#mageia-dev log

19:07:47 <misc> #startmeeting
19:07:47 <Inigo_Montoya`> Meeting started Wed Aug 31 19:07:47 2011 UTC.  The chair is misc. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:07:47 <Inigo_Montoya`> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:07:47 <erzulie> [ MeetBot - Debian Wiki ]
19:07:56 <misc> #name packager meeting
19:08:04 <misc> #chair ennael
19:08:04 <Inigo_Montoya`> Current chairs: ennael misc
19:08:26 * ennael slaps Nanar
19:08:38 <Nanar> ennael: ouch
19:08:40 <misc> nice, ennael is present
19:08:46 <ennael> :)
19:08:51 <ennael> sorry for the delay
19:09:46 <ennael> ok let start with our favorite topic
19:09:48 <ennael> backports
19:09:57 <AL13N> :)
19:10:01 <ennael> #topics finalize backports policy
19:10:08 <ennael> #topic finalize backports policy
19:10:24 <ennael> so as said in mail we were late to propose final text
19:10:49 <ennael> http://mageia.org/wiki/doku.php?id=backports_policy
19:10:49 <erzulie> [ backports_policy [Mageia temporary wiki] ]
19:10:53 <ennael> here it is
19:11:14 <ennael> as said in previous meeting this is the policy to start with, review planned in 6 months
19:12:02 <ennael> some topics were not managed as for example managing backports in 2 stable releases
19:12:11 <ennael> this will be done in next review
19:13:00 <ennael> so basically you will find scope, who / how to do it
19:13:28 <AL13N> i have some more questions on it
19:13:36 <ennael> yep
19:13:57 <AL13N> updates and sec. updates of backports go into backports, i assume?
19:14:03 <ennael> yes
19:14:35 <ennael> but out of scope of secteam for now
19:14:40 <AL13N> what about cauldron having newer packages? does this mean we do submit backports first and then cauldron?
19:14:53 <ennael> read this page please before please
19:15:04 <AL13N> or after backport submit, submit again cauldron?
19:15:08 <AL13N> i just read page
19:15:21 <misc> cauldron first
19:15:21 <ennael> so you should have answer
19:15:31 <Stormi> does a packager who provides a backport commit to update it when issues arise ?
19:15:33 <Nanar> "We need to ensure that upgrades never fail: cauldron must always have a higher version/release than in stable releases."
19:15:36 <Stormi> (sorry my internet connexion has some problems, I can miss part of the discussion)
19:15:47 <AL13N> do we use %mkrel 2 for cauldron or %mkrel 0 for backports?
19:16:03 <Nanar> AL13N: no because mkrel handle it
19:16:26 <Nanar> eg 1.mga1 versus 1.mga2 currently
19:16:35 <AL13N> oh yes, of course
19:16:36 <AL13N> sorry
19:16:43 <AL13N> i didn't think this through
19:16:48 <AL13N> one more question
19:17:08 <AL13N> how do we submit backports? from cauldron svn or from a new backport svn?
19:17:23 <misc> cauldron svn
19:17:30 <ennael> If necessary update Cauldron package and submit to backport_testing
19:17:41 <AL13N> ok, thx
19:17:56 <Nanar> then this is different from updates ?
19:18:05 <misc> yes
19:18:05 <tmb> and branch goes where ?
19:18:12 <ennael> we may add precise command to be run
19:18:23 <misc> tmb: markrelease ?
19:18:32 <Anssi> regarding the last two steps, does "tester" mean qa-bugs@ and "move to backport" mean asking sysadmin-bugs@ to move it?
19:19:02 <Stormi> I proposed to the qa team that we create qa-backports list
19:19:09 <Stormi> to provide testing without mixing with updates
19:19:16 <tmb> misc: if I want to provide version x as backports and version y in cauldron, where do I branch of x ?
19:19:17 <Stormi> they agreed with the idea
19:19:26 <ennael> Stormi: the point is to ask the guy making backports to find his own testers
19:19:40 <ennael> you want backports you find testers
19:19:54 <ennael> as we really need to increase testers
19:19:58 <misc> tmb: well, you have 1 version in cauldron and the same in backports
19:20:00 <ennael> qa may help of course
19:20:27 <misc> tmb: if something is suitable for be included in next releas,e and so in cauldron, then it should be suitable for backport too
19:20:49 <Stormi> maybe then a qa-backports list in CC so that list subscribers who want can help
19:21:25 <Stormi> or a keyword
19:21:32 <ennael> sure
19:21:33 <misc> Stormi: as I said, fist show there is people who want to subscribe to a list before creating
19:21:48 <misc> we created enough unused list for i18n people
19:21:52 <tmb> misc: not always.. there may be an some change in version y that is not in version x, so only version x is suitable for backports, not y...
