PRs for Typo3 time out
in [Ports]
|
From: "Helmut Schneider" on 10 Aug 2010 06:56 Hi, in the past I created a few PRs with patches for important security updates for typo3. Unfortunately they all timed out. 10 days ago I created a new one: http://www.freebsd.org/cgi/query-pr.cgi?pr=149236 I guess it will also time out. Now, there is another update: http://www.freebsd.org/cgi/query-pr.cgi?pr=149493 I also expect it to time out. What is the time GNATS is waiting for feedback of the maintainer? Does it make a difference if importance and/or severity are raised? IMHO it is a problem if important security fixes are approved only after a 14-day-or-more timeout. Are there mechanisms to avoid such a delay? Helmut -- No Swen today, my love has gone away My mailbox stands for lorn, a symbol of the dawn _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: Mark Linimon on 10 Aug 2010 11:04 On Tue, Aug 10, 2010 at 10:56:44AM +0000, Helmut Schneider wrote: > in the past I created a few PRs with patches for important security > updates for typo3. Unfortunately they all timed out. > > What is the time GNATS is waiting for feedback of the maintainer? It's 14 days for a normal update or bugfix. For security problems, that doesn't matter: they should be fixed as soon as possible. If the security problem is not serious, I think it's fair to notify the maintainer before the commit; otherwise, it can go in immediately. > Does it make a difference if importance and/or severity are raised? No, not really. The values of these have been so over-set in GNATS that the only people that notice them are the bugbusting team. I try to keep the Severity=critical ones in order, but everything else is meaningless. > IMHO it is a problem if important security fixes are approved only > after a 14-day-or-more timeout. Are there mechanisms to avoid such a > delay? a) you can try adding "[security]" to the Synopsis line; this may help make it more visible. b) I will email the maintainer and ask if he is willing to transfer maintainership to you. In general, if people are having problems with how individual ports are maintained, they should email portmgr(a)FreeBSD.org and bring it to our attention directly. Thanks. mcl _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: "Helmut Schneider" on 10 Aug 2010 13:14 Mark Linimon wrote: > On Tue, Aug 10, 2010 at 10:56:44AM +0000, Helmut Schneider wrote: > > in the past I created a few PRs with patches for important security > > updates for typo3. Unfortunately they all timed out. > > > > What is the time GNATS is waiting for feedback of the maintainer? > > It's 14 days for a normal update or bugfix. For security problems, > that doesn't matter: they should be fixed as soon as possible. If > the security problem is not serious, I think it's fair to notify the > maintainer before the commit; otherwise, it can go in immediately. > > > Does it make a difference if importance and/or severity are raised? > > No, not really. The values of these have been so over-set in GNATS > that the only people that notice them are the bugbusting team. I try > to keep the Severity=critical ones in order, but everything else is > meaningless. > > > IMHO it is a problem if important security fixes are approved only > > after a 14-day-or-more timeout. Are there mechanisms to avoid such a > > delay? > > a) you can try adding "[security]" to the Synopsis line; this may help > make it more visible. > > b) I will email the maintainer and ask if he is willing to transfer > maintainership to you. Me?! Huh! What does that mean? :) I mean, what if I run into problems? > In general, if people are having problems with how individual ports > are maintained, they should email portmgr(a)FreeBSD.org and bring it to > our attention directly. Thanks. I didn't mean to blame others, I'm just concerned about security. _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: Mark Linimon on 10 Aug 2010 16:41 On Tue, Aug 10, 2010 at 05:14:04PM +0000, Helmut Schneider wrote: > > b) I will email the maintainer and ask if he is willing to transfer > > maintainership to you. > > Me?! Huh! What does that mean? :) I mean, what if I run into problems? Ask for help on ports@, the forums, the IRC channels, ... :-) You seem to be the most active person doing the updating. Answering questions about it is probably not much more of a task ... mcl _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
|
Pages: 1 Prev: INDEX now builds successfully on 6.x Next: Looks as if we need a misc/compat8x |