[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#43075: Prioritize providing substitutes for security-critical packag

From: zimoun
Subject: bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times
Date: Fri, 11 Sep 2020 09:37:59 +0200


On Fri, 11 Sep 2020 at 08:56, Ludovic Courtès <ludo@gnu.org> wrote:

> > The recent updates of ungoogled-chromium do not mention [security
> > updates].  Well, I do not know if they are.  So the question would be:
> > what triggers the special security build?
> To me the proposal is more about introducing scheduling priorities.  For
> these packages, it’s indeed safe to assume that every new release brings
> security fixes.

Why would some packages be prioritized on the build farm than others?
Based on what?   Which criteria?
Popularity?  But we do not measure (yet?) how many times a substitute
is downloaded.
For example, I do not use ungoogled-chromium so I would prefer that
the resources of the build farm would be spent on these X packages.
Bob and Alice, they would prefer these Y packages.  How do we reach a
And security is one criteria.  But how to detect it is a security fix?

(Aside the issue of ungoogled-chromium about the time limit you
described; which should be fixed, obviously. :-))

I understand the annoyance and the frustration of the substitutes
availability but I am not convinced that some packages have higher
priority on the substitute delivery than others.

All the best,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]