19:22:39 <misc> tmb: like ?
19:23:07 <misc> in fact, that's a point, but unless people want to wait another month for backport, this would have to wait for next review
19:24:24 <Stormi> will old backports be removed (ie only one backported version at a given time in a given media) ?
19:24:32 <Stormi> like in updates
19:24:38 <misc> Stormi: that's default behavior of youri
19:24:44 <boklm> old updates are not removed
19:24:45 <Stormi> ok, fine for me
19:24:51 <Stormi> hmm
19:24:53 <tmb> misc: for example, maybe a kernel 2.6.39 in backports, but not 3.0.x because of stuff checking for 2.6.*
19:24:54 <misc> and I think, unless we want evergrowing hdlist, this should be kept
19:25:10 <misc> tmb: then do the backport when 2.6.39 is the latest kernel
19:25:18 <misc> tmb: or do like fedora, and push 2.6.40
19:25:41 <Stormi> misc: it's the default of youri, but with the updates pushing script and backport pushing script there will be, maybe it's not removed ?
19:26:24 <misc> Stormi: we will see what the script does when it will be wrote
19:26:52 <Stormi> well, the policy can be decided now, removing or not removing
19:27:07 <misc> I would remove, personnaly , for the aformentioned reason of hdlist
19:27:21 * ennael would remove also
19:27:27 <misc> now, if the script do not do it, noone will die, like no one die from not having updates cleaned
19:27:29 <Stormi> I vote for it too
19:28:02 * boklm would prefer to keep old versions available to have them in case of problem
19:28:59 <misc> tmb: I guess that kernel is a exception as usual :/
19:29:18 <tmb> misc: well not only kernel...
19:29:19 <misc> tmb: but I also think the 3.0 switch is expectional
19:29:31 <misc> so if you have a better exemple
19:29:46 <AL13N> lol @ expectional
19:30:27 <tmb> if one want to push a stable branch to backports, but have next devel version in cauldron a branch is needed
19:31:11 <tmb> that is if you want to provide security updates/bug fixes to the stable branch...
19:31:30 <Stormi> that's my opinion too but i'm ok to wait for the next policy review
19:31:35 <Stormi> to move forward
19:31:58 <misc> tmb: there is 2 problem : 1) security for backport are not assured
19:33:18 <misc> 2) cauldron is here to prepare the next release, and so, that mean that we do not upload broken stuff
19:33:35 <Stormi> broken maybe not, but beta yes
19:33:39 <misc> that's already annoying when people break it by error, so I think we should try to avoid breaking on purpose :/
19:34:11 <tmb> of course one option is to create a cauldron/<package>/branch/backports and submit from there...
19:34:39 <misc> ok, so let's discuss again for 1 month ?
19:34:47 <doktor5000__> when talking about exceptions, sound similar for thunderbird, if there will be 1 backport version and 1 update version, so is there really a point in splitting efforts there?
19:35:17 <AL13N> i'm ok with tmb for manual creation of branch in exceptional cases
19:35:23 <tmb> misc: yep, just voicing my thoughts..
19:36:35 <ennael> I guess policy can be improved. We can start as it for now and those who wants to make proposals should do it on wiki providing all needed stuff also to implement it
19:37:04 <Nanar> doktor5000__: yes, update must not change behavior, whereas backports can
19:37:50 <ennael> #info current backport policy is now available on http://mageia.org/wiki/doku.php?id=backports_policy
19:37:51 <erzulie> [ backports_policy [Mageia temporary wiki] ]
19:38:06 <tmb> yeah, I dont want to delay the backports :)
19:38:10 <ennael> ;)
19:38:17 <andre999> it seems a good initial policy for now
19:38:19 <Stormi> so next step is from sysadmin team to open the "gates" and provide the needed scripts ? :)
19:38:22 <ennael> ok let speak now about another burning topic
19:38:53 <ennael> Stormi: yep I will mail -dev about it and we will see that in coming days
19:38:59 <Stormi> great
19:39:03 <ennael> ok
19:39:07 <ennael> #topic Updates managament
19:39:12 <ennael> here it is again
19:39:28 <ennael> this is not only burning this is about Mageia future
19:39:50 <ennael> the point is do we want to provide a stable and supported distro
19:39:55 <ennael> I guess answer is yes
19:40:05 <Remmy> or hell yes
19:40:07 <Stormi> it is
19:40:18 <andre999> indeed
19:40:20 <ennael> for now we are just not able to do it
19:40:42 <ennael> meaning very late on packagers side and tests
19:40:53 <ennael> for sure rather on packagers for now
19:40:55 <sander85> hmm, good topic
19:41:15 <sander85> fx6.0.1 was pushed into updates_testing, where is bug?
