public inbox for [email protected]
help / color / mirror / Atom feedFrom: Dave Page <[email protected]>
To: Simon Riggs <[email protected]>
Cc: Magnus Hagander <[email protected]>
Cc: Devrim GÜNDÜZ <[email protected]>
Cc: Scott Mead <[email protected]>
Cc: [email protected] <[email protected]>
Subject: Re: Linux Downloads page change
Date: Mon, 9 Jul 2012 12:21:52 +0100
Message-ID: <CA+OCxoxxW3EOoLpWuTk=GW2Hr-Z+8m0_oN2QUQCMpVss6R+DDw@mail.gmail.com> (raw)
In-Reply-To: <CA+U5nMK86koEcfkBwUWRPqGTT1b8Qjp3hN=pk3to+kqaUoWp=w@mail.gmail.com>
References: <CAKq0gvKgeckkBa0xm6xsrmNvk=Cm6zPP4n1O3CQCvDUvCYCs8w@mail.gmail.com>
<CABUevEyONmEeqwU4VJgs8vTV3yW3dsNLPiFfPnAKJOCLgYbvYA@mail.gmail.com>
<CAKq0gvL-s4_Mk0ztGh+yywH5v4Jvnm2Fs2k-gq2wcrW+kfY2xQ@mail.gmail.com>
<[email protected]>
<[email protected]>
<[email protected]>
<CA+OCxoxExqHx_ZNRpvmJpVoNCOa9yO4C3HTZ4Ob7e32Wn2+fcQ@mail.gmail.com>
<CABUevEzm09To=uzW=+F==G98HK2YZNXsXwv+NW-7uOgqGLOxoQ@mail.gmail.com>
<CA+OCxox1pCaXvOeVmv0gECbXsOqGeXQL-O2QsyWmFS9ZvCkjbg@mail.gmail.com>
<CABUevEx_7-Xm+z5oc+61TuHzSbu34fWAKiRxAXjGwfCzff=OZA@mail.gmail.com>
<CA+OCxoyGPVRQ+1tnxGuFS1JACr1QJUchS90qxXHuN_YTUNj8QA@mail.gmail.com>
<CA+U5nMK86koEcfkBwUWRPqGTT1b8Qjp3hN=pk3to+kqaUoWp=w@mail.gmail.com>
On Mon, Jul 9, 2012 at 12:19 PM, Simon Riggs <[email protected]> wrote:
> On 9 July 2012 10:44, Dave Page <[email protected]> wrote:
>
>> It gets pushed periodically when I remember to do it (or someone
>> reminds me), which I guess you've forgotten given that we've had this
>> exact same discussion before.
>
> That highlights a key flaw.
>
> If we distribute RPMs then the SRPMs should exactly match. If they
> don't, that's a pretty serious set of bugs we're introducing.
>
> Can I suggest that the process be changed? Push the SRPM code, then
> generate RPMs from the released SRPM code. That way there is no
> opportunity to forget anything. This is a substantial security
> concern, not just a forgotten task.
>
> Perhaps it would be useful to have a "build farm" that builds the RPMs
> from SRPMs automatically, then we will have no need for manually
> updating the RPMs at all. (And I mean build all binaries from publicly
> available build scripts).
We're not talking about RPMs here.
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
view thread (56+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Linux Downloads page change
In-Reply-To: <CA+OCxoxxW3EOoLpWuTk=GW2Hr-Z+8m0_oN2QUQCMpVss6R+DDw@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox