19:07:47 <misc> #startmeeting 19:07:47 <Inigo_Montoya`> Meeting started Wed Aug 31 19:07:47 2011 UTC. The chair is misc. Information about MeetBot at http://wiki.debian.org/MeetBot. 19:07:47 <Inigo_Montoya`> Useful Commands: #action #agreed #help #info #idea #link #topic. 19:07:47 <erzulie> [ MeetBot - Debian Wiki ] 19:07:56 <misc> #name packager meeting 19:08:04 <misc> #chair ennael 19:08:04 <Inigo_Montoya`> Current chairs: ennael misc 19:08:26 * ennael slaps Nanar 19:08:38 <Nanar> ennael: ouch 19:08:40 <misc> nice, ennael is present 19:08:46 <ennael> :) 19:08:51 <ennael> sorry for the delay 19:09:46 <ennael> ok let start with our favorite topic 19:09:48 <ennael> backports 19:09:57 <AL13N> :) 19:10:01 <ennael> #topics finalize backports policy 19:10:08 <ennael> #topic finalize backports policy 19:10:24 <ennael> so as said in mail we were late to propose final text 19:10:49 <ennael> http://mageia.org/wiki/doku.php?id=backports_policy 19:10:49 <erzulie> [ backports_policy [Mageia temporary wiki] ] 19:10:53 <ennael> here it is 19:11:14 <ennael> as said in previous meeting this is the policy to start with, review planned in 6 months 19:12:02 <ennael> some topics were not managed as for example managing backports in 2 stable releases 19:12:11 <ennael> this will be done in next review 19:13:00 <ennael> so basically you will find scope, who / how to do it 19:13:28 <AL13N> i have some more questions on it 19:13:36 <ennael> yep 19:13:57 <AL13N> updates and sec. updates of backports go into backports, i assume? 19:14:03 <ennael> yes 19:14:35 <ennael> but out of scope of secteam for now 19:14:40 <AL13N> what about cauldron having newer packages? does this mean we do submit backports first and then cauldron? 19:14:53 <ennael> read this page please before please 19:15:04 <AL13N> or after backport submit, submit again cauldron? 19:15:08 <AL13N> i just read page 19:15:21 <misc> cauldron first 19:15:21 <ennael> so you should have answer 19:15:31 <Stormi> does a packager who provides a backport commit to update it when issues arise ? 19:15:33 <Nanar> "We need to ensure that upgrades never fail: cauldron must always have a higher version/release than in stable releases." 19:15:36 <Stormi> (sorry my internet connexion has some problems, I can miss part of the discussion) 19:15:47 <AL13N> do we use %mkrel 2 for cauldron or %mkrel 0 for backports? 19:16:03 <Nanar> AL13N: no because mkrel handle it 19:16:26 <Nanar> eg 1.mga1 versus 1.mga2 currently 19:16:35 <AL13N> oh yes, of course 19:16:36 <AL13N> sorry 19:16:43 <AL13N> i didn't think this through 19:16:48 <AL13N> one more question 19:17:08 <AL13N> how do we submit backports? from cauldron svn or from a new backport svn? 19:17:23 <misc> cauldron svn 19:17:30 <ennael> If necessary update Cauldron package and submit to backport_testing 19:17:41 <AL13N> ok, thx 19:17:56 <Nanar> then this is different from updates ? 19:18:05 <misc> yes 19:18:05 <tmb> and branch goes where ? 19:18:12 <ennael> we may add precise command to be run 19:18:23 <misc> tmb: markrelease ? 19:18:32 <Anssi> regarding the last two steps, does "tester" mean qa-bugs@ and "move to backport" mean asking sysadmin-bugs@ to move it? 19:19:02 <Stormi> I proposed to the qa team that we create qa-backports list 19:19:09 <Stormi> to provide testing without mixing with updates 19:19:16 <tmb> misc: if I want to provide version x as backports and version y in cauldron, where do I branch of x ? 19:19:17 <Stormi> they agreed with the idea 19:19:26 <ennael> Stormi: the point is to ask the guy making backports to find his own testers 19:19:40 <ennael> you want backports you find testers 19:19:54 <ennael> as we really need to increase testers 19:19:58 <misc> tmb: well, you have 1 version in cauldron and the same in backports 19:20:00 <ennael> qa may help of course 19:20:27 <misc> tmb: if something is suitable for be included in next releas,e and so in cauldron, then it should be suitable for backport too 19:20:49 <Stormi> maybe then a qa-backports list in CC so that list subscribers who want can help 19:21:25 <Stormi> or a keyword 19:21:32 <ennael> sure 19:21:33 <misc> Stormi: as I said, fist show there is people who want to subscribe to a list before creating 19:21:48 <misc> we created enough unused list for i18n people 19:21:52 <tmb> misc: not always.. there may be an some change in version y that is not in version x, so only version x is suitable for backports, not y... 19:22:39 <misc> tmb: like ? 