19:41:18 <Stormi> yes, tests have been increasing over time, it's not in a bad shape
19:41:18 <ennael> that's why on our opinion backports is really not a big priority
19:41:22 <misc> because most package do not have a maintainer set in the db
19:41:31 <ennael> also yes
19:41:33 <sander85> i think if someone is pushing update he/she should also open bug about it
19:41:45 <ennael> sander85: that's not the pb
19:41:52 <doktor5000__> sander85: same bug as ff5? was also used for ff6.0
19:42:04 <ennael> stew started a great job reporting a list of security issues
19:42:11 <sander85> no, there is 6.0.1, security issue
19:42:17 <ennael> the point is after 2 months we are still pending issues
19:42:28 <ennael> so we have 2 things to do here
19:42:43 <ennael> managing pending updates to reduce this list
19:42:48 <sander85> well, there is also no point to push update candidate if testers don't know about it
19:42:56 <ennael> and launch kind of "save the planet, adopt packages"
19:43:13 <ennael> sander85: I don't think that's the point here
19:43:38 <andre999> ennael: great slogan :)
19:43:48 <ennael> seacteam in Mandriva did not know all single package in main
19:43:55 <doktor5000__> ennael: therefore we definitely need more packagers and that implies more mentors
19:43:56 <Remmy> Triage, QA and security wise, I've seen improvements in the past week - two weeks... too early to cheer and too early to say we have solved the problem, but it looks like things are moving in the right direction at least.
19:43:56 <AL13N> ennael: i like "save the magic, adopt packages", someone could send a huggy mail to mageia-dev for awareness
19:44:20 * Stormi agrees with Remmy
19:44:37 <Stormi> now we are waiting for the packagers to submerge us with updates :)
19:44:43 <ennael> ok progress has been done on tests side
19:44:46 * misc cough *qemu*
19:44:50 <ennael> :)
19:44:55 <Stormi> misc: how old is that update ?
19:44:57 <sander85> well, thank dmorgan for this improvement
19:45:05 <Remmy> Still, we are about a dozen FTE's short, lol
19:45:15 <sander85> we finally have person who is pushing updates
19:45:17 <zemo> misc: can you check what hapened to dkms-rtl8192ce_se_de, its not in mirror
19:45:23 <Stormi> misc: 1 day
19:45:28 <ennael> zemo: we are in a meeting
19:45:37 <sander85> zemo = ze?
19:45:42 <ennael> so
19:45:45 <zemo> ennael: didnt knew, sorry
19:45:46 <ennael> back to our topic
19:45:55 <sander85> zemo: read the list
19:45:57 <ennael> how can we improve this?
19:46:17 <ennael> improving list of assigned packages for sure
19:46:49 <ennael> but we can also ask help to look for patches needed and to be proposed to submit in testing updates
19:46:59 <leuhmanu> it's the packager who must make the package or secteam? see https://bugs.mageia.org/show_bug.cgi?id=2511 for example
19:47:00 <erzulie> [ Bug 2511 - libxfont needs to be updated to 1.4.4 (security fix) ]
19:47:10 <Stormi> the packager
19:47:18 <Remmy> I don't know if one can set ownership of a package to someone other than yourself? If yes, perhaps also give the triage team lead that ability?
19:47:31 <Stormi> in my opinion secteam role can limit to monitor security issues and open bug reports
19:47:41 <doktor5000__> raise awareness in the forums/mailing lists that testers and comments on bugreports are needed
19:47:41 <leuhmanu> Stormi: yep agreed
19:47:45 <Stormi> and packagers should do the rest (+ QA)
19:47:50 <sander85> yeah, in good world
19:47:59 <sander85> but we have 5k orphaned packages
19:48:15 <sander85> can ennael patch all those she imported? :)
19:48:22 <Remmy> And on secteam, is there anyone else on that team / group other than stewb? Looks like he got disheartened with the lack of progress and threw in the towel.
19:48:32 <misc> Remmy: there is a list of people on the wiki
19:48:33 <sander85> we also have apache with a pretty bad sec issue
19:48:52 <misc> but either they are 1) busy elsewhere 2) busy in real life
19:48:54 <Remmy> misc: Aye, but are they automatically on security@groups.mageia.org ?
19:49:02 <misc> Remmy: no, only stew
19:49:07 <doktor5000__> stewb only cancelled his mentoring efforts, no?
19:49:11 <AL13N> sander85: actually, likely i can take on the apache issue, since i'm doing this one for $dayjob anyway
19:49:25 <AL13N> sander85: if it's the same issue
19:49:35 <Remmy> doktor5000__: That, and closed the open security bugs, and is not here... I think he's not a happy camper right now.
19:49:47 <sander85> AL13N: https://bugs.mageia.org/show_bug.cgi?id=2510
19:49:48 <misc> Remmy: bt the security group was mean't in case of security issue in our own product ( ie, our code, our infra )
19:49:48 <erzulie> [ Bug 2510 - Apache susceptible to ddos attack ]
19:49:52 <Remmy> I'd be happy to be wrong on this one though
19:50:52 <Stormi> who here is ready to fix some security issues (be it on packages they maintain or not) ?
19:50:53 <sander85> hmm, ok, i was quite sure that secteam was there to help with all security issues.. now i know better :/
19:51:09 <misc> Stormi: I do ( and did )
19:51:15 <mikala> Stormi: i can help for that
19:51:22 <ennael> sander85: secteam cannot handle all of them
19:51:24 <Stormi> I think I can try too
19:51:35 <mikala> except that i'm quite busy in fact for the next 2 months
19:51:41 <mikala> so i'm not reliable enough
19:51:43 <sander85> maybe at least those that have no maintainer?
19:51:47 <leuhmanu> https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=Open%20security%20issues&sharer_id=151
19:51:48 <erzulie> [ Log in to Bugzilla ]
19:51:50 <Stormi> and will try to have one of my apprentices fix some
19:52:03 <Remmy> Would be nice if we can Cc some sort of security team on bugs and have it go to people with at least some interest in fixing it
19:52:04 <ennael> https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=security&sharer_id=69
19:52:04 <leuhmanu> none of this rpm have a maintainer
19:52:05 <erzulie> [ Log in to Bugzilla ]
19:52:06 <Stormi> + Remmy when triage gives him time :)
19:52:21 <ennael> can we focus on that list first to reduce it
19:52:33 <Stormi> are security bugs easy to identify in bugzilla ?
19:52:45 <misc> Remmy: that's the maintainer job
19:52:45 <Stormi> are must we add a keyword ?
19:52:46 <ennael> #url https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=security&sharer_id=69
19:52:47 <erzulie> [ Log in to Bugzilla ]
19:52:50 <andre999> there is a potential apprentice with lots of Linux skills who would like to help with security - but he needs orientation for Mageia
19:52:50 <Stormi> s/are/or/
19:53:01 <ennael> andre999: no pb then
19:53:08 <ennael> andre999: does he have mentor ?
19:53:13 <misc> Remmy: and the problem is really the maintainer is not in the db
19:53:13 <leuhmanu> Stormi: saved search
19:53:22 <andre999> but stewb seems to overloaded to help him
19:53:29 <andre999> needs an apprentice
19:53:33 <Stormi> a mentor
19:53:35 <ennael> ?
19:53:39 <andre999> motivated with nice manners
19:53:52 <ennael> andre999: sorry I don't understand you
19:54:15 <andre999> ennael: he needs a mentor
19:54:30 <ennael> ok clearer :)
19:54:37 <ennael> do we have here sombody available ?
19:54:40 <Remmy> dotmil?
19:55:02 <andre999> he has a lot of .deb packaging experience
19:55:07 <andre999> dotmil
19:55:32 <ennael> any mentor available here?
19:55:54 <misc> we could keep this for the topic "mentroing review" :) ?
19:56:04 <ennael> mmm yes
19:56:10 <Stormi> hoping that potential mentors don't run before :)
19:56:19 <Stormi> so are only misc, mikala and myself ready to fix some security issues ?
19:56:20 <andre999> ok - just we were talking about security and he was interested in helping
19:56:39 <Remmy> Stormi: I'm willing too, but all my fixes will have to go through you for now.
19:56:45 <ennael> so we have for now Stormi, misc, mikala to help on current list
19:56:54 <Stormi> Remmy: that's ok for me :)
19:56:55 <Nanar> Stormi: I am ready to fix security issue on my own packages
19:56:57 <ennael> of course everybody not here tonight
19:57:24 <doktor5000__> i'd also volunteer to fix security issues, but someone needs to review those
19:57:34 <ennael> doktor5000__: who is your mentor ?
19:57:38 <doktor5000__> Anssi
19:57:41 <sander85> maybe write into list to get more people into that secteam list
19:57:45 <Stormi> someone needs to review mine in fact, at least the first ones :
19:57:49 <Stormi> :)
19:57:55 <ennael> Anssi: can you help in reviewing sec fixes for doktor5000__ ?
