[Ubuntuone-users] CouchDB 1.0 SRU to 10.04 LTS
Clint Byrum
clint at ubuntu.com
Sat Nov 27 20:10:41 GMT 2010
On Sat, 2010-11-27 at 11:14 -0500, Rodney Dawes wrote:
> On Fri, 2010-11-26 at 23:06 -0800, Clint Byrum wrote:
> > Since the two are not compatible with one another, its entirely possible
> > that people have built and deployed applications on CouchDB 0.10 and
> > Ubuntu 10.04, and would be extremely upset if we shoved an update into
> > the archive that broke their systems.
> >
> > This sounds like a pretty easy exception if we can view couchdb 1.0 as a
> > new, and separate package rather than an update to 0.10.
> >
> > Since it is only needed by desktopcouch and ubuntuone, wouldn't it make
> > more sense to push this into 10.04 as something else that didn't, in any
> > way, conflict with couchdb 0.10?
> >
> > Seems like that would be an easier exception to approve than one that
> > pushes an incompatible upstream into the LTS, even if it *is* old and
> > crusty by now, 7 months later.
>
> The problem with shipping couchdb 1.0 as a separate binary package (or
> set thereof), means that it's no longer a simple SRU to 10.04. We would
> also need to provide an SRU for desktopcouch on 10.04. As well as an SRU
> for couchdb on 10.10 (which already ships 1.0, and would need to
> reconcile the split on upgrade), and get the same dependency changes for
> 10.10 into 11.04.
>
Simple or not, an incompatible protocol (maybe it would help to explain
how its incompatible) means that you're breaking 3rd party applications
that depend on it, and making for a very difficult rollout of the SRU in
a distributed environment.
I'd typically expect that 'apt-get upgrade' won't break my cluster. If I
have 10 Lucid boxes with the shipped CouchDB supporting an app I wrote
that values simplicity over the latest crack (even if the latest crack
is *way way way* better), I am doing that *because I expect it not to
change*. People who are comfortable with running and rolling out the
latest couchdb are not using the lucid package.
Meanwhile the only difficulty in adding a new 1.0 package is in getting
an exception to add a new package, changing the paths/binaries in the
install step, and then changing desktopcouch to use a different binary.
For ubuntu developers, not quite so simple, but for users, this is much,
much simpler and, IMO, safer (especially since it sounds like
desktopcouch is totally broken in Lucid without this anyway).
Also, why would 10.10 need to be updated in any way if it already
supports the newer protocol?
> There are also other security fixes included in the set of changes from
> 0.10 to 1.0, which means anyone actually using 0.10 is probably going to
> have to update anyway.
>
Our security team backports security fixes to the released version in an
LTS, so I'm not sure how that is relevant.
More information about the ubuntu-devel
mailing list