| |
@@ -41,20 +41,23 @@
|
| |
|
| |
== About this policy
|
| |
|
| |
- Fedora has differing policies for each of its branches. This document describes for maintainers what
|
| |
- sort of updates should be created in packages for each of the various branches of existing Fedora.
|
| |
- In the event of questions or clarifications, please file a
|
| |
- link:https://pagure.io/fesco/new_issue[FESCo ticket] or discuss on the
|
| |
- link:https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/[devel list]. In
|
| |
- general, releases should go from less conservative (Rawhide) to more so (the oldest supported stable
|
| |
- release). This document attempts to describe when and what kinds of updates maintainers should push
|
| |
- to Fedora users of its various branches. The
|
| |
- link:https://fedoraproject.org/wiki/Stable_release_updates_vision#Vision_Statement[Stable release updates vision] from the
|
| |
- Fedora Board includes more high level discussion and philosophy, while this
|
| |
- document is more a practical guide. Refer to
|
| |
- link:https://docs.fedoraproject.org/en-US/package-maintainers/Package_Update_Guide[Package Update Guide] for the technical steps on
|
| |
- pushing the updates. The link:https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle[Fedora Release Life Cycle]
|
| |
- provides a more detailed overview of the development process.
|
| |
+ Fedora has differing policies for each of its branches.
|
| |
+ This document describes for maintainers what sort of updates should be created in packages
|
| |
+ for each of the various branches of existing Fedora.
|
| |
+ In the event of questions or clarifications,
|
| |
+ please file a https://pagure.io/fesco/new_issue[FESCo ticket]
|
| |
+ or discuss on the https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/[devel list].
|
| |
+ In general, releases should go from less conservative (Rawhide)
|
| |
+ to more so (the oldest supported stable release).
|
| |
+ This document attempts to describe when and what kinds of updates
|
| |
+ maintainers should push to Fedora users of its various branches.
|
| |
+ The https://fedoraproject.org/wiki/Stable_release_updates_vision#Vision_Statement[Stable release updates vision]
|
| |
+ from the Fedora Board includes more high level discussion and philosophy,
|
| |
+ while this document is more a practical guide.
|
| |
+ Refer to https://docs.fedoraproject.org/en-US/package-maintainers/Package_Update_Guide[Package Update Guide]
|
| |
+ for the technical steps on pushing the updates.
|
| |
+ The https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle[Fedora Release Life Cycle] provides
|
| |
+ a more detailed overview of the development process.
|
| |
|
| |
== Common updates requirements for all Fedora releases
|
| |
|
| |
@@ -63,46 +66,53 @@
|
| |
[[updating-inter-dependent-packages]]
|
| |
=== Updating inter-dependent packages
|
| |
|
| |
- When one updated package requires one or more other packages, the packages should be submitted
|
| |
- together as a single update. For instance, if package A depends on packages B and C, and you want to
|
| |
- update to a new version of package A which requires new versions of B and C, you must submit a
|
| |
- single update containing the updated versions of all three packages. It is a bad idea to submit
|
| |
- three separate updates, because if the update for package A is pushed stable before the updates for
|
| |
- packages B and C, it will cause dependency problems. There is information on how to submit
|
| |
- multi-package updates in the
|
| |
- link:https://docs.fedoraproject.org/en-US/package-maintainers/Package_Update_Guide/#updating_inter_dependent_packages[Package Update Guide]
|
| |
+ When one updated package requires one or more other packages,
|
| |
+ the packages should be submitted together as a single update.
|
| |
+ For instance, if package A depends on packages B and C,
|
| |
+ and you want to update to a new version of package A which requires new versions of B and C,
|
| |
+ you must submit a single update containing the updated versions of all three packages.
|
| |
+ It is a bad idea to submit three separate updates,
|
| |
+ because if the update for package A is pushed stable before the updates for packages B and C,
|
| |
+ it will cause dependency problems.
|
| |
+ There is information on how to submit multi-package updates in the
|
| |
+ https://docs.fedoraproject.org/en-US/package-maintainers/Package_Update_Guide/#updating_inter_dependent_packages[Package Update Guide]
|
| |
and information about using side-tags for multiple updates in
|
| |
- link:https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/[Rawhide Gating/multi-builds].
|
| |
+ https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/[Rawhide Gating/multi-builds].
|
| |
|
| |
[[consumable-updates]]
|
| |
=== Consumable updates
|
| |
|
| |
- link:https://bodhi.fedoraproject.org[Bodhi]
|
| |
+ https://bodhi.fedoraproject.org[Bodhi]
|
| |
updates should only be created for builds which are expected to qualify for being pushed to stable.
|
| |
Maintainers should not use Bodhi's testing states to test updates they never intend to push stable.