19:58:21 <Stormi> sander85: here we're not exactly speaking about secteam but packagers who fix sec bugs, I think this is different
19:58:35 <Stormi> if we agree that secteam is who monitors CVEs
19:58:39 <Stormi> and opens bugs
19:58:51 <ennael> maybe it's not clear enough in wiki
19:58:54 <Stormi> (which doesn't solve the need for a secteam)
19:59:11 <misc> and there is the case of non security bug, that are also important to manage
19:59:25 <sander85> well, that ml is marked at least as cc and could have more people following
19:59:42 <Anssi> ennael: yes
19:59:49 <ennael> Anssi: thanks :)
19:59:56 <ennael> doktor5000__: you can work on it then :)
20:00:34 <ennael> misc: yep
20:00:53 <ennael> we should have also a precise list to be monitored
20:01:04 <ennael> and we are back on maint db topic
20:01:10 <boklm> precise list ?
20:01:17 <ennael> boklm: in bugzilla
20:01:32 <boklm> ?
20:01:34 <ennael> searcj like all bugs opened on mageia1 may be good candidate
20:01:38 <ennael> search
20:01:45 <boklm> ah
20:02:04 <Stormi> I think leuhmanu and Remmy probably already have a saved search for that
20:02:12 <ennael> Remmy: ?
20:02:28 <leuhmanu> for what ?
20:02:36 <Stormi> for bugs opened on mageia 1
20:02:41 <leuhmanu> ah yes
20:02:44 <Stormi> sure, it's not a difficult search to do :)
20:02:59 <Remmy> yup, and all searches still assigned to bugsquad, etc.
20:03:04 <leuhmanu> https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=Bugs%20not%20triaged%20%28excl%20new%20RPM%20requests%29&sharer_id=35
20:03:05 <erzulie> [ Log in to Bugzilla ]
20:03:05 <Stormi> I wanted to have charts to see how it evolves but bugzilla had problems last time I tried
20:03:16 <Remmy> We (or leahmanu mostly) are making our way through it, but slowly.
20:03:37 <leuhmanu> you can found all saved search here: https://bugs.mageia.org/userprefs.cgi?tab=saved-searches
20:03:38 <erzulie> [ Log in to Bugzilla ]
20:04:09 <misc> Stormi: I think we got ths one fixed
20:05:08 <Remmy> BTW, I have a few "shared searches", but they do not show. Is that just to me, or does something need to be done to share them?
20:05:12 <Stormi> misc: hmm, it still doesn't work for me. I'll come back to sysadmin irc channel someday.
20:05:27 <leuhmanu> Remmy: ie ?
20:05:56 <Remmy> "Stale bugs (90 days)" for example
20:06:09 <sander85> Remmy: you can share it somewhere
20:06:10 <doktor5000__> looked at it a bit, and some of the aforementioned security bugs have nothing to do with security issues
20:06:10 <leuhmanu> we see it
20:06:12 <Remmy> I have it set as shared, but it doesn't show as a search for me
20:06:16 <doktor5000__> like https://bugs.mageia.org/show_bug.cgi?id=1530
20:06:17 <andre999> the saved searches should show a date - and be sortable by date
20:06:18 <erzulie> [ Bug 1530 - msec should use mga icon after rebranding ]
20:06:25 <doktor5000__> or https://bugs.mageia.org/show_bug.cgi?id=2040
20:06:27 <erzulie> [ Bug 2040 - could not change permissions while copying files to an NTFS partition ]
20:06:39 <doktor5000__> i'd call that small cosmetics, not security
20:06:44 <leuhmanu> Remmy: you don't see your shared search
20:06:53 <leuhmanu> (same for me)
20:06:55 <Stormi> Remmy: I see it
20:07:02 <Remmy> leuhmanu: As long as you (and others) see it, I'm happy :)
20:07:12 <ennael> ok let stop discussion about shared search for tonight :)
20:07:27 <andre999> :)
20:07:38 <ennael> doktor5000__: feel free to propose modification in bugs
20:07:39 <Nanar> ennael: thks
20:08:05 <leuhmanu> (sorry)
20:08:18 <ennael> #action Stormi, mikala, misc, doktor5000__ volunteer to help in reducing current sec bugs for now
20:08:59 <ennael> #action new post planned on -dev ML to focus on security updates and bugs fixes
20:09:25 <Stormi> planned and there's someone designated to write it ? :)
20:09:27 <ennael> #action focus on packages maintenance - adoption campaign
20:09:36 <ennael> Stormi: we will do it
20:09:40 <Stormi> ok :)
20:09:45 <ennael> feel free to comment and add things on it
20:10:21 <ennael> anything to add ?
20:10:31 <sander85> can someone with better english update updates policy so that if maintainer uploads new package into updates_testing (s)he will also add bug about it for QA?
