half a year
On Tue, 31 Oct 2006 19:12:58 +0100
Jakub Moc [EMAIL PROTECTED] wrote:
Oh well, this apparently doesn't go anywhere, slacking is just
wonderful, maintainers should just STFU and obey the almighty slacking
arches, security is the least of a concern and no priority, not
answering a on bug for
On Tue, 2006-10-31 at 17:02 +0100, Stuart Herbert wrote:
3) ??
Get your hands on some of the minority arch hardware and help out?
Remember that some of the teams in question are sometimes only one or
two people. In this case, a single developer does make a dramatic
difference.
--
Chris
On Tuesday 31 October 2006 19:51, Chris Gianelloni wrote:
Remember that some of the teams in question are sometimes only one or
two people.
Like x86? :P
--
Diego Flameeyes Pettenò - http://farragut.flameeyes.is-a-geek.org/
Gentoo/Alt lead, Gentoo/FreeBSD, Video, Sound, ALSA, PAM, KDE, CJK,
On Tue, 2006-10-31 at 20:06 +0100, Diego 'Flameeyes' Pettenò wrote:
On Tuesday 31 October 2006 19:51, Chris Gianelloni wrote:
Remember that some of the teams in question are sometimes only one or
two people.
Like x86? :P
With Opfer on the team, I think we're at 5 active.
--
Chris
Fernando J. Pereda napsal(a):
On Tue, Oct 31, 2006 at 07:12:58PM +0100, Jakub Moc wrote:
Oh well, this apparently doesn't go anywhere, slacking is just
wonderful, maintainers should just STFU and obey the almighty slacking
arches, security is the least of a concern and no priority, not
Hi Chris,
On 10/31/06, Chris Gianelloni [EMAIL PROTECTED] wrote:
On Tue, 2006-10-31 at 17:02 +0100, Stuart Herbert wrote:
3) ??
Get your hands on some of the minority arch hardware and help out?
It's a good idea. It's not an option for me, but hopefully others
will follow your advice.
On Tue, Oct 31, 2006 at 08:42:54PM +0100, Jakub Moc wrote:
Fernando J. Pereda napsal(a):
On Tue, Oct 31, 2006 at 07:12:58PM +0100, Jakub Moc wrote:
Oh well, this apparently doesn't go anywhere, slacking is just
wonderful, maintainers should just STFU and obey the almighty slacking
arches,
OK kids, settle down for a second and listen to your uncle Seemant.
First, enough with the insults being hurled around! We don't need
people being called slackers and dumb and stupid and whatever other
creative labels are being developed. That is absolutely and without a
doubt: non-productive.
On Tue, Oct 31, 2006 at 03:23:00PM -0500, Seemant Kulleen wrote:
Third, the best proposal I've seen here is for developers to get shell
accounts on alternate architectures. There's quite a few of them
floating around, and I'm pretty sure the arch teams will help you get a
shell on one of the
On Tue, 31 Oct 2006 21:34:13 +0100 Fernando J. Pereda
[EMAIL PROTECTED] wrote:
| On Tue, Oct 31, 2006 at 03:23:00PM -0500, Seemant Kulleen wrote:
| Third, the best proposal I've seen here is for developers to get
| shell accounts on alternate architectures. There's quite a few of
| them
Francesco Riosa ha scritto:
[...]
http://bugs.gentoo.org/show_bug.cgi?id=149626
I'm going to die then, scheduled on 2006-11-05
If keywording without archs support is only gambling I'll go that route
[...]
Worried that this can cause a flameware I already updated the ebuild:
- it now use the
On Sun, Oct 29, 2006 at 07:49:22PM -0700, Jason Wever wrote:
Please triple check what you want to commit and verify that you don't do
any of the following (which are punishable by death):
1) remove the last ebuild that is keyworded for a given arch, especially
when resulting in broken
On 10/30/06, Jason Wever [EMAIL PROTECTED] wrote:
Please triple check what you want to commit and verify that you don't do
any of the following (which are punishable by death):
1) remove the last ebuild that is keyworded for a given arch, especially
when resulting in broken dependencies.
