[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?

From: zimoun
Subject: Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?
Date: Tue, 16 Mar 2021 19:46:02 +0100

On Tue, 16 Mar 2021 at 19:08, Léo Le Bouter <> wrote:
On Tue, 2021-03-16 at 13:55 -0400, Leo Famulari wrote:

> > I do agree that updating this program 5 versions in a graft was
> > perhaps
> > too much.
> >
> > We should always try to cherry-pick bug-fix patches when grafting.
> >
> > Otherwise the risk of breakage is too high. At least, these types of
> > patches should be reviewed on guix-patches. Léo, can you send them to
> > guix-patches in the future?
> >
> > Sometimes it is okay to update things in a graft, but it depends on
> > the
> > situation.
> 1.4.4 and 1.4.9 are ABI compatible? At least that's the reason I
> believed it wasnt risky. I can send them to the mailing list especially
> with such a core package (GNU Guix dependency). But often it stays
> there and no one is looking so. E.g. the unzip vulnerability patches,
> nobody looked until I actually pushed them out of waiting for reviews,
> I tried to hint multiple people on IRC during several days, no answer
> still, so I ended up pushing it, turns out I had several mistakes in it
> and because it was pushed well some people looked at it and helped
> fixing which was welcome.

Well, it seems better to send such changes to guix-patches, waiting 15
days, and then if no comment, push.  It is what the manual describes:

        Non-trivial patches should always be posted to (trivial patches include fixing typos,
        etc.). […]

        For patches that just add a new package, and a simple one, it’s OK to
        commit, if you’re confident […].  Likewise for package upgrades, except
        upgrades that trigger a lot of rebuilds […].


        […] If you didn’t receive any reply after two weeks, and if
        you’re confident, it’s OK to commit.


And from my understanding, it is a non-trivial patch which triggers a
lot of rebuilds.  Double reasons. ;-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]