20:10:41 <doktor5000__> removed one security issue already :)
20:10:44 <AL13N> one more thing
20:10:51 <AL13N> descriptions for rpmdrake
20:10:58 <AL13N> usefull for sec updates
20:11:04 <Stormi> sander85: please send a mail to qa-discuss ML
20:11:16 <Stormi> ennael: yes if topic is about updates in general I have things to add
20:11:23 <Stormi> about security nothing more
20:11:37 <ennael> Stormi: shoot
20:11:39 <misc> sander85: the bug is just assigned to qa-bugs, no ?
20:11:54 <sander85> mikala: which bug?
20:12:18 <sander85> sry, mikala :)
20:12:19 <Stormi> 1) the reason for update still doesn't show up in rpmdrake, is there someone wanting to work to fix it ?
20:12:21 <sander85> misc?
20:12:35 <ennael> Stormi: I can ask titi to have a look
20:12:40 <ennael> tv
20:12:50 <doktor5000__> ennael: ok to change https://bugs.mageia.org/show_bug.cgi?id=1530 away from security? as this is open for 3 months, and there was no quick fix even when it was set to "security"
20:12:51 <erzulie> [ Bug 1530 - msec should use mga icon after rebranding ]
20:12:55 <Stormi> it's not a rpmdrake bug but the fact we don't produce the advisory file for now
20:13:13 * AL13N agrees with Stormi
20:13:17 <ennael> doktor5000__: I will handle it tomorrow as it's about license... my bad i'm late
20:13:21 <Stormi> advisories are written but not stored in a file that can be read by rpmdrake
20:13:30 <Stormi> or a db or whatever
20:14:00 <misc> doktor5000__: that's not a security problem
20:14:11 <AL13N> i provided my updates with Advisory text, but it's unused :-(
20:14:20 <ennael> Stormi: will have a look with people managing it previoulsy
20:14:25 <Stormi> ok
20:14:37 <sander85> misc: <misc> sander85: the bug is just assigned to qa-bugs, no ? <--- ???
20:14:53 <ennael> #action look for a way to use advisory in rpmdrake
20:14:58 <misc> sander85: "updates_testing (s)he will also add bug about it for QA?"
20:15:24 <leuhmanu> AL13N: https://ml.mageia.org/wwsympa-wrapper.fcgi/arc/updates-announce
20:15:25 <erzulie> [ updates-announce - Packages update for stable release - arc_protect ]
20:15:40 <Stormi> my second point is about dependencies. Discussion is ongoing about whether we must push all dependencies to updates or change (fix ?) urpmi so that it can use core/release to install dependencies of updates
20:15:43 <doktor5000__> misc: but was on the list for security issues, not anymore now ;)
20:15:44 <sander85> misc: yes, first firefox was submitted into updates_testing, now rootcerts landed and also no bug about it, how should QA know they need to test?
20:15:50 <AL13N> leuhmanu: ah, tnx i didn't know /o\
20:16:02 <Stormi> I think about this point (dependencies in updates) the discussion has lasted enough and we need a decision
20:16:10 <misc> sander85: well, my point is "use the current bug rather than a new one"
20:16:19 <ennael> Stormi: I would say provide deps for now and we look for a fix
20:16:28 <misc> Stormi: we could do the copying for now, and patch later
20:16:30 <ennael> this was on the way in mdv in last days
20:16:34 <misc> but as usual, no one will patch :/
20:16:44 <ennael> just have to check this
20:16:55 <sander85> misc: well, i don't mind if old bug is used, but it should be still reopened then, by the packager who pushed update
20:17:00 <Stormi> ok, I'll answer that to the thread in the ML and we will follow this path in QA team
20:17:15 <ennael> yes please
20:17:17 <misc> sander85: we will see after the meeting
20:17:20 <Stormi> nothing more to add to the topic
20:17:38 <misc> Stormi: but that requires people to say what should be copied
20:17:59 <ennael> sure
20:18:04 <misc> ( becaue that's the problem of copying, we cannot know what to copy, or we would duplicate release to be safe )
20:18:09 <ennael> and at least qa should test it also
20:18:15 <Stormi> QA team can detect that during testing
20:18:22 <Stormi> using MageiaUpdate to update
20:18:28 <Stormi> and see that install fails
20:18:43 <misc> provided the software is not already installed
20:18:44 <sander85> actually, i have one more question about updates
20:18:45 <Stormi> if packagers find out before, it's better
20:18:52 <Stormi> misc: indeed
20:19:02 <Stormi> I will think about it
20:19:19 <sander85> firefox update means a lot more packages to be updated than just one or two, and tracking this is kinda hard, any ideas here?
