Leaving the SRU team due to OEM rotation

Wed Apr 21 23:02:28 BST 2010

On Apr 21, 2010, at 1:47 PM, Martin Pitt wrote:

>> On a related note, Martin, what are you thoughts on changing the tagging
>> scheme a bit for SRU's? I'd like a "needs the attention of SRU team now"
>> tag (e.g. for when a debdiff is awaiting review). I'd say 80% of my SRU
>> bugmail tends to be unrelated chatter on the bug report and I'd hate to
>> be overlooking real bug reports while thumbing through those. If there
>> were a one-screen view of all the SRU's that are actually awaiting our
>> review, that'd be great.
> 
> That's indeed a good point. Right now it seems that both Steve and I
> read all bug mail (and you too, apparently). So far I have just mostly
> ignored the chatter, and thus haven't found it a big enough time sink
> to try and establish more formalisms around it. 
> 
> I usually start with reviewing the unapproved queues and use
> queue-diff (which opens the bugs in the browser); if you don't have
> enough time for reading the bug mail at some particular time or in
> general, doing only queue review already covers 90% of the SRU job, I
> think. 
> 
This seems to be the root of some level of confusion when the ubuntu-sru and motu-sru teams merged. Traditionally, the motu-sru procedure asked for debdiffs to be reviewed and ACKed before the upload is performed, while the ubuntu-sru procedure reviews the patch after it has been uploaded. 

Currently, what tends to happen seems to be a mix of the two, because https://wiki.ubuntu.com/StableReleaseUpdates#Procedure doesn't explicitly state which of these two workflows is correct. I'm not strongly convinced whether switching to the upload-then-ACK workflow would solve this issue or not, but I wouldn't object to it. I think the bottom line here is that we should decide one way or the other and document it clearly on the wiki.

I don't want to be the one to insert unnecessary bureaucratic systems into the SRU procedure, and personally try my best to read through all the chatter on my bug report. However, if I needed to quickly know "are there any SRU bugs that need my attention?", I don't have a quicker way than grabbing a coffee and going through my SRU bugs folder. The security team seems to have a nice table (forgot the link) of all the CVEs and their status in various Ubuntu branches -- it'd be awesome if there's a Launchpad query or something that could generate a SRU radar screen.