[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why wasn't the 25.3 release based on the then-head of the emacs-25 b

From: Paul Eggert
Subject: Re: Why wasn't the 25.3 release based on the then-head of the emacs-25 branch?
Date: Mon, 18 Sep 2017 10:10:21 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0

Eli Zaretskii wrote:
it's naïve to assume
time frames of minutes for these activities, unless we want to give up

It's routine to do the kind of QA that you mention in minutes for projects Emacs's size. We're not up to that now, but it's reasonable to make it a goal, if this sort of thing is important to us. At any rate the procedure could be streamlined considerably compared to what it was last time. Whether it should take 10 minutes or 2 hours is not something we need to decide now.

I still don't understand what you are suggesting, in practical terms,
and how will this be different from the current procedures, where
anyone could raise a security issue and propose a solution.

We could try having a better relationship with Debian and one or two others, so that the patches they consider to be security issues cause us to consider issuing new versions quickly. And we could be more proactive in sending our potential security patches to them early in our review process.

Are Debian and Fedora indeed enough?  What about Red Hat?

Fedora is Red Hat's early version, so we needn't worry about Red Hat separately.

What about Arch Linux?

They wouldn't make my cut. Others of us might step up to be a liaison. openSUSE is also a plausible candidate for that.

given the sample of distributions, how does one
figure out which ones of them include a given Emacs changeset, in
which versions of Emacs, and since what time.

This info is all public now, at least for Debian and Red Hat.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]