|
| |
- This sort of testing should be done in link:https://copr.fedorainfracloud.org/[Copr] or other
|
| |
- seperate public repositories. Consult with the QA team for further testing assistance.
|
| |
+ This sort of testing should be done in https://copr.fedorainfracloud.org/[Copr]
|
| |
+ or other seperate public repositories.
|
| |
+ Consult with the QA team for further testing assistance.
|
| |
|
| |
== Rawhide
|
| |
|
| |
- link:https://fedoraproject.org/wiki/Releases/Rawhide[Rawhide] is the always-rolling development tree. Package
|
| |
- updates built for Rawhide are composed every day and pushed out to all consumers.
|
| |
- New builds against this tree also are added to the build root (i.e., other packages build from them).
|
| |
- This tree is intended to meet the link:https://fedoraproject.org/wiki/Basic_Release_Criteria[Basic Release Critera]
|
| |
- for any successfull compose so maintainers can integrate their changes with everyone else.
|
| |
-
|
| |
- Repos available: link:https://fedoraproject.org/wiki/Repositories#rawhide[_rawhide_]
|
| |
-
|
| |
- Since link:https://fedoraproject.org/wiki/Changes/GatingRawhidePackages[Gating Rawhide Packages] change was introduced,
|
| |
- package updates in Fedora Rawhide need to pass verification before they land in the Rawhide repositories. This
|
| |
- is implemented as a check for the Bodhi update, which verifies that the update satisfies the Gating policy. See
|
| |
- link:https://docs.fedoraproject.org/en-US/rawhide-gating/single-builds/[Rawhide Gating/Single Builds] and
|
| |
- link:https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/[Rawhide Gating/Multi Builds] for
|
| |
- details.
|
| |
-
|
| |
- Currently the default gating policy is empty, thus a Rawhide update can pass the gate, no matter the test
|
| |
- results. Package maintainer can opt-in for the gating of a package, by setting up individual gating policies,
|
| |
- see link:https://docs.fedoraproject.org/en-US/rawhide-gating/optin/[How to Opt in to Gating].
|
| |
+ https://fedoraproject.org/wiki/Releases/Rawhide[Rawhide] is the always-rolling development tree.
|
| |
+ Package updates built for Rawhide are composed every day and pushed out to all consumers.
|
| |
+ New builds against this tree also are added to the build root
|
| |
+ (i.e., other packages build from them).
|
| |
+ This tree is intended to meet the https://fedoraproject.org/wiki/Basic_Release_Criteria[Basic Release Critera]
|
| |
+ for any successful compose so maintainers can integrate their changes with everyone else.
|
| |
+
|
| |
+ Repos available: https://fedoraproject.org/wiki/Repositories#rawhide[_rawhide_]
|
| |
+
|
| |
+ Since https://fedoraproject.org/wiki/Changes/GatingRawhidePackages[Gating Rawhide Packages] change was introduced,
|
| |
+ package updates in Fedora Rawhide need to pass verification before they land in the Rawhide repositories.
|
| |
+ This is implemented as a check for the Bodhi update,
|
| |
+ which verifies that the update satisfies the Gating policy.
|
| |
+ See https://docs.fedoraproject.org/en-US/rawhide-gating/single-builds/[Rawhide Gating/Single Builds]
|
| |
+ and https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/[Rawhide Gating/Multi Builds]
|
| |
+ for details.
|
| |
+
|
| |
+ Currently the default gating policy is empty,
|
| |
+ thus a Rawhide update can pass the gate, no matter the test results.
|
| |
+ Package maintainer can opt-in for the gating of a package,
|
| |
+ by setting up individual gating policies,
|
| |
+ see https://docs.fedoraproject.org/en-US/rawhide-gating/optin/[How to Opt in to Gating].
|
| |
|
| |
As soon as a build is completed, a Bodhi update is automatically created.
|
| |
The update is used to gather test results.
|
| |
@@ -114,43 +124,49 @@
|
| |
* not push any known broken builds (breaks the default buildroot package set, etc.).
|
| |
This causes additional work for other maintainers trying to integrate their changes.
|
| |
* When a proposed update contains an ABI or API change: notify *a week in advance* both the
|
| |
- link:https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/[devel list]
|
| |
+ https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/[devel list]
|
| |
and maintainers directly (using the ``_packagename_-\maintainers@fedoraproject.org`` alias)
|
| |
whose packages depend on yours to rebuild or offer to do these rebuilds for them.
|
| |
* Use a side-tag when dealing with mass builds of many packages, so they can land at
|
| |
the same time. See
|
| |
- link:https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/[Rawhide Gating/Multi Builds].
|
| |
- * Feel free to push out the newest version of packages as long as they do not cause breakage. Also
|
| |
- keep in mind when the next Fedora release will be branched off, and be fairly confident that there
|
| |
- will be a stable enough release in time for the next Fedora release. Otherwise you may have to
|
| |
- back down to an older, stable version after the branching, which may involve epochs and other
|
| |
- inconveniences.
|
| |
- * Once a package has been added to the compose and that compose has finished and synced to the master
|
| |
- mirrors, it will normally not be untagged. This is required to allow others to depend on the
|
| |
- build once it has become visible. In exceptional cases, releng may untag packages.
|
| |
+ https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/[Rawhide Gating/Multi Builds].
|
| |
+ * Feel free to push out the newest version of packages as long as they do not cause breakage.
|
| |
+ Also keep in mind when the next Fedora release will be branched off,
|
| |
+ and be fairly confident that there will be a stable enough release in time for the next Fedora release.
|
| |
+ Otherwise you may have to back down to an older, stable version after the branching,
|
| |
+ which may involve epochs and other inconveniences.
|
| |
+ * Once a package has been added to the compose
|
| |
+ and that compose has finished and synced to the master mirrors,
|
| |
+ it will normally not be untagged.
|
| |
+ This is required to allow others to depend on the build once it has become visible.
|
| |
+ In exceptional cases, releng may untag packages.
|
| |
* If approved by FESCo, push pre-release versions of low level packages.
|
| |
FESCo approves certain packages, including (but not limited to) `glibc` and `gcc`,
|
| |
to provide pre-release versions here.
|
| |
- The benefits of the early real-world testing of and upstream collaboration on these key
|
| |
- packages far exceeds the risks that they may introduce.
|
| |
+ The benefits of the early real-world testing of and upstream collaboration on these key packages
|
| |
+ far exceeds the risks that they may introduce.
|
| |
|
| |
image::update_flow.svg[Update Flow]
|
| |
|
| |
== Branched release
|
| |
|
| |
- A link:https://fedoraproject.org/wiki/Releases/Branched[Branched] release exists for part of the
|
| |
- development cycle. It starts as a fork of Rawhide and eventually becomes the next stable release.
|
| |
+ A https://fedoraproject.org/wiki/Releases/Branched[Branched] release exists for part of the
|
| |
+ development cycle.
|
| |
+ It starts as a fork of Rawhide and eventually becomes the next stable release.
|
| |
All successfull branched composes should meet the
|
| |
- link:https://fedoraproject.org/wiki/Basic_Release_Criteria[Basic Release Critera].
|
| |
+ https://fedoraproject.org/wiki/Basic_Release_Criteria[Basic Release Critera].
|
| |
|
| |
- Branched releases use the update feedback system (link:https://bodhi.fedoraproject.org[Bodhi]): at first just like Rawhide (updates are
|
| |
- automatically created when a build finishes, tests run and builds are automatically pushed into the next
|
| |
- compose), but then after <<updates-testing-activation>> they switch to using it as stable releases do
|
| |
+ Branched releases use the update feedback system (https://bodhi.fedoraproject.org[Bodhi]):
|
| |
+ at first just like Rawhide
|
| |
+ (updates are automatically created when a build finishes,
|
| |
+ tests run and builds are automatically pushed into the next compose),
|
| |
+ but then after <<updates-testing-activation>> they switch to using it as stable releases do
|
| |
(maintainers must create updates and submit them for testing, etc).
|
| |
|
| |
- There are several phases that a branched release goes through that affect what updates can and
|
| |
- should be done. In general maintainers should keep in mind that this tree is being stabilized
|
| |
- for the next release, so changes should be careful and considered and heading toward stability.
|
| |
+ There are several phases that a branched release goes through
|
| |
+ that affect what updates can and should be done.
|
| |
+ In general maintainers should keep in mind that this tree is being stabilized for the next release,
|
| |
+ so changes should be careful and considered and heading toward stability.
|
| |
|
| |
After branching, there are three freezes,
|
| |
<<post-branch-freeze>>, <<beta-freeze>>, and <<final-freeze>>.
|
| |
@@ -158,27 +174,28 @@
|
| |
[[post-branch-freeze]]
|
| |
=== Post-branch Freeze
|
| |
|
| |
- Once the new release is branched off Rawhide, the flow of updates through Bodhi is stopped until
|
| |
- there has been a successful branched compose. This period usually lasts just a few days. Release
|
| |
- engineering may pass some updates to stable to get the compose to complete, but otherwise all updates
|
| |
- are paused until this initial branched compose is completed. This is to make sure we have a
|
| |
- compose to build on and aren't dealing with problems landing in new updates before we are
|
| |
- ready for them.
|
| |
+ Once the new release is branched off Rawhide,
|
| |
+ the flow of updates through Bodhi is stopped until there has been a successful branched compose.
|
| |
+ This period usually lasts just a few days.