19:23:07 <misc> in fact, that's a point, but unless people want to wait another month for backport, this would have to wait for next review 19:24:24 <Stormi> will old backports be removed (ie only one backported version at a given time in a given media) ? 19:24:32 <Stormi> like in updates 19:24:38 <misc> Stormi: that's default behavior of youri 19:24:44 <boklm> old updates are not removed 19:24:45 <Stormi> ok, fine for me 19:24:51 <Stormi> hmm 19:24:53 <tmb> misc: for example, maybe a kernel 2.6.39 in backports, but not 3.0.x because of stuff checking for 2.6.* 19:24:54 <misc> and I think, unless we want evergrowing hdlist, this should be kept 19:25:10 <misc> tmb: then do the backport when 2.6.39 is the latest kernel 19:25:18 <misc> tmb: or do like fedora, and push 2.6.40 19:25:41 <Stormi> misc: it's the default of youri, but with the updates pushing script and backport pushing script there will be, maybe it's not removed ? 19:26:24 <misc> Stormi: we will see what the script does when it will be wrote 19:26:52 <Stormi> well, the policy can be decided now, removing or not removing 19:27:07 <misc> I would remove, personnaly , for the aformentioned reason of hdlist 19:27:21 * ennael would remove also 19:27:27 <misc> now, if the script do not do it, noone will die, like no one die from not having updates cleaned 19:27:29 <Stormi> I vote for it too 19:28:02 * boklm would prefer to keep old versions available to have them in case of problem 19:28:59 <misc> tmb: I guess that kernel is a exception as usual :/ 19:29:18 <tmb> misc: well not only kernel... 19:29:19 <misc> tmb: but I also think the 3.0 switch is expectional 19:29:31 <misc> so if you have a better exemple 19:29:46 <AL13N> lol @ expectional 19:30:27 <tmb> if one want to push a stable branch to backports, but have next devel version in cauldron a branch is needed 19:31:11 <tmb> that is if you want to provide security updates/bug fixes to the stable branch... 19:31:30 <Stormi> that's my opinion too but i'm ok to wait for the next policy review 19:31:35 <Stormi> to move forward 19:31:58 <misc> tmb: there is 2 problem : 1) security for backport are not assured 19:33:18 <misc> 2) cauldron is here to prepare the next release, and so, that mean that we do not upload broken stuff 19:33:35 <Stormi> broken maybe not, but beta yes 19:33:39 <misc> that's already annoying when people break it by error, so I think we should try to avoid breaking on purpose :/ 19:34:11 <tmb> of course one option is to create a cauldron/<package>/branch/backports and submit from there... 19:34:39 <misc> ok, so let's discuss again for 1 month ? 19:34:47 <doktor5000__> when talking about exceptions, sound similar for thunderbird, if there will be 1 backport version and 1 update version, so is there really a point in splitting efforts there? 19:35:17 <AL13N> i'm ok with tmb for manual creation of branch in exceptional cases 19:35:23 <tmb> misc: yep, just voicing my thoughts.. 19:36:35 <ennael> I guess policy can be improved. We can start as it for now and those who wants to make proposals should do it on wiki providing all needed stuff also to implement it 19:37:04 <Nanar> doktor5000__: yes, update must not change behavior, whereas backports can 19:37:50 <ennael> #info current backport policy is now available on http://mageia.org/wiki/doku.php?id=backports_policy 19:37:51 <erzulie> [ backports_policy [Mageia temporary wiki] ] 19:38:06 <tmb> yeah, I dont want to delay the backports :) 19:38:10 <ennael> ;) 19:38:17 <andre999> it seems a good initial policy for now 19:38:19 <Stormi> so next step is from sysadmin team to open the "gates" and provide the needed scripts ? :) 19:38:22 <ennael> ok let speak now about another burning topic 19:38:53 <ennael> Stormi: yep I will mail -dev about it and we will see that in coming days 19:38:59 <Stormi> great 19:39:03 <ennael> ok 19:39:07 <ennael> #topic Updates managament 19:39:12 <ennael> here it is again 19:39:28 <ennael> this is not only burning this is about Mageia future 19:39:50 <ennael> the point is do we want to provide a stable and supported distro 19:39:55 <ennael> I guess answer is yes 19:40:05 <Remmy> or hell yes 19:40:07 <Stormi> it is 19:40:18 <andre999> indeed 19:40:20 <ennael> for now we are just not able to do it 19:40:42 <ennael> meaning very late on packagers side and tests 19:40:53 <ennael> for sure rather on packagers for now 19:40:55 <sander85> hmm, good topic 19:41:15 <sander85> fx6.0.1 was pushed into updates_testing, where is bug? 19:41:18 <Stormi> yes, tests have been increasing over time, it's not in a bad shape 19:41:18 <ennael> that's why on our opinion backports is really not a big priority 19:41:22 <misc> because most package do not have a maintainer set in the db 19:41:31 <ennael> also yes 19:41:33 <sander85> i think if someone is pushing update he/she should also open bug about it 19:41:45 <ennael> sander85: that's not the pb 19:41:52 <doktor5000__> sander85: same bug as ff5? was also used for ff6.0 19:42:04 <ennael> stew started a great job reporting a list of security issues 19:42:11 <sander85> no, there is 6.0.1, security issue 19:42:17 <ennael> the point is after 2 months we are still pending issues 19:42:28 <ennael> so we have 2 things to do here 19:42:43 <ennael> managing pending updates to reduce this list 19:42:48 <sander85> well, there is also no point to push update candidate if testers don't know about it 19:42:56 <ennael> and launch kind of "save the planet, adopt packages" 19:43:13 <ennael> sander85: I don't think that's the point here 19:43:38 <andre999> ennael: great slogan :) 19:43:48 <ennael> seacteam in Mandriva did not know all single package in main 19:43:55 <doktor5000__> ennael: therefore we definitely need more packagers and that implies more mentors 19:43:56 <Remmy> Triage, QA and security wise, I've seen improvements in the past week - two weeks... too early to cheer and too early to say we have solved the problem, but it looks like things are moving in the right direction at least. 19:43:56 <AL13N> ennael: i like "save the magic, adopt packages", someone could send a huggy mail to mageia-dev for awareness 19:44:20 * Stormi agrees with Remmy 19:44:37 <Stormi> now we are waiting for the packagers to submerge us with updates :) 19:44:43 <ennael> ok progress has been done on tests side 19:44:46 * misc cough *qemu* 19:44:50 <ennael> :) 19:44:55 <Stormi> misc: how old is that update ? 19:44:57 <sander85> well, thank dmorgan for this improvement 19:45:05 <Remmy> Still, we are about a dozen FTE's short, lol 19:45:15 <sander85> we finally have person who is pushing updates 19:45:17 <zemo> misc: can you check what hapened to dkms-rtl8192ce_se_de, its not in mirror 19:45:23 <Stormi> misc: 1 day 19:45:28 <ennael> zemo: we are in a meeting 19:45:37 <sander85> zemo = ze? 19:45:42 <ennael> so 19:45:45 <zemo> ennael: didnt knew, sorry 19:45:46 <ennael> back to our topic 19:45:55 <sander85> zemo: read the list 19:45:57 <ennael> how can we improve this? 19:46:17 <ennael> improving list of assigned packages for sure 19:46:49 <ennael> but we can also ask help to look for patches needed and to be proposed to submit in testing updates 19:46:59 <leuhmanu> it's the packager who must make the package or secteam? see https://bugs.mageia.org/show_bug.cgi?id=2511 for example 19:47:00 <erzulie> [ Bug 2511 - libxfont needs to be updated to 1.4.4 (security fix) ] 19:47:10 <Stormi> the packager 19:47:18 <Remmy> I don't know if one can set ownership of a package to someone other than yourself? If yes, perhaps also give the triage team lead that ability? 19:47:31 <Stormi> in my opinion secteam role can limit to monitor security issues and open bug reports 19:47:41 <doktor5000__> raise awareness in the forums/mailing lists that testers and comments on bugreports are needed 19:47:41 <leuhmanu> Stormi: yep agreed 19:47:45 <Stormi> and packagers should do the rest (+ QA) 19:47:50 <sander85> yeah, in good world 19:47:59 <sander85> but we have 5k orphaned packages 19:48:15 <sander85> can ennael patch all those she imported? :) 19:48:22 <Remmy> And on secteam, is there anyone else on that team / group other than stewb? Looks like he got disheartened with the lack of progress and threw in the towel. 19:48:32 <misc> Remmy: there is a list of people on the wiki 19:48:33 <sander85> we also have apache with a pretty bad sec issue 19:48:52 <misc> but either they are 1) busy elsewhere 2) busy in real life 19:48:54 <Remmy> misc: Aye, but are they automatically on security@groups.mageia.org ? 