[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Release, bindings (Was: svn commit: r12731 - trunk/notes)

From: <kfogel_at_collab.net>
Date: 2005-01-14 20:36:13 CET

Ben Reser <ben@reser.org> writes:
> b) Testing beta tarballs seems not very useful. This ignores that the
> tarball production setup is fairly brittle. You guys are used to one
> person doing it and doing it in a very controlled environment (I build
> tarballs out of chroot that never does anything but build tarballs so
> there aren't any unexpected changes to the release environment).

Are you saying that it would be difficult to build a source -beta
tarball followed by a true release tarball, such that the only
difference between them is the version label? (That's surprising, if

> What I'd much rather see is, that we cut tarballs as though they were
> releases and distribute them to developers for testing. When several
> developers sign off on testing then we post them for everyone else.
> I've always been thinking 3 or 4 developers.
> While this cuts out anyone that just randomly wants to test, it isn't
> based upon the presumption that if it's there people will test it. We
> know who tested it. And presumeably we know what procedures they
> followed to test it.

That's an independent proposal, I think. If we want to have 3 or 4
developers test it, we can do that as easily with beta tarballs as
with true-but-slightly-secret tarballs. The difference is that we
can't let the latter kind of tarball out where other people could test
it too. That seems a pretty large disadvantage...

> Additionally, I've wanted us to always produce multiple GPG signatures
> for every release. One person's GPG key being compromised shouldn't be
> sufficient to sign a hacked release. As things stand now if my key was
> ever compromised so are most of the releases we've made (or at least we
> can't be assured that they aren't).

+1, I'll be happy to sign.

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jan 14 20:45:08 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.