FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 03-08-2010, 10:18 PM
Kevin Kofler
 
Default Proposed udpates policy change

Matthew Garrett wrote:
> The ability for maintainers to flag an update directly into the updates
> repository will be disabled. Before being added to updates, the package
> must receive a net karma of +3 in Bodhi.

Even if it already went to testing and sit there for ages? This will lead to
MANY updates being stalled in testing forever! Hardly any update is getting
+3 karma right now. Karma is completely useless in practice. People "gaming
the system" are going to be the only way updates can go out at all under
such a proposal.

Sure, we'd all love that kind of test coverage. It's just not practicable at
all. We need to be realistic.

In addition, it has been explained very clearly in the discussions on this
mailing list why the current karma system is a poor indicator of update
stability. Relying on it as the only way an update can go stable is just
insane.

> It is the expectation of Fesco that the majority of updates should
> easily be able to garner the necessary karma in a minimal space of time.

You gotta be kidding! Just look at the current update landscape to see how
far from the truth this is.

(And I also wonder with what authority you speak in the name of FESCo as a
whole. The fact that what you're saying is so clearly wrong makes this all
the more an issue.)

Kevin Kofler

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-08-2010, 10:35 PM
Kevin Kofler
 
Default Proposed udpates policy change

Matthew Garrett wrote:
> What guards you against changes in the buildroot, non-deterministic
> compiler bugs, cosmic rays and the like? The point is to test the
> binaries that are being pushed into the hands of the users.

There's a point at which the probability of breakage is so low that it's a
waste of time and effort to even consider it. Software will never be perfect
anyway.

Kevin Kofler

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-08-2010, 10:40 PM
Kevin Kofler
 
Default Proposed udpates policy change

Michael Schwendt wrote:

> On Mon, 8 Mar 2010 21:59:29 +0000, Matthew wrote:
>> It is the expectation of Fesco that the majority of updates should
>> easily be able to garner the necessary karma in a minimal space of time.
>
> Your wording or FESCo's?

Definitely not mine, I can assure you! To me, that statement sounds more
like something out of The Onion than like something one can actually claim
with a straight face!

Kevin Kofler

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-08-2010, 11:19 PM
Ian Weller
 
Default Proposed udpates policy change

On Mon, Mar 08, 2010 at 09:59:29PM +0000, Matthew Garrett wrote:
> We assume the following axioms:
>
> 1) Updates to stable that result in any reduction of functionality to
> the user are unacceptable.
>
> 2) It is impossible to ensure that functionality will not be reduced
> without sufficient testing.
>
> 3) Sufficient testing of software inherently requires manual
> intervention by more than one individual.

I agree with these.

> Proposal
> --------
>
> The ability for maintainers to flag an update directly into the updates
> repository will be disabled. Before being added to updates, the package
> must receive a net karma of +3 in Bodhi.

I have some difficulty agreeing that +3 is "sufficient testing" for all
packages. I know a *lot* of people who used Gwibber when I maintained
it. It's probably the most used package I have ever maintained, and I
couldn't get anybody to test it without lobbying people in #fedora-docs
and on the Planet. +3 is too much for packages like these.

It's not the job of a package maintainer to campaign and say "hey, pay
attention to my package that only provides one Python function for a few
people who need it," let alone a nicely-done end-user application that a
lot of people use.

Maybe +3 karma is OK if we allow for a push straight to updates after
the old_testing period comes along. (Oh look, another new one of those
in my INBOX now.)

> At present, this policy will not apply to updates that are flagged as
> security updates.

Why? Don't those need testing too?

--
Ian Weller <ian@ianweller.org>
() ascii ribbon campaign - against html e-mail
/ www.asciiribbon.org - against proprietary attachments
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-08-2010, 11:27 PM
Toshio Kuratomi
 
Default Proposed udpates policy change

On Mon, Mar 08, 2010 at 06:28:45PM -0500, Martin Langhoff wrote:
> On Mon, Mar 8, 2010 at 4:59 PM, Matthew Garrett <mjg59@srcf.ucam.org> wrote:
> > The future
> > ----------
> >
> > Defining the purpose of Fedora updates is outside the scope of Fesco.
> > However, we note that updates intended to add new functionality are more
> > likely to result in user-visible regressions, and updates that alter ABI
> > or API are likely to break local customisations even if all Fedora
> > packages are updated to match.
>
> Thanks to you, Fesco and all developers working on this. There is
> something that everyone seems to be missing on this track, and I'd
> like to bring some attention to it.
>
> Distros do integration work, and the main thrust of the QA work around
> a release is that all the packages work nicely _together_, that all
> the subtle interactions interact the right way.
>
> Updates are always risky. There is no doubt that the updated package
> worked fine for the maintainer, and yet we see updates bombing out
> spectacularly relatively often. This is because pushing out a single
> package update is what a maintainer does, but this "package focus"
> undermines what the distro does -- _integration_.
>
> Small, low-risk bugfix updates respect that distro-wide goal. Major
> risky updates disregard that goal -- yes, a specific package is new!
> improved! but the implicit social contrct with your end users ("a
> nicely integrated OS") is broken because the time and effort to shake
> out the subtle integration issues were skipped.
>
There are seveal things to note, though.
* The dnssec update which prompted this policy was not actually a problem of
integration with the rest of the OS.
* The policy doesn't place any value on the types of updates that are made,
therefore it is only making an indirect change to integration. For
instance, KDE updates that have been talked about elsewhere would likely
still go throguh as they enjoy widespread testing as part of the KDE SIG.



