[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disabling automatic upgrades on Sid by default?

On Sun, Dec 27, 2020 at 10:58:10PM +0000, Lyndon Brown wrote:
>...
> The problem with using testing as a rolling distro is that the package
> migration process often causes big delays that can block upgrades that
> include security fixes, making use of testing alone thus a big security
> risk.

Debian testing is not and cannot be a proper rolling distro.

Every 2 years testing/unstable is frozen for half a year with 
maintainers not permitted to upload new versions to unstable.

If such 6 months delay is not a problem for you, Ubuntu releases are 
snapshots of Debian unstable taken every 6 months and security-supported 
for 9 months.

> It is unfortunate that although sometimes upgrades with security
> fixes are rushed into testing quickly to avoid this, I've seen too many
> examples before of this not happening for me to be comfortable using
> testing. It is for this reason alone that I personally choose to use
> unstable, and I'm sure that I'm far from alone.

There used to be a separate testing-security team that monitored 
progression of security fixes from unstable to testing and did separate 
uploads to testing when necessary.

It ceased existing 10 years ago for the usual reason, lack of people.

>...
> We also have to consider not
> only doing this for our own personal machines but also others which we
> may manage, like those of family members (should we choose to give them
> debian and not want to leave them with the "outdated" packages of
> stable).

Using Debian testing or any rolling release distribution for this 
usecase would be stupid.

This is a clear case where everything has to be stable and non-changing.

> Given than many like myself use unstable for our personal daily-use
> systems as though it were a proper rolling debian distro, it is thus
> very problematic for package maintainers to treat unstable as a testing
> ground to the extent of expecting that we must be "prepared for any
> kind of breakage".

The testing ground for maintainers is experimental, but all testing and 
QA happens between unstable and testing and any kind of breakage might
by accident happen at any time in unstable.

>...
> What would be best for most people like myself using testing/unstable
> as though it were a real rolling distro, who for one reason or another
> cannot or do not wish to move to a real "rolling" distro like arch,
> would be for debian to actually offer a real rolling channel alongside
> the stable one. Surely this would not be burdensome.
> 
> As I envision it,
>...

The internet is full of people who "envision" things, and who claim it 
"would surely not be burdensome" if other people would do the actual 
work for them.

If you want this to happen, it is you who will have to implement and 
maintain it.

cu
Adrian
Reply to: