From: Damyan I. <da...@mo...> - 2007-01-11 21:14:28
|
-=| Nando Dessena, 10.01.2007 12:27 |=- > D> And yes, debian packages may contain bugfixes taken from upstream CVS > D> HEAD or other distribution-related changes. Why not? > > Because, if a fix wasn't deemed safe to backport by the Firebird > developers, I wonder where does anyone outside the dev team get the > required confidence that he's not breaking anything, and not making > things worse for anyone. This is all theoretical of course, but in > principle any change is dangerous. That's why any serious project > follows strict release cycles. I see your point. Thing is that the initial intention was to discontinue the 1.5 branch, 1.5.3 being the last release of it. Not everything is backported for 1.5.4 too. Not wanting to overload firebird developers with all my patches (some of which are obviously debian-specific), I proposed only those I considered as "good to have" in official 1.5.4 for all users. Of course, this was not requirement, but more of a reminding. And I accepted the argument that they are not acceptable this late in the release cycle[0]. I agree that people applying patches are supposed to be careful and to know what they do. After all, all users of pre-built packages trust the maintainers not to break into their systems[1] so some level of confidence is already in place. > Then there's the issue of change tracking (see my other post). This is not so scary. Each debian-specific revision's changes are supposed to be properly documented in the package changelog. Also, all changes are explicitly visible. We have the original source and we have the changes made. All patches use more-or-less descriptive names and sometimes there are comments in them. > All in all I think Firebird can live with that, and even be thankful > that debian cares about bugs in it ;-) but you asked why not > and these two anwsers came to my mind. Yes, the package maintainer is supposed to fix any damage (s)he has done. It is also considered a very good practice to share any changes with upstream so they can eventually be included for everyone's benefit. I hope I addressed your concerns and everyone can sleep better now :) dam [0] I'd proposed them earlier, but I missed the "please send all patches you want to see in 1.5.4" mail. [1] what is meant here is the fact that as a part of the package installation/removal process there are a couple of scripts that are written by the maintainer and that are executed with root access on every user's system. -- Damyan Ivanov Modular Software Systems da...@mo... phone +359(2)928-2611, 929-3993 fax +359(2)920-0994 mobile +359(88)856-6067 da...@ja.../Gaim |