Guidelines for reviewing new packages.
jldugger at gmail.com
Tue Nov 13 07:27:02 GMT 2007
On Nov 12, 2007 9:33 PM, Scott Kitterman <ubuntu at kitterman.com> wrote:
> On Mon, 12 Nov 2007 20:13:45 -0600 "Justin Dugger" <jldugger at gmail.com>
> >It sounds like it sort of solves much of both problems.
> I'm not sure what you mean. I think it makes patch systems even more
> critical because you don't typically keep the upstream tarball in the VCS.
I'm assuming you mean keeping the upstream release in VCS, not some
compressed representation. That seems silly. At least, more silly than
not keeping upstream code in VCS.
It seems like a patch oriented system is the sort of thing that makes it
simple for a security team to inspect source with, eliminates "patches
on patches" ugliness, make it simple to select and integrate patches,
and as a bonus, works with binary files. Joey Hess has more on
the subject, but he covers the use git. Having used neither, I'm not
prepared to make any advocacy for one over the other, but they both
sound like patch systems with advanced history features.
More information about the Ubuntu-motu-mentors