|
| |
+ Release engineering may pass some updates to stable to get the compose to complete,
|
| |
+ but otherwise all updates are paused until this initial branched compose is completed.
|
| |
+ This is to make sure we have a compose to build on
|
| |
+ and aren't dealing with problems landing in new updates before we are ready for them.
|
| |
|
| |
[[before-updates-testing-activation]]
|
| |
=== Before Updates-testing Activation
|
| |
|
| |
For a short time after branching but before the <<beta-freeze>>,
|
| |
the Branched release works like Rawhide:
|
| |
- builds submitted by packagers are considered
|
| |
- _stable_ after passing through any gating tests
|
| |
- via a Bodhi update, and are sent to the
|
| |
- link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_] repository directly in the next nightly
|
| |
- compose. There are no restrictions beyond those for Rawhide at this point, but maintainers SHOULD be
|
| |
- thinking about stabilization from this point onward, and making sure their packages will be in good
|
| |
- condition well in advance of the stable release.
|
| |
+ builds submitted by packagers are considered _stable_ after
|
| |
+ passing through any gating tests via a Bodhi update,
|
| |
+ and are sent to the
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_] repository directly in the next nightly compose.
|
| |
+ There are no restrictions beyond those for Rawhide at this point,
|
| |
+ but maintainers SHOULD be thinking about stabilization from this point onward,
|
| |
+ and making sure their packages will be in good condition well in advance of the stable release.
|
| |
|
| |
- Repos available: link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
+ Repos available: https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
|
| |
[[updates-testing-activation]]
|
| |
=== Updates-testing Activation
|
| |
@@ -186,20 +203,22 @@
|
| |
At this point, the Bodhi update system is changed for the branched release to behave
|
| |
as it does for stable releases (see below) instead of Rawhide.
|
| |
From this point onward maintainers must create updates before packages become available to users
|
| |
- and updates pass through link:https://fedoraproject.org/wiki/QA:Updates_Testing[_updates-testing_]
|
| |
+ and updates pass through https://fedoraproject.org/wiki/QA:Updates_Testing[_updates-testing_]
|
| |
to allow for feedback.
|
| |
- Updates are moved from link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
- repository to link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
+ Updates are moved from https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
+ repository to https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
repository after appropriate karma requirements have been reached.
|
| |
Bodhi sets reasonable defaults for karma and enforces minimum requirements for updates.
|
| |
<<karma-requirements>> for updates are described below.
|
| |
|
| |
- Repositories available: link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
+ Repositories available:
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
|
| |
Maintainers SHOULD:
|
| |
|
| |
- * Avoid ABI/API changes where possible. If unavoidable, use a side-tag to rebuild packages.
|
| |
+ * Avoid ABI/API changes where possible.
|
| |
+ If unavoidable, use a side-tag to rebuild packages.
|
| |
* Avoid any change that breaks composes of Live media, install media or testing.
|
| |
* Land any packages required for Changes planned for that release.
|
| |
|
| |
@@ -209,28 +228,30 @@
|
| |
This freeze is scheduled to run for the three weeks leading up to the release date,
|
| |
but lasts until the release is signed off, even if it is delayed.
|
| |
During the freeze builds will not be marked _stable_ and moved from
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_] to
|
| |
- link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_] to
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
(and hence included in the milestone release composes) except for those approved under the Fedora QA team
|
| |
- link:https://fedoraproject.org/wiki/QA:SOP_blocker_bug_process[blocker bug process] or
|
| |
- link:https://fedoraproject.org/wiki/QA:SOP_freeze_exception_bug_process[freeze exception bug process].
|
| |
+ https://fedoraproject.org/wiki/QA:SOP_blocker_bug_process[blocker bug process] or
|
| |
+ https://fedoraproject.org/wiki/QA:SOP_freeze_exception_bug_process[freeze exception bug process].
|
| |
Once the beta release is made, the freeze is lifted.
|
| |
- The link:https://fedoraproject.org/wiki/Milestone_freezes[Milestone freezes]
|
| |
+ The https://fedoraproject.org/wiki/Milestone_freezes[Milestone freezes]
|
| |
page provides more details and is the canonical reference in case of any conflict.
|
| |
|
| |
- Once the Beta Freeze starts, we are
|
| |
- attempting to stabilize the major versions of software that will be shipped with the final release
|
| |
- of the OS. Major updates can be tolerated, but breaking things for early testers should be avoided
|
| |
- if possible.
|
| |
+ Once the Beta Freeze starts,
|
| |
+ we are attempting to stabilize the major versions of software
|
| |
+ that will be shipped with the final release of the OS.
|
| |
+ Major updates can be tolerated,
|
| |
+ but breaking things for early testers should be avoided if possible.
|
| |
|
| |
During this period:
|
| |
|
| |
* All updates pulled into the release MUST fix an accepted blocker or freeze exception bug.
|
| |
* All updates still go to
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_].