19:49:02 <misc> Remmy: no, only stew 19:49:07 <doktor5000__> stewb only cancelled his mentoring efforts, no? 19:49:11 <AL13N> sander85: actually, likely i can take on the apache issue, since i'm doing this one for $dayjob anyway 19:49:25 <AL13N> sander85: if it's the same issue 19:49:35 <Remmy> doktor5000__: That, and closed the open security bugs, and is not here... I think he's not a happy camper right now. 19:49:47 <sander85> AL13N: https://bugs.mageia.org/show_bug.cgi?id=2510 19:49:48 <misc> Remmy: bt the security group was mean't in case of security issue in our own product ( ie, our code, our infra ) 19:49:48 <erzulie> [ Bug 2510 - Apache susceptible to ddos attack ] 19:49:52 <Remmy> I'd be happy to be wrong on this one though 19:50:52 <Stormi> who here is ready to fix some security issues (be it on packages they maintain or not) ? 19:50:53 <sander85> hmm, ok, i was quite sure that secteam was there to help with all security issues.. now i know better :/ 19:51:09 <misc> Stormi: I do ( and did ) 19:51:15 <mikala> Stormi: i can help for that 19:51:22 <ennael> sander85: secteam cannot handle all of them 19:51:24 <Stormi> I think I can try too 19:51:35 <mikala> except that i'm quite busy in fact for the next 2 months 19:51:41 <mikala> so i'm not reliable enough 19:51:43 <sander85> maybe at least those that have no maintainer? 19:51:47 <leuhmanu> https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=Open%20security%20issues&sharer_id=151 19:51:48 <erzulie> [ Log in to Bugzilla ] 19:51:50 <Stormi> and will try to have one of my apprentices fix some 19:52:03 <Remmy> Would be nice if we can Cc some sort of security team on bugs and have it go to people with at least some interest in fixing it 19:52:04 <ennael> https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=security&sharer_id=69 19:52:04 <leuhmanu> none of this rpm have a maintainer 19:52:05 <erzulie> [ Log in to Bugzilla ] 19:52:06 <Stormi> + Remmy when triage gives him time :) 19:52:21 <ennael> can we focus on that list first to reduce it 19:52:33 <Stormi> are security bugs easy to identify in bugzilla ? 19:52:45 <misc> Remmy: that's the maintainer job 19:52:45 <Stormi> are must we add a keyword ? 19:52:46 <ennael> #url https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=security&sharer_id=69 19:52:47 <erzulie> [ Log in to Bugzilla ] 19:52:50 <andre999> there is a potential apprentice with lots of Linux skills who would like to help with security - but he needs orientation for Mageia 19:52:50 <Stormi> s/are/or/ 19:53:01 <ennael> andre999: no pb then 19:53:08 <ennael> andre999: does he have mentor ? 19:53:13 <misc> Remmy: and the problem is really the maintainer is not in the db 19:53:13 <leuhmanu> Stormi: saved search 19:53:22 <andre999> but stewb seems to overloaded to help him 19:53:29 <andre999> needs an apprentice 19:53:33 <Stormi> a mentor 19:53:35 <ennael> ? 19:53:39 <andre999> motivated with nice manners 19:53:52 <ennael> andre999: sorry I don't understand you 19:54:15 <andre999> ennael: he needs a mentor 19:54:30 <ennael> ok clearer :) 19:54:37 <ennael> do we have here sombody available ? 19:54:40 <Remmy> dotmil? 19:55:02 <andre999> he has a lot of .deb packaging experience 19:55:07 <andre999> dotmil 19:55:32 <ennael> any mentor available here? 19:55:54 <misc> we could keep this for the topic "mentroing review" :) ? 19:56:04 <ennael> mmm yes 19:56:10 <Stormi> hoping that potential mentors don't run before :) 19:56:19 <Stormi> so are only misc, mikala and myself ready to fix some security issues ? 19:56:20 <andre999> ok - just we were talking about security and he was interested in helping 19:56:39 <Remmy> Stormi: I'm willing too, but all my fixes will have to go through you for now. 19:56:45 <ennael> so we have for now Stormi, misc, mikala to help on current list 19:56:54 <Stormi> Remmy: that's ok for me :) 19:56:55 <Nanar> Stormi: I am ready to fix security issue on my own packages 19:56:57 <ennael> of course everybody not here tonight 19:57:24 <doktor5000__> i'd also volunteer to fix security issues, but someone needs to review those 19:57:34 <ennael> doktor5000__: who is your mentor ? 19:57:38 <doktor5000__> Anssi 19:57:41 <sander85> maybe write into list to get more people into that secteam list 19:57:45 <Stormi> someone needs to review mine in fact, at least the first ones : 19:57:49 <Stormi> :) 19:57:55 <ennael> Anssi: can you help in reviewing sec fixes for doktor5000__ ? 