20:19:31 <Stormi> sander85: dmorgan is writing a wiki page about it
20:19:37 <Stormi> to ease the process
20:19:43 <sander85> ok
20:19:56 <misc> sander85: I guess adding a sctrict requires like firefox-version = 6.0  could make us use urpmf to find them
20:20:00 <AL13N> i would like to be warned, because i have beid-middleware which has an xpi
20:20:35 <sander85> misc: it's not about finding, it's more about getting them all tested with new version of fx
20:20:39 <Stormi> AL13N: just make sure it is added to the process on the wiki and it should be fine
20:20:46 <AL13N> k thx
20:20:49 <AL13N> Stormi: link?
20:20:52 <sander85> and how to keep track that all archs are tested
20:20:52 <ennael> ok can you finalize all this after meeting ?
20:20:59 <Stormi> yes after meeting
20:21:01 <ennael> so that we can switch topic
20:21:11 <misc> sander85: most xpi should be noarch, as that's javascript and xml
20:21:49 <sander85> well, most are but not all
20:22:21 <misc> sander85: use "dependent bug" feature of bugzilla ?
20:22:24 <dmorgan> misc: a scrict requires  where ?
20:22:35 <misc> dmorgan: on the xpi
20:22:47 <sander85> i was thinking about some online todo list for QA, but i'm not sure
20:23:23 <Stormi> sander85: we'll have one too for firefox yes, the same page with a packager section and a QA section
20:23:28 <sander85> opening new bug for every fx ext doesn't make sense
20:23:39 <dmorgan> misc: i beg to disagree because some extensions won't need to be rebuilded each time
20:23:42 <sander85> more and more extensions added every day
20:23:50 <misc> dmorgan: then don't add the requires
20:24:03 <misc> sander85: let's see after the meeting ?
20:24:38 <andre999> probably most extensions won't need rebuilding
20:24:44 <sander85> or tomorrow :) i'm sleepy it's almost 23:30 here :)
20:24:49 <ennael> ok
20:25:00 <ennael> feel free to mail -dev to deal with this
20:25:01 <sander85> andre999: all that have version check in them
20:25:12 <AL13N> ok, next topic?
20:25:21 <ennael> #topic Triage review
20:25:27 <ennael> leuhmanu: your turn !
20:25:41 <leuhmanu> oh
20:25:43 <andre999> sander85: but version updated automatically, no ?
20:26:14 <leuhmanu> most of the problem is maintdb quite empty
20:26:15 <ennael> andre999: after meeting please :)
20:26:30 <andre999> ok
20:26:32 <sander85> andre999: for extensions in amo, yes ... but not for those that are rpms (that's why i'm against them :( )
20:26:41 <ennael> leuhmanu: as said before we will focus on this in coming days
20:26:48 <ennael> sander85: after meeting please :)
20:26:50 <leuhmanu> ah yes indeed
20:27:41 * Stormi is interested in triage but can't be everywhere :)
20:27:57 <leuhmanu> I will post a weekly mail on -dev about sec bugs, 'normal' bug and package request
20:28:18 <Remmy> We need a millionaire to hire some people :)
20:28:26 <Stormi> yes, I candidate !
20:28:37 <Stormi> (for the job, I'm not the millionaire)
20:28:39 <AL13N> Stormi: ok, pay me fulltime to work on mageia!
20:28:43 <AL13N> oh :-(
20:28:55 <ennael> please can we focus on topic
20:29:00 <ennael> already 1h30 of meeting
20:29:28 <Remmy> sorry
20:30:21 <ennael> triage and QA teams are also working on blog post to explain the job and look for volunteers
20:31:24 <ennael> leuhmanu, Remmy : anything else to add ?
20:31:25 <sander85> i'm subscribed to bugs ml so if i see that i can help i'll do it
20:31:34 <ennael> thanks sander85
20:31:43 <leuhmanu> nop for me
20:31:54 <ennael> ok so we wait for your reports then :)
20:32:12 <Remmy> No... other than an invitation for people to have a look at the piratepad you created for the blog post :)
20:32:13 <ennael> #topic triage team will provide weekly report on-dev
20:32:33 <ennael> argh
20:32:36 <misc> #topic Triage review
20:32:36 <ennael> #undo
20:32:36 <Inigo_Montoya`> Removing item from minutes: <MeetBot.items.Topic object at 0x82acd0c>
20:32:41 <misc> #topic Triage review
20:32:50 <ennael> #action triage team will provide weekly report on-dev
20:33:47 <ennael> ok
20:33:56 <ennael> #topic QA review
20:34:02 <ennael> Stormi: your turn ?
20:34:05 <Stormi> ye
20:34:27 <Stormi> most has already be said in the mail I sent to the -dev mailing list about updates
20:34:37 <Stormi> and during the previous discussion here
20:35:00 <Stormi> to summarize : we have volunteers, they are doing the job, as far as testing is concerned
20:35:25 <Stormi> we probably can find things to improve, but I think we can let us some time to work and see what to improve afterwards
20:35:25 <ennael> ok
20:35:47 <Stormi> we just started to test security updates so we don't have much experience about those
20:35:56 <Stormi> but we'll find out
20:36:29 <ennael> ok do not hesitate to ask on -dev
20:36:32 <Stormi> yes
20:36:43 <Stormi> do packagers have remarks about the QA team work ?
