Problem is: most security updates are not high-priority. We do need
daily notification for the most serious security updates, but the vast
majority of security updates do not require expedited release. Our
updates already have metadata to indicate the severity of the security
issue (low/medium/high), so we should start notifying daily only for
the high priority security updates and see how well that goes.
Are you sure about that? in my opinion, any security update is high priority.
Well that's the result of turning off the version checks.
There's no
way to avoid this without removing support for extensions entirely, or
requiring extension authors to validate compatibility. We decided to
get rid of that step, so more crashes are to be expected.
No. Version checks are not related to the gnome-shell crashes. The gnome-shell
architecture is the cause. Having erratic gnome-shell extensions in a compositor is risky.
Having a JavaScript engine in a compositor is risky. Missing debugging features for broken
gnome-shell extensions make it very hard to hunt down these bugs. Since the version check
was removed, I didn't get more crashes than before.
See also:
https://bugzilla.redhat.com/show_bug.cgi?id=1367666
https://bugzilla.redhat.com/show_bug.cgi?id=1401217
https://bugzilla.redhat.com/show_bug.cgi?id=1334226
https://bugzilla.gnome.org/show_bug.cgi?id=704388
https://bugzilla.gnome.org/show_bug.cgi?id=776940
https://bugzilla.gnome.org/show_bug.cgi?id=699610
https://bugzilla.gnome.org/show_bug.cgi?id=691529
What we should probably do is have a mechanism for flagging
extensions
as broken, so that they can be removed from
extensions.gnome.org until
they are fixed.
More importantly, we need a way to hunt down these bugs. Right now I don't see one.
We must close all GNOME packages to bug reports. GNOME problems just
have to be reported upstream. We can't handle the volume on Red Hat
Bugzilla, which half the relevant maintainers do not check.
Do I read this correctly as *please report all non-packaging bugs upstream* correctly?
We also need to do some major, major work on ABRT client-side, maybe
even rewrite the client side app from scratch.
+1 for the gui, see
https://github.com/abrt/gnome-abrt/issues/49