|
| From: | Paul Eggert |
| Subject: | Re: Why wasn't the 25.3 release based on the then-head of the emacs-25 branch? |
| Date: | Sun, 17 Sep 2017 15:44:36 -0700 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 |
Eli Zaretskii wrote:
That time included the time to make the tarball and test it.
If making the tarball and testing it takes 1.5 days, then that was 20% of the overall delay last time, and there is good opportunity for speeding up the process. Such a process should take minutes, not hours.
How can people outside of the project be charged with reviewing our bugs and patches?
These are people quite knowledgeable about security and software maintenance. They can be a good source for security reviews. It's another set of eyes, with an outside perspective, and that is helpful.
why wouldn't those people speak up here and work with us within our procedures?
They're busy. Also, we haven't exactly been soliciting or welcoming their input. The most recent emergency release had a bit of an NIH feel about it.
No one was arguing for additional bureaucracy. What we need is data and procedures
Whatever it's called it's more work, and we lack the resources to do it. Maybe we can look at two disparate releases (Debian and Fedora, say). Above that there are diminishing returns. Outside reviewers could help here (some are Fedora experts).
| [Prev in Thread] | Current Thread | [Next in Thread] |