Received: from magus.postgresql.org (magus.postgresql.org [87.238.57.229]) by mail.postgresql.org (Postfix) with ESMTP id EF2E216FA500 for ; Mon, 9 Jul 2012 08:28:49 -0300 (ADT) Received: from mail-vc0-f174.google.com ([209.85.220.174]) by magus.postgresql.org with esmtp (Exim 4.72) (envelope-from ) id 1SoC91-0003fn-3s for pgsql-www@postgresql.org; Mon, 09 Jul 2012 11:28:49 +0000 Received: by vcbf11 with SMTP id f11so7216967vcb.19 for ; Mon, 09 Jul 2012 04:28:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=qq3PcucGBEuIAcQaD/FWVsIwzMy5HyzWQ+8OHbUMl8k=; b=Zqe4gGyfnjZWqx+cXCc4O8PGYlC3viht/GyWiDddl6Kp83DoNqmw5KATLCRUGE3vm8 Lcvmpg17qk1NAIuDpQGzMacn8Ny+trXQxgbGq/10JuhB2KUupxJUhZIDSlpZQvM9dMVY GAHmA3AkPlCH+Hys/pGc0FO7fuCBEZhaPMuv6u8zhV82mvwikT0rJ87rgzYTVOUHTIhj dHy24zvOZeIBs4jdEyaUKDL0FdOFfa/XlsH7HHRBDvptY4WAV2WYjeQUJidM2+dUA9kl Qf6Qfx/RZH0obVES+YN7973OJBhW24k8pmaqHVFggBoKbNMXQMx9sM4DqYOL0QN77CR5 QNNg== MIME-Version: 1.0 Received: by 10.220.115.12 with SMTP id g12mr18978354vcq.44.1341833313850; Mon, 09 Jul 2012 04:28:33 -0700 (PDT) Received: by 10.52.182.168 with HTTP; Mon, 9 Jul 2012 04:28:33 -0700 (PDT) In-Reply-To: References: <1341692590.1122.1.camel@lenovo01-laptop03.gunduz.org> <2476F91B-A1B2-45DA-96EB-8F33C79A0E05@openscg.com> <1341781012.3451.0.camel@lenovo01-laptop03.gunduz.org> Date: Mon, 9 Jul 2012 12:28:33 +0100 Message-ID: Subject: Re: Linux Downloads page change From: Dave Page To: Simon Riggs Cc: Magnus Hagander , =?ISO-8859-1?Q?Devrim_G=DCND=DCZ?= , Scott Mead , "pgsql-www@postgresql.org" Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQlJhdeqx5YIWXdR6O8ISNb+kTtrIgdyHz0Bh/nKC4vDqd1dL01uzPKpw8x3eNQA7jTDBFk0 X-Pg-Spam-Score: -2.6 (--) X-Archive-Number: 201207/51 X-Sequence-Number: 20800 On Mon, Jul 9, 2012 at 12:25 PM, Simon Riggs wrote: > On 9 July 2012 12:21, Dave Page wrote: >> On Mon, Jul 9, 2012 at 12:19 PM, Simon Riggs wrote: >>> On 9 July 2012 10:44, Dave Page wrote: >>> >>>> It gets pushed periodically when I remember to do it (or someone >>>> reminds me), which I guess you've forgotten given that we've had this >>>> exact same discussion before. >>> >>> That highlights a key flaw. >>> >>> If we distribute RPMs then the SRPMs should exactly match. If they >>> don't, that's a pretty serious set of bugs we're introducing. >>> >>> Can I suggest that the process be changed? Push the SRPM code, then >>> generate RPMs from the released SRPM code. That way there is no >>> opportunity to forget anything. This is a substantial security >>> concern, not just a forgotten task. >>> >>> Perhaps it would be useful to have a "build farm" that builds the RPMs >>> from SRPMs automatically, then we will have no need for manually >>> updating the RPMs at all. (And I mean build all binaries from publicly >>> available build scripts). >> >> We're not talking about RPMs here. > > I am discussing the relationship of SRPMs and RPMs, which is a valid > point on this thread given the point that the RPMs and SRPMs have been > mismatched for some time and that the current process calls for manual > rather than automatic synchronisation. I have no idea if that is true for the RPMs - as I said, we haven't been discussing them. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company