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_].
|
| |
|
| |
- Repositories available: link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
+ Repositories available:
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
|
| |
[[beta-to-final-freeze]]
|
| |
=== Beta to Final Freeze
|
| |
@@ -242,8 +263,9 @@
|
| |
link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
repository at the time of the Final Freeze is the state it will be in for the final release.
|
| |
|
| |
- Repositories available: link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
+ Repositories available:
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
|
| |
[[final-freeze]]
|
| |
=== Final Freeze
|
| |
@@ -256,9 +278,10 @@
|
| |
and packages other than freeze exception / blocker fixes are queued for so called "zero day" updates,
|
| |
meaning they will be available in the _updates_ repository at the time of the release (day zero).
|
| |
|
| |
- Repositories available: link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates[_updates_],
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
+ Repositories available:
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates[_updates_],
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
|
| |
During this period:
|
| |
|
| |
@@ -266,9 +289,9 @@
|
| |
* All updates still go to
|
| |
link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_].
|
| |
* Once the link:https://fedoraproject.org/wiki/Repositories#updates[_updates_]
|
| |
- repository is available, builds marked as _stable_
|
| |
- will go there instead of to
|
| |
- link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_].
|
| |
+ repository is available,
|
| |
+ builds marked as _stable_ will go there instead of to
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_].
|
| |
|
| |
[[stable-releases]]
|
| |
== Stable Releases
|
| |
@@ -276,44 +299,50 @@
|
| |
[[philosophy]]
|
| |
=== Philosophy
|
| |
|
| |
- Releases of the Fedora distribution are like releases of the individual packages that compose it. A
|
| |
- major version number reflects a more-or-less stable set of features and functionality. As a result,
|
| |
- we should avoid major updates of packages within a stable release. Updates should aim to fix bugs,
|
| |
- and not introduce features, particularly when those features would materially affect the user or
|
| |
- developer experience. The update rate for any given release should drop off over time, approaching
|
| |
- zero near release end-of-life; since updates are primarily bugfixes, fewer and fewer should be
|
| |
- needed over time.
|
| |
-
|
| |
- This necessarily means that stable releases will not closely track the very latest upstream code for
|
| |
- all packages. We have Rawhide for that.
|
| |
-
|
| |
- Updates should be carefully considered with respect to their dependencies. An update that required
|
| |
- (or provided) a new Python ABI, for example, would almost certainly not be allowed. ABI changes in
|
| |
- general are very strongly discouraged, they force larger update sets on users and they make life
|
| |
- difficult for third-party packagers. Additionally, updates that convert resources or configuration
|
| |
- one way (i.e., from older->newer) should be approached with extreme caution as there would be much
|
| |
- less chance of backing out an update that did these things.
|
| |
-
|
| |
- Whenever possible packagers should work with upstream to come up with stable branch releases or
|
| |
- common patches for older releases, particularly when updating would require large dependency chain
|
| |
- updates.
|
| |
-
|
| |
- Repositories available: link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_],
|
| |
- https://fedoraproject.org/wiki/Repositories#updates[_updates_],
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
+ Releases of the Fedora distribution are like releases of the individual packages that compose it.
|
| |
+ A major version number reflects a more-or-less stable set of features and functionality.
|
| |
+ As a result, we should avoid major updates of packages within a stable release.
|
| |
+ Updates should aim to fix bugs, and not introduce features,
|
| |
+ particularly when those features would materially affect the user or developer experience.
|
| |
+ The update rate for any given release should drop off over time,
|
| |
+ approaching zero near release end-of-life;
|
| |
+ since updates are primarily bugfixes, fewer and fewer should be needed over time.
|
| |
+
|
| |
+ This necessarily means that stable releases will not
|
| |
+ closely track the very latest upstream code for all packages.
|
| |
+ We have Rawhide for that.
|
| |
+
|
| |
+ Updates should be carefully considered with respect to their dependencies.
|
| |
+ An update that required (or provided) a new Python ABI, for example,
|
| |
+ would almost certainly not be allowed.
|
| |
+ ABI changes in general are very strongly discouraged,
|
| |
+ they force larger update sets on users and they make life difficult for third-party packagers.
|
| |
+ Additionally, updates that convert resources or configuration one way (i.e., from older → newer)
|
| |
+ should be approached with extreme caution
|
| |
+ as there would be much less chance of backing out an update that did these things.
|
| |
+
|
| |
+ Whenever possible packagers should work with upstream to come up with stable branch releases
|
| |
+ or common patches for older releases,
|
| |
+ particularly when updating would require large dependency chain updates.
|
| |
+
|
| |
+ Repositories available:
|
| |
+ https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates[_updates_]
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
|
| |
During this period:
|
| |
|
| |
* All updates go to
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_].