19:58:21 <Stormi> sander85: here we're not exactly speaking about secteam but packagers who fix sec bugs, I think this is different 19:58:35 <Stormi> if we agree that secteam is who monitors CVEs 19:58:39 <Stormi> and opens bugs 19:58:51 <ennael> maybe it's not clear enough in wiki 19:58:54 <Stormi> (which doesn't solve the need for a secteam) 19:59:11 <misc> and there is the case of non security bug, that are also important to manage 19:59:25 <sander85> well, that ml is marked at least as cc and could have more people following 19:59:42 <Anssi> ennael: yes 19:59:49 <ennael> Anssi: thanks :) 19:59:56 <ennael> doktor5000__: you can work on it then :) 20:00:34 <ennael> misc: yep 20:00:53 <ennael> we should have also a precise list to be monitored 20:01:04 <ennael> and we are back on maint db topic 20:01:10 <boklm> precise list ? 20:01:17 <ennael> boklm: in bugzilla 20:01:32 <boklm> ? 20:01:34 <ennael> searcj like all bugs opened on mageia1 may be good candidate 20:01:38 <ennael> search 20:01:45 <boklm> ah 20:02:04 <Stormi> I think leuhmanu and Remmy probably already have a saved search for that 20:02:12 <ennael> Remmy: ? 20:02:28 <leuhmanu> for what ? 20:02:36 <Stormi> for bugs opened on mageia 1 20:02:41 <leuhmanu> ah yes 20:02:44 <Stormi> sure, it's not a difficult search to do :) 20:02:59 <Remmy> yup, and all searches still assigned to bugsquad, etc. 20:03:04 <leuhmanu> https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=Bugs%20not%20triaged%20%28excl%20new%20RPM%20requests%29&sharer_id=35 20:03:05 <erzulie> [ Log in to Bugzilla ] 20:03:05 <Stormi> I wanted to have charts to see how it evolves but bugzilla had problems last time I tried 20:03:16 <Remmy> We (or leahmanu mostly) are making our way through it, but slowly. 20:03:37 <leuhmanu> you can found all saved search here: https://bugs.mageia.org/userprefs.cgi?tab=saved-searches 20:03:38 <erzulie> [ Log in to Bugzilla ] 20:04:09 <misc> Stormi: I think we got ths one fixed 20:05:08 <Remmy> BTW, I have a few "shared searches", but they do not show. Is that just to me, or does something need to be done to share them? 20:05:12 <Stormi> misc: hmm, it still doesn't work for me. I'll come back to sysadmin irc channel someday. 20:05:27 <leuhmanu> Remmy: ie ? 20:05:56 <Remmy> "Stale bugs (90 days)" for example 20:06:09 <sander85> Remmy: you can share it somewhere 20:06:10 <doktor5000__> looked at it a bit, and some of the aforementioned security bugs have nothing to do with security issues 20:06:10 <leuhmanu> we see it 20:06:12 <Remmy> I have it set as shared, but it doesn't show as a search for me 20:06:16 <doktor5000__> like https://bugs.mageia.org/show_bug.cgi?id=1530 20:06:17 <andre999> the saved searches should show a date - and be sortable by date 20:06:18 <erzulie> [ Bug 1530 - msec should use mga icon after rebranding ] 20:06:25 <doktor5000__> or https://bugs.mageia.org/show_bug.cgi?id=2040 20:06:27 <erzulie> [ Bug 2040 - could not change permissions while copying files to an NTFS partition ] 20:06:39 <doktor5000__> i'd call that small cosmetics, not security 20:06:44 <leuhmanu> Remmy: you don't see your shared search 20:06:53 <leuhmanu> (same for me) 20:06:55 <Stormi> Remmy: I see it 20:07:02 <Remmy> leuhmanu: As long as you (and others) see it, I'm happy :) 20:07:12 <ennael> ok let stop discussion about shared search for tonight :) 20:07:27 <andre999> :) 20:07:38 <ennael> doktor5000__: feel free to propose modification in bugs 20:07:39 <Nanar> ennael: thks 20:08:05 <leuhmanu> (sorry) 20:08:18 <ennael> #action Stormi, mikala, misc, doktor5000__ volunteer to help in reducing current sec bugs for now 20:08:59 <ennael> #action new post planned on -dev ML to focus on security updates and bugs fixes 20:09:25 <Stormi> planned and there's someone designated to write it ? :) 20:09:27 <ennael> #action focus on packages maintenance - adoption campaign 20:09:36 <ennael> Stormi: we will do it 20:09:40 <Stormi> ok :) 20:09:45 <ennael> feel free to comment and add things on it 20:10:21 <ennael> anything to add ? 