Blockers in Bugfix-Releases (Re: [Release Planning 3.6] Samba 3.6.6 on May 31 (was May 24)?)
Stefan (metze) Metzmacher
metze at samba.org
Mon Jun 18 04:55:02 MDT 2012
Am 18.06.2012 12:49, schrieb Michael Adam:
> Hi Karo,
>
> Karolin Seeger wrote:
>> On Sun, Jun 10, 2012 at 10:39:00AM +0200, Michael Adam wrote:
>>> Karolin Seeger wrote:
>>>>
>>>> So you guys want to ship bugfix releases with severe known issues?
>>>> That might work with more developers working on bugs on a regular basis.
>>>> Currently, it does not. There are severe bugs that need to be addressed
>>>> before the next bugfix release.
>>>
>>> I don't get it. The bugs we are talking about have been there
>>> since some time. We have shipped major and/or bugfix releases
>>> with them. So how can the bug be suddenly so severe that we
>>> should hold back existing fixes for other bugs from our users
>>> until the fix for this bug is available, i.e. for an uncertain
>>> amount of time?
>>
>> Many people hit the issue, so it was kind of approved. Then Jeremy started
>> to investigate and it was pretty soon clear that it's really an issue.
>> But you could have lower the severity youself. Feel free to do that next
>> time. I think this was a bad one and I am glad that it is fixed now.
>
> I don't want to challenge the importance and severity of some
> bugs. Actually, every bug can be severe. And I don't think
> severity should or can be a lever to block releases: I don't see
> any reason why missing fix for a severe bug overrules an existing
> fix for another possibly severe bug (or several ones).
>
>
> Proof of the inconsistence of blockers for bugfix releases (again):
> ==========================================================
>
> Assume:
>
> * We have an open bug #X, that was already present in the
> previous release.
> * We have a fix for at least one different bug #Y.
>
> Then:
>
> * The next release will be more useful than the previous
> release in that it contains the fix for bug #Y,
> so it will help some users.
> * The next release will be as bad as the previous one
> with respect to bug #X.
> * The next release will _not_ be worse with respect to the
> known open bugs than the previous one, since bug #X
> was already open in the previous release.
>
> Hence:
>
> => It will be useful/helpful for our users to release without the fix for bug #X.
>
> Furthermore:
>
> * It is not clear that the users will get the fix for bug #X
> if we block the relasese for bug #X.
>
> q.e.d. :-)
>
>
> (The axiom I use here is that the main purpose of a bugfix
> release is to be useful for our users.)
>
>
> Note that the above even applies to #X if #X is a security issue,
> if (and only if) the issue is not public yet or the issue has
> not been detected to be security relevant.
>
>
> Proposal (again): time-based releases:
> ======================================
>
> I propose that we agree on a time-based schedule for bugfix
> releases. E.g. a bugfix release every 4 or 6 weeks
> (whatever works for you, maybe even 8 weeks) for the current
> stable release branch. Then we have a list of bugs that we
> would like to fix for that release (basically any bug open
> against the major version). If at freezing time, at least
> one bug is fixed, the list ist closed and the release is done
> as scheduled no matter which other bugs are still open.
>
> In this mode, the users will get _each_ bugfix in a relase
> as soon as possible after it becomes available. And the users
> are not deprived of important bugfixes because other bugfixes
> are not available yet.
>
> Handling security issues:
> =========================
>
> When a security issue is reported non-publically, and a
> bugfix release is imminent, (within a couple of days, say),
> we should do the bugfix release on schedule and release
> the security release afterwards as soon as we have a fix.
>
> If we have a fix for the security issue before the freezing
> period for the bugfix release starts, we should release the
> security fix before the scheduled release and see whether
> the original date for the bugfix release can be kept or
> needs to be deferred by some days.
>
> If there is a bug report that is public but there is a suspicion
> that it might be security relevant, I have not recipe yet. But I
> am inclined to treat it as any other bug until there is proof.
>
>
> Votes?
> Opinions?
Sounds like a good plan!
We should add that we add the known bugs to the release notes,
that might be also very useful for admins.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120618/d3ddf00a/attachment.pgp>
More information about the samba-technical
mailing list