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_].
|
| |
* Once <<karma-requirements>> are met, updates are moved to
|
| |
- link:https://fedoraproject.org/wiki/Repositories#updates[_updates_] repository.
|
| |
+ https://fedoraproject.org/wiki/Repositories#updates[_updates_] repository.
|
| |
|
| |
=== Exceptions
|
| |
|
| |
- Some classes of software will not fit in these guidelines. If your package does not fit in one of
|
| |
- the classes below, but you think it should be allowed to update more rapidly, propose a new
|
| |
- exception class to FESCo and/or request an exception for your specific update case.
|
| |
+ Some classes of software will not fit in these guidelines.
|
| |
+ If your package does not fit in one of the classes below,
|
| |
+ but you think it should be allowed to update more rapidly,
|
| |
+ propose a new exception class to FESCo and/or request an exception for your specific update case.
|
| |
|
| |
Note that you should open this dialog **before** you build or push updates.
|
| |
In the event that an issue is raised in the middle of an update already in progress,
|
| |
@@ -357,37 +386,36 @@
|
| |
* Time and resource constraints prevent the kernel maintainers from backporting all the bug fixes,
|
| |
security fixes and new hardware enablement we would need to maintain older, no longer supported kernels.
|
| |
|
| |
- * Additionally, multiple kernels can be installed/booted, allowing users to boot older kernels in
|
| |
- the event newer ones fail to work, and allowing time for kernel maintainers to fix any critical
|
| |
- bugs in new kernels on older stable releases.
|
| |
+ * Additionally, multiple kernels can be installed/booted,
|
| |
+ allowing users to boot older kernels in the event newer ones fail to work,
|
| |
+ and allowing time for kernel maintainers to fix any critical bugs in new kernels on older stable releases.
|
| |
|
| |
[[kde]]
|
| |
===== KDE
|
| |
|
| |
- Refer to the link:https://fedoraproject.org/wiki/SIGs/KDE/Update_policy[KDE update policy] for more
|
| |
- details
|
| |
+ Refer to the https://fedoraproject.org/wiki/SIGs/KDE/Update_policy[KDE update policy] for more details
|
| |
|
| |
===== Other packages
|
| |
|
| |
These packages are allowed to update in stable releases:
|
| |
|
| |
- * the document viewer `zathura` and the `girara` library (link:https://pagure.io/fesco/issue/1255[FESCo #1255]),
|
| |
+ * the document viewer `zathura` and the `girara` library (https://pagure.io/fesco/issue/1255[FESCo #1255]),
|
| |
* 3D printer control application `prusa-slicer` and the Cura stack (`CuraEngine` and other packages)
|
| |
- (link:https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
+ (https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
* Python code formatter `python-black`
|
| |
- (link:https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
+ (https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
* Python test executor `python-tox`
|
| |
- (link:https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
+ (https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
* command-line HTTP client `httpie`
|
| |
- (link:https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
+ (https://pagure.io/fesco/issue/2652[FESCo #2652]),
|
| |
* ownCloud Desktop Client `owncloud-client`
|
| |
- (link:https://pagure.io/fesco/issue/2652[FESCo #2652]).
|
| |
+ (https://pagure.io/fesco/issue/2652[FESCo #2652]).
|
| |
* KiCad EDA Software Suite `kicad`, `kicad-packages3d`, and `kicad-doc`
|
| |
- (link:https://pagure.io/fesco/issue/2762[FESCo #2762]).
|
| |
+ (https://pagure.io/fesco/issue/2762[FESCo #2762]).
|
| |
* HTTP parsing library `llhttp`
|
| |
- (link:https://pagure.io/fesco/issue/3115[FESCo #3115]).
|
| |
+ (https://pagure.io/fesco/issue/3115[FESCo #3115]).
|
| |
* Automatic Let's Encrypt SSL tool `certbot`
|
| |
- (link:https://pagure.io/fesco/issue/3124[FESCo #3124]).
|
| |
+ (https://pagure.io/fesco/issue/3124[FESCo #3124]).
|
| |
|
| |
[[security-fixes]]
|
| |
==== Security fixes
|
| |
@@ -401,21 +429,18 @@
|
| |
* Avoid Major version updates, AI breakage, or API changes if at all possible
|
| |
* Avoid changing the user or developer experience if at all possible
|
| |
|
| |
- FESCo will review the ticket in a timely manner and give guidance as to how the package
|
| |
- maintainer(s) should proceed. By way of information, several common items that would make it less
|
| |
- likely for FESCo to grant a rebase request are listed below. Please note, however, that this list is
|
| |
- not exhaustive.