> >From an OLPC PoV, major updates are rather troubling. We put together
> two OSs based on Fedora (XO and XS OSs). We test the integrated OS
> quite a bit ("we" being an outstanding team of volunteers around the
> world), and we override a few packages, some of them very tightly
> coupled to the platform (that is -- likely victims of subtle
> interactions that may go haywire on a major update).
>
> Given that, wearing my "XS lead dev" hat, I hope that Fedora focuses
> its "update" policy on the safe, sane, low-risk bugfixes. Otherwise,
> downstream projects that do careful QA are between a rock and a hard
> place -- between taking potentially exploding updates or ignoring
> updates altogether... and missing out on important bugfixes.
>
This is an incomplete look at the picture. If you stop large and complex
bugfix updates for fear of what they do to integration at the Fedora level,
then OLPC will still miss out on the important bugfixes in their derived
distros. If they pull in the bugfixes becausee they deem them worthy
enough, then why shouldn't Fedora have shipped them in the first place and
let OLPC exclude them?

The Fedora maintainers need to judge whether a large and complex update
makes the user's experience enough better (for instance, by fixing a large
number of bugs or enough important bugs) that they should perform the
update. OLPC maintainers can decide whether they have the same values as
the Fedora maintainer. In no case can either Fedora or the OLPC maintainer
abandon their evaluation of the risks and rewards of consuming updates --
it's just a matter of whether the downstream has to package the update
themselves or exclude the update that was provided.

-Toshio
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-08-2010, 11:39 PM
Toshio Kuratomi
 
Default Proposed udpates policy change

On Mon, Mar 08, 2010 at 06:45:49PM -0500, Martin Langhoff wrote:
> On Mon, Mar 8, 2010 at 6:31 PM, Toshio Kuratomi <a.badger@gmail.com> wrote:
> >> 3) Sufficient testing of software inherently requires manual
> >> intervention by more than one individual.
> >>
> > This isn't entirely true either.
>
> #3 is so true that is central to what distros are about. Upstream
> probably released a good updated version, but the distro role is to do
> the integration, and shake out all the bugs in those subtle
> interactions between components.
>
> Otherwise, distros could provide the installer + @base and for the
> rest we could all grab RPMs from upstreams' websites.
>
> The QA of the integrated set of packages at particular release is hard
> and complex. That's what Fedora does, as a distro, and is central to
> what Fedora is, and the implicit social contract -- these components
> perform together in tune like a well-rehearsed orchestra.
>
> If the trombonist buys a new and shiny trombone, great, but for the
> piece he's playing tonight he'll have to play with the old trombone.
> The new trombone may be slightly out of tune, or louder, or tinnier;
> none of those things are bad per se, but it will ruin the combined
> effort.
>
> > One person can manually evaluate
>
> That's the "it works for me" attitude. Works for small software
> projects with a couple users. Not for a hugely complex OS, one that
> others use as the base for their own work.
>

If you had bothered to quote my complete proposal you would find that you
didn't have to bother writing your message. I'll pull a Jef and quote it:

> > This isn't entirely true either. One person can manually evaluate the
> > impact of certain changes to certain pieces of software. But this is less
> > of an issue than the first axiom as the number of packages that fit this
> > category is likely to be small.

You're willing to say that if I update one of my packages that has a script
of 30 lines, is a leaf node, and the update is to give the script an
optional argument to print output to stdout instead of writing to a file
that I'm incapable of building that package and then QA'ing the package from
the update-testing repository?

I'm specific that this is not a major problem because the number of packages
that can fall into this category is small. But #3 is not a sterling example
of an axiom as there are packages in the repository where small changes can
be applied and tested for regressions by a single person.

-Toshio
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-08-2010, 11:55 PM
Martin Langhoff
 
Default Proposed udpates policy change

On Mon, Mar 8, 2010 at 7:39 PM, Toshio Kuratomi <a.badger@gmail.com> wrote:
> You're willing to say that if I update one of my packages that has a script
> of 30 lines, is a leaf node, and the update is to give the script an
> optional argument to print output to stdout instead of writing to a file
> that I'm incapable of building that package and then QA'ing the package from
> the update-testing repository?

Yes. And that is 0.001% of the package updates. In fact, skip the
noise of pushing that as an update, wait until something interesting
happens to roll it out.

