Received: from makus.postgresql.org (makus.postgresql.org [98.129.198.125]) by mail.postgresql.org (Postfix) with ESMTP id 7E79516FA500 for ; Mon, 9 Jul 2012 08:19:48 -0300 (ADT) Received: from outmail149095.authsmtp.com ([62.13.149.95]) by makus.postgresql.org with esmtp (Exim 4.72) (envelope-from ) id 1SoC0I-0007YU-Pc for pgsql-www@postgresql.org; Mon, 09 Jul 2012 11:19:47 +0000 Received: from mail-c187.authsmtp.com (mail-c187.authsmtp.com [62.13.128.33]) by punt7.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id q69BJXVa020244 for ; Mon, 9 Jul 2012 12:19:33 +0100 (BST) Received: from mail-ob0-f174.google.com (mail-ob0-f174.google.com [209.85.214.174]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2) with ESMTP id q69BJTdH090070 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=FAIL) for ; Mon, 9 Jul 2012 12:19:30 +0100 (BST) Received: by obbuo13 with SMTP id uo13so20394923obb.19 for ; Mon, 09 Jul 2012 04:19:28 -0700 (PDT) MIME-Version: 1.0 Received: by 10.60.10.227 with SMTP id l3mr41280959oeb.39.1341832768921; Mon, 09 Jul 2012 04:19:28 -0700 (PDT) Received: by 10.60.115.69 with HTTP; Mon, 9 Jul 2012 04:19:28 -0700 (PDT) In-Reply-To: References: <1341692590.1122.1.camel@lenovo01-laptop03.gunduz.org> <2476F91B-A1B2-45DA-96EB-8F33C79A0E05@openscg.com> <1341781012.3451.0.camel@lenovo01-laptop03.gunduz.org> Date: Mon, 9 Jul 2012 12:19:28 +0100 Message-ID: Subject: Re: Linux Downloads page change From: Simon Riggs To: Dave Page Cc: Magnus Hagander , =?ISO-8859-1?Q?Devrim_G=DCND=DCZ?= , Scott Mead , "pgsql-www@postgresql.org" Content-Type: text/plain; charset=ISO-8859-1 X-Server-Quench: f3d08596-c9b7-11e1-ab46-001185d377ca X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCdxZQATClZOTQEd DAteCiN5VAwpPBRK HVkIKg5MOFUSTAAU LVlFBkJUK0ETX1xC QjoVBBYDHl14Rhkw NxVTbQRfcktMVQRj WktJDFBSHRtgBAID BxoAUx52aABOf2Fx KwdkVwIhOBACdU99 QklUW2gEZ28uPmNL UEhdfgVJIwoYeQJE awV+SSJfZWMaZnph Rl9uM2tuYj5WPh5Y EEk+NV0JWEJOASEj clgmHDMyDQUpQDo1 KxsvJkVUBE8ePw05 MVInVl9w X-Authentic-SMTP: 61633235383639.1000:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 209.85.214.174/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Pg-Spam-Score: -2.6 (--) X-Archive-Number: 201207/47 X-Sequence-Number: 20796 On 9 July 2012 10:44, Dave Page wrote: > It gets pushed periodically when I remember to do it (or someone > reminds me), which I guess you've forgotten given that we've had this > exact same discussion before. That highlights a key flaw. If we distribute RPMs then the SRPMs should exactly match. If they don't, that's a pretty serious set of bugs we're introducing. Can I suggest that the process be changed? Push the SRPM code, then generate RPMs from the released SRPM code. That way there is no opportunity to forget anything. This is a substantial security concern, not just a forgotten task. Perhaps it would be useful to have a "build farm" that builds the RPMs from SRPMs automatically, then we will have no need for manually updating the RPMs at all. (And I mean build all binaries from publicly available build scripts). -- Simon Riggs http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services