|
| |
-
|
| |
- FESCo will be less likely to grant a rebase request if:
|
| |
+ FESCo will review the ticket in a timely manner
|
| |
+ and give guidance as to how the package maintainer(s) should proceed.
|
| |
+ Several common items that would make it less likely for FESCo to grant a rebase request are listed below.
|
| |
+ Please note, however, that this list is not exhaustive.
|
| |
|
| |
* The update requires user or administrator intervention to keep working
|
| |
* The update requires configuration files or databases or other resources to convert to a new format
|
| |
- * The update causes policy or behavior changes (such as when something that was previously denied is
|
| |
- now allowed, etc.)
|
| |
- * The update changes the way the end user interacts with the user interface (such as moving menus or
|
| |
- buttons to a new location, changing names of command-line arguments, etc.)
|
| |
- * The rebase only addresses issues that are likely to affect a subjectively small number of Fedora
|
| |
- users
|
| |
+ * The update causes policy or behavior changes
|
| |
+ (such as when something that was previously denied is now allowed, etc.)
|
| |
+ * The update changes the way the end user interacts with the user interface
|
| |
+ (such as moving menus or buttons to a new location, changing names of command-line arguments, etc.)
|
| |
+ * The rebase only addresses issues that are likely to affect a subjectively small number of Fedora users
|
| |
|
| |
[[packages-with-exceptions-granted]]
|
| |
===== Packages with Exceptions Granted
|
| |
@@ -425,57 +450,64 @@
|
| |
[[interoperability]]
|
| |
==== Interoperability
|
| |
|
| |
- If a package primarily serves to interoperate with hardware or network protocols, and the interface
|
| |
- changes, then a package may be rebased if necessary. This includes network games, IM protocols,
|
| |
- hardware music players, cell phones, etc. These packages may also be updated to add support for new
|
| |
- devices or formats in compatible ways.
|
| |
+ If a package primarily serves to interoperate with hardware or network protocols,
|
| |
+ and the interface changes,
|
| |
+ then a package may be rebased if necessary.
|
| |
+ This includes network games, IM protocols, hardware music players, cell phones, etc.
|
| |
+ These packages may also be updated to add support for new devices or formats in compatible ways.
|
| |
|
| |
Examples of this type of package:
|
| |
- link:https://src.fedoraproject.org/rpms/libopenraw[``libopenraw``],
|
| |
- link:https://src.fedoraproject.org/rpms/libimobiledevice[``libimobiledevice``],
|
| |
- link:https://src.fedoraproject.org/rpms/calibre[``calibre``],
|
| |
- link:https://src.fedoraproject.org/rpms/pilot-link[``pilot-link``]
|
| |
+
|
| |
+ * https://src.fedoraproject.org/rpms/libopenraw[``libopenraw``]
|
| |
+ * https://src.fedoraproject.org/rpms/libimobiledevice[``libimobiledevice``]
|
| |
+ * https://src.fedoraproject.org/rpms/calibre[``calibre``]
|
| |
+ * https://src.fedoraproject.org/rpms/pilot-link[``pilot-link``]
|
| |
|
| |
[[database-packages]]
|
| |
==== Database packages
|
| |
|
| |
- Packages like virus scanners and spam filters typically have two components: a rules engine and a
|
| |
- database. The database is expected to update frequently (sometimes not through the normal OS update
|
| |
- mechanisms), but the rules engine is usually fairly static. However, if the maintained database
|
| |
- changes to require a new version of the rules engine, then the package may be a candidate for
|
| |
- rebasing.
|
| |
+ Packages like virus scanners and spam filters typically have two components:
|
| |
+ a rules engine and a database.
|
| |
+ The database is expected to update frequently (sometimes not through the normal OS update mechanisms),
|
| |
+ but the rules engine is usually fairly static.
|
| |
+ However, if the maintained database changes to require a new version of the rules engine,
|
| |
+ then the package may be a candidate for rebasing.
|
| |
|
| |
Examples of this type of package:
|
| |
- link:https://src.fedoraproject.org/rpms/spamassassin[``spamassassin``],
|
| |
- link:https://src.fedoraproject.org/rpms/clamav[``clamav``]
|
| |
+
|
| |
+ * https://src.fedoraproject.org/rpms/spamassassin[``spamassassin``]
|
| |
+ * https://src.fedoraproject.org/rpms/clamav[``clamav``]
|
| |
|
| |
[[examples]]
|
| |
==== Examples
|
| |
|
| |
- * Mozilla releases Firefox 4.0.1 with a security fix. Fedora 12 is shipping with 3.0.7, and though
|
| |
- the bug is also present there, the fix in 4.0.1 does not apply because that part of the browser
|
| |
- has been completely rewritten. Rebasing to 4.0.1 would be allowed since this is a security fix.
|
| |
+ * Mozilla releases Firefox 4.0.1 with a security fix.
