git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Inconsistencies in package versions for stable releases


Hello Å?ukasz,

On 07/09/2018 02:32 AM, Lukasz Zemczak wrote:
> Just a few cents from me as an SRU member.

For the sake of clarity, are you representing yourself as an uploading
Ubuntu Developer, or the SRU team as a whole?

> There is no 'inconsistencies' among the SRU team regarding versioning
> as there is no 'standard' way of versioning packages.

Standards are not a prerequisite of inconsistency. If I complete a task
a different way than someone else does, and there's no written standard
way of completing this task, our actions are still not consistent.

> Rejection of a package because of the versioning scheme, to me, is
> only a case of preference and can vary between SRU members.

Right, this is the inconsistency I'm describing.

<snip />

> In my view the ubuntu-report scheme is the most invalid, but it has
> been accepted conditionally as the package was not targeted for
> backporting to anywhere else than bionic. I should have probably
> rejected it and re-uploaded with a more fitting versioning applied, as
> I did for a few others like this. But as I said, there generally is no
> standard we *need* to enforce, so as long as the version works -
> there's no requirement for rejection.

I think this is a slippery slope. There are a lot of versioning schemes
which *technically* work, but should we use them in practice?

For example, if I were to upload version
1.7.5-1bionicbeaveristhe1804ltsrelease.0.18.04.0.1 of a package which
has only been in Bionic and Cosmic, following this standard, as long as
it works, the SRU team would have to accept it.

> We should keep advertising the security team's versioning as the best
> way to go, but right now - for what I can tell - there are no rules
> for that.

My argument is that we *should* have rules here. If we say that the
security team versioning scheme should be followed, but if you don't
follow it and it still works anyway it'll still be accepted, then what's
the point of linking to the security team versioning scheme?

Thanks for your response.

-- 
Simon Quigley
tsimonq2 at ubuntu.com
tsimonq2 on freenode and OFTC
5C7A BEA2 0F86 3045 9CC8
C8B5 E27F 2CF8 458C 2FA4

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20180709/384c0ccd/attachment.sig>