20:37:41 <misc> no one told me anything
20:38:12 <ennael> Stormi: let see in coming weeks what happens
20:38:14 <Stormi> yes
20:38:21 <ennael> I'm sure they will shout if needed :)
20:39:03 <Stormi> QA's job is to point other peoples errors so sometimes it can be not easy :)
20:39:14 <Stormi> but we do that without any sadism ;)
20:39:14 <ennael> sure
20:39:28 <ennael> anything else to add?
20:39:37 <Stormi> I don't think so
20:39:46 <ennael> ok thanks
20:39:52 <ennael> #topic mentoring review
20:40:09 <ennael> andre999: your turn
20:40:14 <andre999> ok :)
20:40:31 <andre999> I'd like to start with some potential apprentices
20:40:48 <andre999> we have dotmil (Josh King)
20:41:21 <andre999> he is quite experienced with Linux, and would like to help wherever needed
20:41:43 <andre999> has been reading up on the wiki, including packager and security pages
20:42:05 <ennael> anybody available ?
20:42:27 <misc> not now I fear :/
20:42:34 <ennael> mmm
20:42:39 <andre999> from discussions earlier, maybe misc / mikala / stormi ?
20:43:01 <Stormi> I already have 4 apprentices and am not very confident about sysadmin stuff for now
20:43:11 <Stormi> and need practicing security fixes
20:43:24 <Stormi> so I'd prefer someone else
20:43:26 <andre999> misc: he's a sysadmin in his day job, but needs familiarisation with Mageia
20:43:35 <andre999> maybe Mikala ?
20:43:36 <Remmy> I'm somewhat concerned that we're still overloading the usual suspects time and again and that whenever we ask for help, we are all fishing in the same small pond of fish.
20:43:38 <pterjan> :v libmedia3_1 -v 1
20:43:39 <Sophie> pterjan: The rpm named `libmedia3_1' has not been found in (Mageia, 1, i586)
20:43:52 <pterjan> :q libmedia -v 1
20:43:52 <ennael> andre999: mikala is busy wiuth his own very personal release I guess :)
20:43:59 <Sophie> pterjan: rpm name matching `libmedia' in (Mageia, 1, i586) :
20:43:59 <Sophie> pterjan: libmediastreamer0
20:44:09 <misc> andre999: I am starting a new job tomorow, so not me , no time
20:44:17 <ennael> andre999: can you mail -dev ?
20:44:17 <andre999> ok - just trying to find someone
20:44:25 <ennael> will try to find on my side also
20:44:26 <andre999> misc: ok
20:44:38 <andre999> ennael: will do
20:45:08 <andre999> after my discussion with dotmil, am sure he will be a big asset
20:45:14 <Remmy> misc: Congrats :)
20:45:34 <andre999> there is also barjac
20:45:55 <barjac> Yes ;)
20:46:18 <andre999> barjac: to find a mentor for you
20:46:53 <andre999> I've been busy this week so not much more to report
20:46:59 <sander85> barjac may buzz me but final review for specs is needed from someone else.. i'm myself a junior :)
20:47:01 <ennael> ok can you post a mail with pending guys looking for mentor
20:47:17 <ennael> with detailed profile and what they really need to be mentor on
20:47:19 <andre999> ok :)
20:47:28 <andre999> good idea
20:47:34 <ennael> will help to find a victim^w^wvolunterr
20:47:37 <ennael> volunteer
20:47:56 <ennael> ok anything else to add ?
20:47:58 <andre999> I had that in mind when I approached potential mentors
20:48:01 <andre999> yes
20:48:29 <andre999> misc: could you send me the list of packager pseudos ?
20:48:41 <andre999> or some other packager
20:48:45 <misc> andre999: mhh ?
20:49:03 <andre999> remember I asked for a list ?
20:49:11 <andre999> to help me find mentors ?
20:49:12 <misc> i forgot, will do soon
20:49:24 <andre999> thanks :)
20:49:50 <andre999> and good luck on your new job :)
20:50:04 <ennael> (poor colleagues)
20:50:07 <ennael> hum
20:50:11 <ennael> anything else to add ?
20:50:22 <andre999> no - that's it
20:50:29 <ennael> thanks
20:50:35 <andre999> :)
20:50:48 <ennael> 1h50 I guess we can close meeting for tonight
20:50:52 <ennael> thanks for coming
20:51:06 <ennael> #endmeeting