On Mon, 2006-10-30 at 00:28 -0800, Robin H. Johnson wrote:
On Sun, Oct 29, 2006 at 07:49:22PM -0700, Jason Wever wrote:
Please triple check what you want to commit and verify that you don't do
any of the following (which are punishable by death):
1) remove the last ebuild that is
On Mon, 30 Oct 2006 00:28:29 -0800 Robin H. Johnson
[EMAIL PROTECTED] wrote:
| To generalize on Francesco's email, how long should developers wait
| for minority arches to mark stuff stable, after a security bug, and
| then a reminder more than 4 months later?
Indefinitely. There's no harm
On Monday 30 October 2006 14:23, Ferris McCormick wrote:
I might be mistaken, but I believe sparc responds pretty quickly to
security bugs, either by taking the requested action or by explaining
why the requested action is impossible (i.e., build problems).
Yes, the Sparc team is rather quick
Ciaran McCreesh napsal(a):
On Mon, 30 Oct 2006 00:28:29 -0800 Robin H. Johnson
[EMAIL PROTECTED] wrote:
| To generalize on Francesco's email, how long should developers wait
| for minority arches to mark stuff stable, after a security bug, and
| then a reminder more than 4 months later?
On Mon, 30 Oct 2006 20:09:56 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| Ciaran McCreesh napsal(a):
| On Mon, 30 Oct 2006 00:28:29 -0800 Robin H. Johnson
| [EMAIL PROTECTED] wrote:
| | To generalize on Francesco's email, how long should developers
| | wait for minority arches to mark stuff
Ciaran McCreesh napsal(a):
| | 5 months of no response from the arches says something is wrong on
| | their side.
|
| Or it tells you where their priorities lie...
|
| Sure. So they don't need the keywords nor the package.
No no. They might need the package, just not necessarily a
On Mon, 30 Oct 2006 20:50:06 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| Ciaran McCreesh napsal(a):
| | | 5 months of no response from the arches says something is
| | | wrong on their side.
| |
| | Or it tells you where their priorities lie...
| |
| | Sure. So they don't need the
Ciaran McCreesh napsal(a):
| As you have might have noticed, they already have a newer version
| stable. But apparently asking them to respond on a bug within 5 months
| is way too much. :P
Well yes, since there's no clear link between bugs and packages. Things
can get stabled incidentally
On Mon, 30 Oct 2006 21:46:33 +0100 Jakub Moc [EMAIL PROTECTED] wrote:
| Ciaran McCreesh napsal(a):
| | As you have might have noticed, they already have a newer version
| | stable. But apparently asking them to respond on a bug within 5
| | months is way too much. :P
|
| Well yes, since
Ciaran McCreesh napsal(a):
| What on earth are you talking about here? And why almost 6 months is
| not enough for someone to respond on a bug with a simple we'll only
| support newer versions and don't care about MySQL 4.0.x any more, go
| drop it?
Priorities. The arch teams could be too
On Mon, 30 Oct 2006 18:46:25 -0500 Alec Warner [EMAIL PROTECTED]
wrote:
| I'm actually going to agree with jakub here. I wouldn't even say
| they need to fix the bug; but just acknowledge that they even read it
| or paid attention or hey we are working on it or hey we don't give
| a flying rats
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi All,
Apparently its been too long since I've sent one of these out, as people
are starting to slip up and break the tree again.
Please triple check what you want to commit and verify that you don't do
any of the following (which are
Jason Wever ha scritto:
Hi All,
Apparently its been too long since I've sent one of these out, as people
are starting to slip up and break the tree again.
Please triple check what you want to commit and verify that you don't do
any of the following (which are punishable by death):
1)
69 matches
Mail list logo