Thinking about SRU

[Ma Xiaojun]

On Thu, Nov 8, 2012 at 1:55 PM, Clint Byrum <clint at ubuntu.com> wrote:
> This is the nature of a stable release. "Better the devil we know." This
> is the reason why we ask for simple, easy to understand patches, or
> require an extremely detailed testing plan if the patches are larger
> than that. We don't want to just throw in upstream's latest awesomeness
> without understanding how it might impact Ubuntu users. If there were
> more resources available to backport and test these fixes, then we
> would probably open it up to a wider selection of bugs. But as it stands,
> the resources are too limited even for the current policy. The queues
> for precise and quantal SRU reviews have been multiple-weeks long for
> some eimte now.

What you said is all right. I guess contributors generally don't throw
a patch and leave. But I wonder whether Ubuntu developer generally
ask.
For me, I don't mind if the whole process being slow, say, spanning 6
months to fix a simple bug.
What I mind is that probably fixable bugs being marked WONTFIX prematurely.

Another annoying situation is that fix only goes to future release and
the origin bug marked as FIXED. Though it's anyway a positive movement
for Ubuntu, it hides the fact that the Ubuntu series that the bug
raised is still broken. I don't know what's the best thing to do in
this case.

> This is a resource issue, not a complexity issue.
>
> I am an SRU team member, and one of our duties is to check that the
> patch makes sense and actually does what its documentation says it
> does. Even doing a lightweight skim over patches of languages I'm not
> super comfortable with is something that scales logarithmically. The
> more lines in the patch, the more I need to scan around in the files
> and understand how each change impacts the whole program.
>
> So, while I agree you can't estimate the risk just by counting lines
> added/removed, you *can* estimate how long it will take to review it.

Repeat, you can ask if you don't understand. I think that's fair for both sides.

> Rar, and any other binary-only package (really anything in multiverse)
> is not a good example. The bulk of the packages in Ubuntu are open source.

Probably a bad example, I don't know whether multiverse is part of Ubuntu.
(non-free is not part of Debian?)

"rar" would be pulled automatically when a users try to open an RAR
archive with none of "rar" or "unrar" installed.
RAR archive is very popular in China while Ubuntu contains a broken
version of RAR that doesn't correctly handle UTF-8 file name/path?
(Chinese users do use Chinese file name/path often, which requires
proper UTF-8 support.)
That's why I feel strong about it though I don't use it personally.

BTW, I'm also following similar issues on ZIP archive. The problem of
ZIP is much more complicated so I'm contacting the Info-Zip upstream
right now. I don't think any working patch/new release (Info-Zip has
unreleased beta versions already) will come soon. So you won't be
bothered by my SRU request :)