glibc SRU policy
Robie Basak
robie.basak at ubuntu.com
Tue Apr 18 17:01:03 UTC 2023
Hi Simon,
Thank you for this detailed assessement of the current situation and
in your work to get bugfixes to Ubuntu users!
Some questions come to mind.
What's the impact to users of not taking this action? Do we have
specific cases of users being affected by bugs for which the upstream
stable branch had fixes but we couldn't reasonably have cherry-picked?
On Tue, Apr 18, 2023 at 03:35:24PM +0200, Simon Chopin wrote:
> # Upstream CI
>
> While there is some upstream CI, it's not well documented, especially
> regarding release branches. After some digging, it seems the CI is (was)
> only enabled on the master branch, in addition to some CI on individual
> patches via Patchwork.
Do all upstream bugfixes come with appropriate additions to the test
suite?
Do other distributions update their stable releases to the upstream
stable branch tips, and if so, how often and what testing do they
perform?
> Now, besides using the head of the release branch or cherry-picking
> individual fixes, I can see a third option. Michael suggested to
> upstream that they delay backporting features until said feature has
> been part of a release to get more real-world exposure. That idea hasn't
> gotten traction there, but we could still do something similar, and base
> our snapshot on the date of the last release, cherry-picking later
> commits in a more usual fashion.
Shouldn't there be a delay here, so that the last release does actually
get some real world use before we adopt the changes into our stable
releases?
A regression in glibc would obviously be very bad for our users,
especially because it may make recovery via a subsequent upgrade
impossible. What I want to avoid is for users of Ubuntu stable releases
to be the first real world users of these changes - that would obviously
be the opposite of the intent of a stable release.
I'm not sure if taking glibc upstream in stable releases without
individual review would be acceptable at all. I'll speak to other SRU
team members about it.
But if we did, I consider it mandatory for any plan to make it very
clear how this won't be the case.
Thanks,
Robie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-release/attachments/20230418/24de3b46/attachment.sig>
More information about the Ubuntu-release
mailing list