Guidelines for reviewing new packages.

Justin Dugger jldugger at gmail.com
Tue Nov 13 07:27:02 GMT 2007


On Nov 12, 2007 9:33 PM, Scott Kitterman <ubuntu at kitterman.com> wrote:
> On Mon, 12 Nov 2007 20:13:45 -0600 "Justin Dugger" <jldugger at gmail.com>
> wrote:
> >It sounds like it sort of solves much of both problems.
>
> I'm not sure what you mean.  I think it makes patch systems even more
> critical because you don't typically keep the upstream tarball in the VCS.

I'm assuming you mean keeping the upstream release in VCS, not some
compressed representation.  That seems silly.  At least, more silly than
not keeping upstream code in VCS.

It seems like a patch oriented system is the sort of thing that makes it
simple for a security team to inspect source with, eliminates "patches
on patches" ugliness, make it simple to select and integrate patches,
and as a bonus, works with binary files.  Joey Hess has more[1] on
the subject, but he covers the use git.  Having used neither, I'm not
prepared to make any advocacy for one over the other, but they both
sound like patch systems with advanced history features.

Justin Dugger

[1] http://kitenet.net/~joey/blog/entry/an_evolutionary_change_to_the_Debian_source_package_format/



More information about the Ubuntu-motu-mentors mailing list