[Pkg-rust-maintainers] Facilitating Firefox+Rust Linux distro packaging
Angus Lees
gus at debian.org
Wed Aug 31 13:35:15 UTC 2016
On Wed, 31 Aug 2016 at 21:54 Henri Sivonen <hsivonen at mozilla.com> wrote:
> > No work is done on stable.
>
> This looks like a policy issue to me. Are there technical blockers
> that the paragraph above wouldn't address?
>
Perhaps we should rewind a long way and explain why we make releases at all.
"Releases" of Debian are self-consistent snapshots of the ongoing work of
Debian maintainers. Publishing a release serves a few purposes in my mind:
- It gives a fixed version of all the packages to receive additional
integration testing, long-term support statements, and (later) security
updates
- It gives an easy label for 3rd parties to point at and say "My software
works with *that* version"
- It allows fixed/offline media (DVDs, etc) to be published with a known
set of self-consistent contents
- It declares an epoch beyond which Debian maintainers no longer have to
support package upgrades
Yes, we could invent some new concept where we do all the above .. and then
we continue to update packages wherever someone decides that newer is
better. Such a "rolling release" fails to meet any of the above
motivations and is roughly the same as not declaring a release at all - and
indeed this continually updating thing is pretty much exactly what the
Debian "testing" and "unstable" "rolling releases" are. To phrase it
another way: If we only had rolling releases, we would *still* have strong
reasons to invent a fixed-point-in-time release concept in order to satisfy
the above purposes. *Not changing* is the *entire point* of a stable
release.
Now as a project, we've recently decided that browsers are sufficiently
difficult to maintain security for that we're going to try to make
exceptions for them in this "snapshot" concept. I think you can see from
the various public statements mentioning the browsers by name, and the lack
of consistent well-understood policy just how exceptional these are.
Following the "what if everyone did this?" principle, I hope you can see
that we *really don't* want to extend these exceptions and start making
changes to other parts of past stable releases, even though copying some
non-conflicting packages into the archive is technically feasible (and in
many cases, easy).
I hope this makes it a little clearer...
- Gus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-rust-maintainers/attachments/20160831/3c5a9a03/attachment.html>
More information about the Pkg-rust-maintainers
mailing list