[maemo-developers] maemo-developers Digest, Vol 59, Issue 25
From: Attila Csipa maemo at csipa.in.rsDate: Fri Mar 26 13:53:43 EET 2010
- Previous message: maemo-developers Digest, Vol 59, Issue 25
- Next message: maemo-developers Digest, Vol 59, Issue 25
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thursday 25 March 2010 20:34:40 Urho Konttori wrote: > I would propose the following as the first step to improve the support for > the community developers: > if a component X has been successfully promoted to extras once, when there > is an update from the same developer for this component, it will gain the > access to enter extras automatically (so, developer still needs to press > the magic button). This is to make it somewhat sane to do updates of the > apps as well as to have testing concentrate on the new content and not have > to test ukeyboard kb layouts for the 10th time in the month because some > key had been moved to different position in arabic vkb (I like far fetched > examples, a build fault in me). Indeed, the initial effort was a lot more idealistic, but then pragmatism is catching up with us, slowly but surely :) There is already a suggestion in-place for 'fast promoting' things, but that is still not the real deal. Since there is no really universal versioning nomenclature, the 'complicated way' of doing this is to have a simple radio button element for promoting things to testing which would signalize what the new package is. If it's is just a bugfix update (an answer maybe to issues raised previously for the very same package), it would perhaps make sense to avoid resetting karma and the quarantine clock. If it's a minor update, it could mean (a possibly shorter?) quarantine, but certainly a more lax karma requirement. Or, if declared as a major update, it would be treated as such. There is a significant question of how to minimize potential abuse (whether as attempts to 'game the system' or simply because of frustration due to lack of active testers). Not presenting this as a definite solution, of course, just a general idea, the topic obviously needs further discussion. > All security comments are insane in my opinion. If some person really wants > to be evil, there is nothing in our process that would block that except by > accident. I would rather say that it's more of a formulation issue. It would be more correct to say that a *known* or *detected* security flaw is a blocker. Passing Extras-testing is not equivalent to a security audit - it just means there is no glaring security issue known at the time. I can't say I would be happy on thumbing up an application is discovered to, say, set a default root password (I'm good at far fetched examples, too ;) Regards, Attila
- Previous message: maemo-developers Digest, Vol 59, Issue 25
- Next message: maemo-developers Digest, Vol 59, Issue 25
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]