20:10:31 <sander85> can someone with better english update updates policy so that if maintainer uploads new package into updates_testing (s)he will also add bug about it for QA? 20:10:41 <doktor5000__> removed one security issue already :) 20:10:44 <AL13N> one more thing 20:10:51 <AL13N> descriptions for rpmdrake 20:10:58 <AL13N> usefull for sec updates 20:11:04 <Stormi> sander85: please send a mail to qa-discuss ML 20:11:16 <Stormi> ennael: yes if topic is about updates in general I have things to add 20:11:23 <Stormi> about security nothing more 20:11:37 <ennael> Stormi: shoot 20:11:39 <misc> sander85: the bug is just assigned to qa-bugs, no ? 20:11:54 <sander85> mikala: which bug? 20:12:18 <sander85> sry, mikala :) 20:12:19 <Stormi> 1) the reason for update still doesn't show up in rpmdrake, is there someone wanting to work to fix it ? 20:12:21 <sander85> misc? 20:12:35 <ennael> Stormi: I can ask titi to have a look 20:12:40 <ennael> tv 20:12:50 <doktor5000__> ennael: ok to change https://bugs.mageia.org/show_bug.cgi?id=1530 away from security? as this is open for 3 months, and there was no quick fix even when it was set to "security" 20:12:51 <erzulie> [ Bug 1530 - msec should use mga icon after rebranding ] 20:12:55 <Stormi> it's not a rpmdrake bug but the fact we don't produce the advisory file for now 20:13:13 * AL13N agrees with Stormi 20:13:17 <ennael> doktor5000__: I will handle it tomorrow as it's about license... my bad i'm late 20:13:21 <Stormi> advisories are written but not stored in a file that can be read by rpmdrake 20:13:30 <Stormi> or a db or whatever 20:14:00 <misc> doktor5000__: that's not a security problem 20:14:11 <AL13N> i provided my updates with Advisory text, but it's unused :-( 20:14:20 <ennael> Stormi: will have a look with people managing it previoulsy 20:14:25 <Stormi> ok 20:14:37 <sander85> misc: <misc> sander85: the bug is just assigned to qa-bugs, no ? <--- ??? 20:14:53 <ennael> #action look for a way to use advisory in rpmdrake 20:14:58 <misc> sander85: "updates_testing (s)he will also add bug about it for QA?" 20:15:24 <leuhmanu> AL13N: https://ml.mageia.org/wwsympa-wrapper.fcgi/arc/updates-announce 20:15:25 <erzulie> [ updates-announce - Packages update for stable release - arc_protect ] 20:15:40 <Stormi> my second point is about dependencies. Discussion is ongoing about whether we must push all dependencies to updates or change (fix ?) urpmi so that it can use core/release to install dependencies of updates 20:15:43 <doktor5000__> misc: but was on the list for security issues, not anymore now ;) 20:15:44 <sander85> misc: yes, first firefox was submitted into updates_testing, now rootcerts landed and also no bug about it, how should QA know they need to test? 20:15:50 <AL13N> leuhmanu: ah, tnx i didn't know /o\ 20:16:02 <Stormi> I think about this point (dependencies in updates) the discussion has lasted enough and we need a decision 20:16:10 <misc> sander85: well, my point is "use the current bug rather than a new one" 20:16:19 <ennael> Stormi: I would say provide deps for now and we look for a fix 20:16:28 <misc> Stormi: we could do the copying for now, and patch later 20:16:30 <ennael> this was on the way in mdv in last days 20:16:34 <misc> but as usual, no one will patch :/ 20:16:44 <ennael> just have to check this 20:16:55 <sander85> misc: well, i don't mind if old bug is used, but it should be still reopened then, by the packager who pushed update 20:17:00 <Stormi> ok, I'll answer that to the thread in the ML and we will follow this path in QA team 20:17:15 <ennael> yes please 20:17:17 <misc> sander85: we will see after the meeting 20:17:20 <Stormi> nothing more to add to the topic 20:17:38 <misc> Stormi: but that requires people to say what should be copied 20:17:59 <ennael> sure 20:18:04 <misc> ( becaue that's the problem of copying, we cannot know what to copy, or we would duplicate release to be safe ) 20:18:09 <ennael> and at least qa should test it also 20:18:15 <Stormi> QA team can detect that during testing 20:18:22 <Stormi> using MageiaUpdate to update 20:18:28 <Stormi> and see that install fails 20:18:43 <misc> provided the software is not already installed 20:18:44 <sander85> actually, i have one more question about updates 20:18:45 <Stormi> if packagers find out before, it's better 20:18:52 <Stormi> misc: indeed 20:19:02 <Stormi> I will think about it 20:19:19 <sander85> firefox update means a lot more packages to be updated than just one