There is no gain in rolling an rpm everytime. And there is a cost --
in many "cheap" resources (bandwidth, cpu burn in builders), and in
costly resources, like review time of your downstreams if they care
about their QA.

> But #3 is not a sterling example
> of an axiom

#3 is correct for 99.9% of the worthwhile package updates. Don't call
it an axiom if it bothers you to be unfair to a tiny portion of
updates.

But is a damn important point that is central to what a distro is.

cheers,


m
--
martin.langhoff@gmail.com
martin@laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-09-2010, 01:00 AM
Toshio Kuratomi
 
Default Proposed udpates policy change

On Mon, Mar 08, 2010 at 07:55:03PM -0500, Martin Langhoff wrote:
> On Mon, Mar 8, 2010 at 7:39 PM, Toshio Kuratomi <a.badger@gmail.com> wrote:
> > You're willing to say that if I update one of my packages that has a script
> > of 30 lines, is a leaf node, and the update is to give the script an
> > optional argument to print output to stdout instead of writing to a file
> > that I'm incapable of building that package and then QA'ing the package from
> > the update-testing repository?
>
> Yes. And that is 0.001% of the package updates. In fact, skip the
> noise of pushing that as an update, wait until something interesting
> happens to roll it out.
>
> There is no gain in rolling an rpm everytime. And there is a cost --
> in many "cheap" resources (bandwidth, cpu burn in builders), and in
> costly resources, like review time of your downstreams if they care
> about their QA.
>
But if someone requests this feature because they need to use it in their
environment, then the risk::reward ratio is low enough to justify it.

> > But #3 is not a sterling example
> > of an axiom
>
> #3 is correct for 99.9% of the worthwhile package updates. Don't call
> it an axiom if it bothers you to be unfair to a tiny portion of
> updates.
>
> But is a damn important point that is central to what a distro is.
>
And once again you've failed to quote the part of my message where I say
that this affects a small number of packages. Thanks.

-Toshio
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-09-2010, 01:00 AM
Chris Weyl
 
Default Proposed udpates policy change

On Mon, Mar 8, 2010 at 1:59 PM, Matthew Garrett <mjg59@srcf.ucam.org> wrote:
> This is the policy that I expect to be discussed during the Fesco
> meeting tomorrow. This is entirely orthogonal to the ongoing discussions
> regarding whether updates in stable releases should be expected to
> provide features or purely bugfixes, and I don't see any conflict in
> introducing it before those discussions have concluded.
>
> Introduction
> ------------
>
> We assume the following axioms:
>
> 1) Updates to stable that result in any reduction of functionality to
> the user are unacceptable.
>
> 2) It is impossible to ensure that functionality will not be reduced
> without sufficient testing.
>
> 3) Sufficient testing of software inherently requires manual
> intervention by more than one individual.

Hmm. So. I have a package, perl-Moose, that has 4,667 tests run at
build time. It depends on perl-Class-MOP, which has 2,225 tests, and
it in turn depends on perl, which has 234,776 tests run at build. On
a future note, we're working on setting up smoke testing, so when we,
say, rebuild perl-Class-MOP we also run perl-Moose's tests.

If I rebuild perl-Moose, or really, any of these packages, what sort
of manual testing would you suggest we require before pushing the
update?

-Chris
--
Chris Weyl
Ex astris, scientia
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 03-09-2010, 01:38 AM
Ralf Corsepius
 
Default Proposed udpates policy change

On 03/08/2010 11:45 PM, Michael Schwendt wrote:
> On Mon, 8 Mar 2010 23:21:45 +0100, Sven wrote:
>
>> On Mon, Mar 08, 2010 at 09:59:29PM +0000, Matthew Garrett wrote:
>>
>>> Before being added to updates, the package must receive a net karma of
>>> +3 in Bodhi.
>>
>> [...]
>>
>>> It is the expectation of Fesco that the majority of updates should
>>> easily be able to garner the necessary karma in a minimal space of time.
>>
>> I don't know what to say.
>
> Right now (and after sending my early reply), I feel dizzy. I hope to
> not take another look at the fedora devel list folder until tomorrow
> when it will contain hundreds of message. After those monster threads
> last week, now this.
>
>> If Fesco is aiming at getting rid of all the pesky packagers maintaining low
>> profile packages: You're well on your way.
>
> Well said.

Yes.

As others already said, the axioms this proposal is based on are wrong,
the conclusions are wrong, the technology being applied is flawed (karma
votes), ... this whole proposal is insane.

> Also important, Matthew even fills a FESCo seat. Proposals like that are not
> what I expect from FESCo members.

This begs for a question: How many people participating to Fedora does
this FESCO represent? IIRC, the last election had a very low
participation, which in many democratic elections would have meant the
elections to have missed some quorums and the elections to be invalid.

> I'm severely disappointing.

Ditto.

Ralf




Ralf

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 

Thread Tools




All times are GMT. The time now is 11:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org