Sorry for duplicated email,
On Thu, 2021-04-01 at 16:58 +0200, Ricardo Wurmus wrote:
> I don’t think we should have a security-updates
> branch, because the role of that branch is effectively taken by
> staging.
I don't think that's the case because staging is documented for things
that do not
On Thu, 2021-04-01 at 16:58 +0200, Ricardo Wurmus wrote:
> Hi Léo,
>
[...]
> That’s fine. We have no deadlines, so stepping back from what feels
> like a heated discussion for a while and revisiting the points later
> comes at very little cost.
>
> Obviously, you don’t *have* to accept other
Hi Léo,
> Hello Ludo,
>
> On Wed, 2021-03-31 at 23:29 +0200, Ludovic Courtès wrote:
>> It’s unacceptable to call someone “obsessed” just because you
>> disagree
>> and calling Simon’s comments “harassment” is equally inappropriate.
>
> I really do feel harassed by their comments, it's not just
Hello Ludo,
On Wed, 2021-03-31 at 23:29 +0200, Ludovic Courtès wrote:
> It’s unacceptable to call someone “obsessed” just because you
> disagree
> and calling Simon’s comments “harassment” is equally inappropriate.
I really do feel harassed by their comments, it's not just because I
disagree,
Léo,
Léo Le Bouter skribis:
> I feel harassed by your comments because you obsessed on this zstd
> issue and try to make it the cause of some other problems you saw
> without any evidence.
It’s unacceptable to call someone “obsessed” just because you disagree
and calling Simon’s comments
On Tue, 2021-03-30 at 13:48 +0200, zimoun wrote:
> Ahah, I am happy to know it. I hope it is because a
> “miscommunication»
> and not because you do not carefully read or because maybe you only
> see
> through the tiny lens of known security vulnerabilities. From my
> opinion, your point of view
On Sat, 27 Mar 2021 at 15:14, Léo Le Bouter wrote:
> but you
> cannot put forward the arguments you've made, they do not work.
Ahah, I am happy to know it. I hope it is because a “miscommunication»
and not because you do not
On Sat, 2021-03-27 at 14:56 +0100, zimoun wrote:
> Oh, I am a big boy and I can think whatever I want! :-)
>
> Kidding aside.
...
>
> First, what does it mean «risk»? How do you evaluate it? Is it a
> relative evaluation or an absolute one?
Most if not all users do not want their machines
On Sat, 27 Mar 2021 at 13:42, Léo Le Bouter wrote:
> On Sat, 2021-03-27 at 13:29 +0100, zimoun wrote:
>> And as I said elsewhere, “to me, security is important. But it's
>> no less important than everything *else* that is also important!“, so
>> personally I am not convinced that security updates
Thanks for your feedback.
On Sat, 2021-03-27 at 13:29 +0100, zimoun wrote:
> And as I said elsewhere, “to me, security is important. But it's
> no less important than everything *else* that is also important!“, so
> personally I am not convinced that security updates deserve a special
> treatment
Hi Léo,
On Fri, 26 Mar 2021 at 21:10, Léo Le Bouter wrote:
> For these reasons, I would like to propose a new branch called
> security-updates that would be based on master where we queue security
> fixes that introduce any arbitrary number of rebuilds without using
> grafts.
>
> We would merge
Léo Le Bouter writes:
> On Fri, 2021-03-26 at 22:13 +, Christopher Baines wrote:
>> Can you clarify what specific problem or problems you're proposing
>> this
>> security-updates branch to address?
>
> Substitute availability of security updates when they are released,
> without causing big
On Fri, 2021-03-26 at 22:13 +, Christopher Baines wrote:
> Can you clarify what specific problem or problems you're proposing
> this
> security-updates branch to address?
Substitute availability of security updates when they are released,
without causing big rebuilds on master for users
Léo Le Bouter writes:
> There is two ways to ship security fixes to packages:
>
> 1. Update to a patched version if upstream provides one
> 2. Apply or backport individual patches to fix the issues in the
> shipped version
>
> Grafts are most reliable for 2. but there's cases where using 2. is
Hello!
There is two ways to ship security fixes to packages:
1. Update to a patched version if upstream provides one
2. Apply or backport individual patches to fix the issues in the
shipped version
Grafts are most reliable for 2. but there's cases where using 2. is
lots of work and we can't
15 matches
Mail list logo