or two, and tracking this is kinda hard, any ideas here? 20:19:31 <Stormi> sander85: dmorgan is writing a wiki page about it 20:19:37 <Stormi> to ease the process 20:19:43 <sander85> ok 20:19:56 <misc> sander85: I guess adding a sctrict requires like firefox-version = 6.0 could make us use urpmf to find them 20:20:00 <AL13N> i would like to be warned, because i have beid-middleware which has an xpi 20:20:35 <sander85> misc: it's not about finding, it's more about getting them all tested with new version of fx 20:20:39 <Stormi> AL13N: just make sure it is added to the process on the wiki and it should be fine 20:20:46 <AL13N> k thx 20:20:49 <AL13N> Stormi: link? 20:20:52 <sander85> and how to keep track that all archs are tested 20:20:52 <ennael> ok can you finalize all this after meeting ? 20:20:59 <Stormi> yes after meeting 20:21:01 <ennael> so that we can switch topic 20:21:11 <misc> sander85: most xpi should be noarch, as that's javascript and xml 20:21:49 <sander85> well, most are but not all 20:22:21 <misc> sander85: use "dependent bug" feature of bugzilla ? 20:22:24 <dmorgan> misc: a scrict requires where ? 20:22:35 <misc> dmorgan: on the xpi 20:22:47 <sander85> i was thinking about some online todo list for QA, but i'm not sure 20:23:23 <Stormi> sander85: we'll have one too for firefox yes, the same page with a packager section and a QA section 20:23:28 <sander85> opening new bug for every fx ext doesn't make sense 20:23:39 <dmorgan> misc: i beg to disagree because some extensions won't need to be rebuilded each time 20:23:42 <sander85> more and more extensions added every day 20:23:50 <misc> dmorgan: then don't add the requires 20:24:03 <misc> sander85: let's see after the meeting ? 20:24:38 <andre999> probably most extensions won't need rebuilding 20:24:44 <sander85> or tomorrow :) i'm sleepy it's almost 23:30 here :) 20:24:49 <ennael> ok 20:25:00 <ennael> feel free to mail -dev to deal with this 20:25:01 <sander85> andre999: all that have version check in them 20:25:12 <AL13N> ok, next topic? 20:25:21 <ennael> #topic Triage review 20:25:27 <ennael> leuhmanu: your turn ! 20:25:41 <leuhmanu> oh 20:25:43 <andre999> sander85: but version updated automatically, no ? 20:26:14 <leuhmanu> most of the problem is maintdb quite empty 20:26:15 <ennael> andre999: after meeting please :) 20:26:30 <andre999> ok 20:26:32 <sander85> andre999: for extensions in amo, yes ... but not for those that are rpms (that's why i'm against them :( ) 20:26:41 <ennael> leuhmanu: as said before we will focus on this in coming days 20:26:48 <ennael> sander85: after meeting please :) 20:26:50 <leuhmanu> ah yes indeed 20:27:41 * Stormi is interested in triage but can't be everywhere :) 20:27:57 <leuhmanu> I will post a weekly mail on -dev about sec bugs, 'normal' bug and package request 20:28:18 <Remmy> We need a millionaire to hire some people :) 20:28:26 <Stormi> yes, I candidate ! 20:28:37 <Stormi> (for the job, I'm not the millionaire) 20:28:39 <AL13N> Stormi: ok, pay me fulltime to work on mageia! 20:28:43 <AL13N> oh :-( 20:28:55 <ennael> please can we focus on topic 20:29:00 <ennael> already 1h30 of meeting 20:29:28 <Remmy> sorry 20:30:21 <ennael> triage and QA teams are also working on blog post to explain the job and look for volunteers 20:31:24 <ennael> leuhmanu, Remmy : anything else to add ? 20:31:25 <sander85> i'm subscribed to bugs ml so if i see that i can help i'll do it 20:31:34 <ennael> thanks sander85 20:31:43 <leuhmanu> nop for me 20:31:54 <ennael> ok so we wait for your reports then :) 20:32:12 <Remmy> No... other than an invitation for people to have a look at the piratepad you created for the blog post :) 20:32:13 <ennael> #topic triage team will provide weekly report on-dev 20:32:33 <ennael> argh 20:32:36 <misc> #topic Triage review 20:32:36 <ennael> #undo 20:32:36 <Inigo_Montoya`> Removing item from minutes: <MeetBot.items.Topic object at 0x82acd0c> 20:32:41 <misc> #topic Triage review 20:32:50 <ennael> #action triage team will provide weekly report on-dev 20:33:47 <ennael> ok 20:33:56 <ennael> #topic QA review 20:34:02 <ennael> Stormi: your turn ? 