You're right, Michael, everything is perfect. No reason to discuss how the situation
might be improved, other than blaming me and other users.
I do contribute to Fedora, and to other projects, including some of my own. I contribute
through bug reports and testing and code contributions and ideas and other ways, too.
You don't know anything about me. You think my name is "Jerry"? It's
not. I value my privacy, so I generate a new alias for almost every instance in which I
file a bug report or contact a mailing list, etc. I could be Linus, for all that you know.
(I'm not.) I'm willing to go through all that extra effort just to contribute
while preserving my privacy.
You are so unbelievably ignorant, I will waste no more time on you. I will be deleting
this e-mail account now, as it has served its purpose. Others will either intelligently
consider how the processes might be improved, or they'll be like you. It's out of
my hands now.
I appreciate whatever contribution you're making, regardless. Farewell!
Sent: Monday, April 20, 2015 at 11:30 PM
From: "Michael Schwendt" <mschwendt(a)gmail.com>
To: "Jerry Bratton" <JerryLBratton(a)mail.com>,
packaging(a)lists.fedoraproject.org
Subject: Re: [Fedora-packaging] critical path security update policy
On Mon, 20 Apr 2015 22:51:49 +0200, Jerry Bratton wrote:
>Check out the bodhi ticket! In particular the automated comment
from
>2015-04-18. With the next push it will appear in the updates repo. That
>is not a matter of minutes, because AFAIK the release process is not fully
>automatic [yet] and triggered by an admin.
>
>Btw, 18 minus 7 is not 17. And IMO you're getting unfair, if you don't
>take into account the time it takes for package maintainers to prepare
>updates.
Today is April 20th. Mozilla released the fix April 3rd. Twenty minus three is
seventeen.
Look at
http://koji.fedoraproject.org/koji/packageinfo?packageID=37
Do you want to extend your complaints, because it has taken a few days for
packages to be ready to begin with? April 4th and 5th was a weekend. Build system
lists builds made on April 7th. Update system lists updates entered on April 7th.
That corrects the numbers a bit.
This is intended to be a discussion about how to reduce the time it
takes for security updates to reach users.
Currently, as a minimum, positive feedback from _two_ testers can lead
to a security update being released very quickly. Provided that there
is the man-power to prepare builds quickly and enter them in the
updates system quickly. Possibly even during weekends. ;-)
The figure of 17 reflects the time so far it has taken for this fix
on
Fedora's end.
Look at
https://admin.fedoraproject.org/updates/search/firefox[https://admin.fedo...
Notice the "Karma" column. Notice the corresponding security update for
Fedora 21. Click on it. Watch the votes and comments.
I am not trying to be "unfair," I am simply pointing out
the reality.
Reality could be that Fedora 20 doesn't get as much love anymore as
Fedora 21, does it? Else there would have been one more tester to care
about this security update. Users/testers may have moved on to Fedora 21
or Fedora 22 Alpha/Beta.
There are any number of bottlenecks that have already
been mentioned in this thread which are contributing to the 17 day
wait at Fedora. The 2 day wait (so far) since this was marked stable
is yet another example. It is my feeling that there is room for
improvement, which is why I initiated this dialog to explore in what
ways the process may be improved.
Sure there is room for improvement. That applies to many other areas
as well. I've pointed out how *you* could make a difference _today_ by
speeding up the release of an update rather than sitting and waiting for
others to do all the work.