Received: from magus.postgresql.org (magus.postgresql.org [87.238.57.229])
	by mail.postgresql.org (Postfix) with ESMTP id 80B4A16FA500
	for <pgsql-www@postgresql.org>; Mon,  9 Jul 2012 08:22:10 -0300 (ADT)
Received: from mail-vc0-f174.google.com ([209.85.220.174])
	by magus.postgresql.org with esmtp (Exim 4.72)
	(envelope-from <dpage@pgadmin.org>) id 1SoC2Y-0003aq-DL
	for pgsql-www@postgresql.org; Mon, 09 Jul 2012 11:22:09 +0000
Received: by vcbf11 with SMTP id f11so7214166vcb.19
	for <pgsql-www@postgresql.org>; Mon, 09 Jul 2012 04:21:53 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:x-gm-message-state;
	bh=96V1GCoOGhsebA34qWgeBWPdf7vAHgw0dKrq1nBbUiQ=;
	b=PaGjcJ9mcteOmxQNhlVurOHaDQAtlmxizz7vxDpOxkm9M64XR6FNeJxsc1TFTijbyh
	n7igMXVCF/WqO/2gBh7E4QZ6xs5sxlbufIVzaCn0dJTCi6XnK6QmaOn+6rbnor0abjGm
	02Ko9dU9771mE8MP4xS100guzf47nT2D6cJXh3t4qrhvSBpgYFv2e2heW7HCYxpiXdFt
	B6Qpxn8fo6wzyckkIzOYqnMGQF48fEzwOV2/L/mSBOHW9rOtI5A2/RZ6UFTsKRwK7EfG
	Q0Wzy4ro91wEog841AilwRRb6A/MkGLFUAjkOefRQlUFLIWU4Ce6h+aqnF2p6noC0A2P
	S1HQ==
MIME-Version: 1.0
Received: by 10.220.220.78 with SMTP id hx14mr19037401vcb.23.1341832913088;
	Mon, 09 Jul 2012 04:21:53 -0700 (PDT)
Received: by 10.52.182.168 with HTTP; Mon, 9 Jul 2012 04:21:52 -0700 (PDT)
In-Reply-To: 
 <CA+U5nMK86koEcfkBwUWRPqGTT1b8Qjp3hN=pk3to+kqaUoWp=w@mail.gmail.com>
References: 
 <CAKq0gvKgeckkBa0xm6xsrmNvk=Cm6zPP4n1O3CQCvDUvCYCs8w@mail.gmail.com>
	<CABUevEyONmEeqwU4VJgs8vTV3yW3dsNLPiFfPnAKJOCLgYbvYA@mail.gmail.com>
	<CAKq0gvL-s4_Mk0ztGh+yywH5v4Jvnm2Fs2k-gq2wcrW+kfY2xQ@mail.gmail.com>
	<1341692590.1122.1.camel@lenovo01-laptop03.gunduz.org>
	<2476F91B-A1B2-45DA-96EB-8F33C79A0E05@openscg.com>
	<1341781012.3451.0.camel@lenovo01-laptop03.gunduz.org>
	<CA+OCxoxExqHx_ZNRpvmJpVoNCOa9yO4C3HTZ4Ob7e32Wn2+fcQ@mail.gmail.com>
	<CABUevEzm09To=uzW=+F==G98HK2YZNXsXwv+NW-7uOgqGLOxoQ@mail.gmail.com>
	<CA+OCxox1pCaXvOeVmv0gECbXsOqGeXQL-O2QsyWmFS9ZvCkjbg@mail.gmail.com>
	<CABUevEx_7-Xm+z5oc+61TuHzSbu34fWAKiRxAXjGwfCzff=OZA@mail.gmail.com>
	<CA+OCxoyGPVRQ+1tnxGuFS1JACr1QJUchS90qxXHuN_YTUNj8QA@mail.gmail.com>
	<CA+U5nMK86koEcfkBwUWRPqGTT1b8Qjp3hN=pk3to+kqaUoWp=w@mail.gmail.com>
Date: Mon, 9 Jul 2012 12:21:52 +0100
Message-ID: 
 <CA+OCxoxxW3EOoLpWuTk=GW2Hr-Z+8m0_oN2QUQCMpVss6R+DDw@mail.gmail.com>
Subject: Re: Linux Downloads page change
From: Dave Page <dpage@pgadmin.org>
To: Simon Riggs <simon@2ndquadrant.com>
Cc: Magnus Hagander <magnus@hagander.net>,
	=?ISO-8859-1?Q?Devrim_G=DCND=DCZ?= <devrim@gunduz.org>,
	Scott Mead <scottm@openscg.com>,
	"pgsql-www@postgresql.org" <pgsql-www@postgresql.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: 
 ALoCoQmZ7VvfY2VL5oAMwXTpRDwRTBqAGfWXFh+P/ASb6zjuiYI1Auyo9ZCDRlsrZWM7oN96dqcv
X-Pg-Spam-Score: -2.6 (--)
X-Archive-Number: 201207/48
X-Sequence-Number: 20797

On Mon, Jul 9, 2012 at 12:19 PM, Simon Riggs <simon@2ndquadrant.com> wrote:
> On 9 July 2012 10:44, Dave Page <dpage@pgadmin.org> wrote:
>
>> It gets pushed periodically when I remember to do it (or someone
>> reminds me), which I guess you've forgotten given that we've had this
>> exact same discussion before.
>
> That highlights a key flaw.
>
> If we distribute RPMs then the SRPMs should exactly match. If they
> don't, that's a pretty serious set of bugs we're introducing.
>
> Can I suggest that the process be changed? Push the SRPM code, then
> generate RPMs from the released SRPM code. That way there is no
> opportunity to forget anything. This is a substantial security
> concern, not just a forgotten task.
>
> Perhaps it would be useful to have a "build farm" that builds the RPMs
> from SRPMs automatically, then we will have no need for manually
> updating the RPMs at all. (And I mean build all binaries from publicly
> available build scripts).

We're not talking about RPMs here.

-- 
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company