20:34:05 <Stormi> ye 20:34:27 <Stormi> most has already be said in the mail I sent to the -dev mailing list about updates 20:34:37 <Stormi> and during the previous discussion here 20:35:00 <Stormi> to summarize : we have volunteers, they are doing the job, as far as testing is concerned 20:35:25 <Stormi> we probably can find things to improve, but I think we can let us some time to work and see what to improve afterwards 20:35:25 <ennael> ok 20:35:47 <Stormi> we just started to test security updates so we don't have much experience about those 20:35:56 <Stormi> but we'll find out 20:36:29 <ennael> ok do not hesitate to ask on -dev 20:36:32 <Stormi> yes 20:36:43 <Stormi> do packagers have remarks about the QA team work ? 20:37:41 <misc> no one told me anything 20:38:12 <ennael> Stormi: let see in coming weeks what happens 20:38:14 <Stormi> yes 20:38:21 <ennael> I'm sure they will shout if needed :) 20:39:03 <Stormi> QA's job is to point other peoples errors so sometimes it can be not easy :) 20:39:14 <Stormi> but we do that without any sadism ;) 20:39:14 <ennael> sure 20:39:28 <ennael> anything else to add? 20:39:37 <Stormi> I don't think so 20:39:46 <ennael> ok thanks 20:39:52 <ennael> #topic mentoring review 20:40:09 <ennael> andre999: your turn 20:40:14 <andre999> ok :) 20:40:31 <andre999> I'd like to start with some potential apprentices 20:40:48 <andre999> we have dotmil (Josh King) 20:41:21 <andre999> he is quite experienced with Linux, and would like to help wherever needed 20:41:43 <andre999> has been reading up on the wiki, including packager and security pages 20:42:05 <ennael> anybody available ? 20:42:27 <misc> not now I fear :/ 20:42:34 <ennael> mmm 20:42:39 <andre999> from discussions earlier, maybe misc / mikala / stormi ? 20:43:01 <Stormi> I already have 4 apprentices and am not very confident about sysadmin stuff for now 20:43:11 <Stormi> and need practicing security fixes 20:43:24 <Stormi> so I'd prefer someone else 20:43:26 <andre999> misc: he's a sysadmin in his day job, but needs familiarisation with Mageia 20:43:35 <andre999> maybe Mikala ? 20:43:36 <Remmy> I'm somewhat concerned that we're still overloading the usual suspects time and again and that whenever we ask for help, we are all fishing in the same small pond of fish. 20:43:38 <pterjan> :v libmedia3_1 -v 1 20:43:39 <Sophie> pterjan: The rpm named `libmedia3_1' has not been found in (Mageia, 1, i586) 20:43:52 <pterjan> :q libmedia -v 1 20:43:52 <ennael> andre999: mikala is busy wiuth his own very personal release I guess :) 20:43:59 <Sophie> pterjan: rpm name matching `libmedia' in (Mageia, 1, i586) : 20:43:59 <Sophie> pterjan: libmediastreamer0 20:44:09 <misc> andre999: I am starting a new job tomorow, so not me , no time 20:44:17 <ennael> andre999: can you mail -dev ? 20:44:17 <andre999> ok - just trying to find someone 20:44:25 <ennael> will try to find on my side also 20:44:26 <andre999> misc: ok 20:44:38 <andre999> ennael: will do 20:45:08 <andre999> after my discussion with dotmil, am sure he will be a big asset 20:45:14 <Remmy> misc: Congrats :) 20:45:34 <andre999> there is also barjac 20:45:55 <barjac> Yes ;) 20:46:18 <andre999> barjac: to find a mentor for you 20:46:53 <andre999> I've been busy this week so not much more to report 20:46:59 <sander85> barjac may buzz me but final review for specs is needed from someone else.. i'm myself a junior :) 20:47:01 <ennael> ok can you post a mail with pending guys looking for mentor 20:47:17 <ennael> with detailed profile and what they really need to be mentor on 20:47:19 <andre999> ok :) 20:47:28 <andre999> good idea 20:47:34 <ennael> will help to find a victim^w^wvolunterr 20:47:37 <ennael> volunteer 20:47:56 <ennael> ok anything else to add ? 20:47:58 <andre999> I had that in mind when I approached potential mentors 20:48:01 <andre999> yes 20:48:29 <andre999> misc: could you send me the list of packager pseudos ? 20:48:41 <andre999> or some other packager 20:48:45 <misc> andre999: mhh ? 20:49:03 <andre999> remember I asked for a list ? 20:49:11 <andre999> to help me find mentors ? 20:49:12 <misc> i forgot, will do soon 20:49:24 <andre999> thanks :) 20:49:50 <andre999> and good luck on your new job :) 20:50:04 <ennael> (poor colleagues) 20:50:07 <ennael> hum 20:50:11 <ennael> anything else to add ? 20:50:22 <andre999> no - that's it 20:50:29 <ennael> thanks 20:50:35 <andre999> :) 20:50:48 <ennael> 1h50 I guess we can close meeting for tonight 20:50:52 <ennael> thanks for coming 20:51:06 <ennael> #endmeeting