|
| |
+ Fedora 12 is shipping with 3.0.7, and though the bug is also present there,
|
| |
+ the fix in 4.0.1 does not apply because that part of the browser has been completely rewritten.
|
| |
+ Rebasing to 4.0.1 would be allowed since this is a security fix.
|
| |
|
| |
- * automake releases a new version that changes some warning conditions to errors. This would break
|
| |
- the build process for existing packages, and would not be allowed.
|
| |
+ * automake releases a new version that changes some warning conditions to errors.
|
| |
+ This would break the build process for existing packages, and would not be allowed.
|
| |
|
| |
- * AOL changes their instant messenger protocol in a way that requires an update to libpurple. The
|
| |
- only upstream version of libpurple that supports the new protocol is an ABI break relative to the
|
| |
- version in the current Fedora release. Rebasing would be allowed since this is an interoperability
|
| |
- requirement.
|
| |
+ * AOL changes their instant messenger protocol in a way that requires an update to libpurple.
|
| |
+ The only upstream version of libpurple that supports the new protocol
|
| |
+ is an ABI break relative to the version in the current Fedora release.
|
| |
+ Rebasing would be allowed since this is an interoperability requirement.
|
| |
|
| |
- * Abiword releases a new version that adds compatibility with WordStar 4.0 documents. It also
|
| |
- completely updates the user interface to use pie menus. This would be a feature enhancement with a
|
| |
- major user experience change, and would not be allowed.
|
| |
+ * Abiword releases a new version that adds compatibility with WordStar 4.0 documents.
|
| |
+ It also completely updates the user interface to use pie menus.
|
| |
+ This would be a feature enhancement with a major user experience change, and would not be allowed.
|
| |
|
| |
- * WebKit requires an update to solve a security problem. This requires updating Midori to a version
|
| |
- with some minor menu layout changes. This would be a judgment call based on how intrusive the
|
| |
- changes are (removing the File menu would be rude, but moving the plugin configuration menu item
|
| |
- would be acceptable).
|
| |
+ * WebKit requires an update to solve a security problem.
|
| |
+ This requires updating Midori to a version with some minor menu layout changes.
|
| |
+ This would be a judgment call based on how intrusive the changes are
|
| |
+ (removing the File menu would be rude,
|
| |
+ but moving the plugin configuration menu item would be acceptable).
|
| |
|
| |
* Firefox releases an update that only contains changes for other platforms.
|
| |
This update could be pushed to Rawhide (to keep up with the latest version),
|
| |
- but should not be pushed to stable releases, as it does no good to our users
|
| |
+ but should not be pushed to stable releases,
|
| |
+ as it does no good to our users
|
| |
and wastes resources to build, update, mirror, and download to our users.
|
| |
|
| |
* Terminal fails to build from source when tested in a mass rebuild.
|
| |
@@ -491,7 +523,8 @@
|
| |
An exception for this type of update would need to consider:
|
| |
ability to backport major fixes/security issues,
|
| |
type and amount of bugs fixed,
|
| |
- ability to not update other parts of Fedora for this update (i.e., avoid Qt or other base library ABI changes),
|
| |
+ ability to not update other parts of Fedora for this update
|
| |
+ (i.e., avoid Qt or other base library ABI changes),
|
| |
amount of testing and end user visible changes.
|
| |
An exception like this would be on a case by case basis, based on all the above.
|
| |
|
| |
@@ -499,66 +532,76 @@
|
| |
== Karma requirements
|
| |
|
| |
This section describes the requirements for an update before it may be pushed
|
| |
- from link:https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
- to link:https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
+ from https://fedoraproject.org/wiki/Repositories#updates-testing[_updates-testing_]
|
| |
+ to https://fedoraproject.org/wiki/Repositories#fedora[_fedora_]
|
| |
or https://fedoraproject.org/wiki/Repositories#updates[_updates_].
|
| |
The requirements are based on (the sum of)
|
| |
- link:https://fedoraproject.org/wiki/Bodhi[Bodhi] karma points
|
| |
+ https://fedoraproject.org/wiki/Bodhi[Bodhi] karma points
|
| |
and the number of days the update has spent in _updates-testing_ repository.
|
| |
|
| |
The push may be either by the maintainer, or automatically by Bodhi:
|
| |
|
| |
- * The update becomes **eligible for being pushed manually** after reaching the _minimum_ "Stable by Karma" threshold
|
| |
- for Critical path updates (yes, the same limit applies to both types of updates),
|
| |
+ * The update becomes **eligible for being pushed manually**
|
| |
+ after reaching the _minimum_ "Stable by Karma" threshold for Critical path updates
|
| |
+ (yes, the same limit applies to both types of updates),
|
| |
OR the _minimum_ "Stable by Time" threshold.
|
| |
- * The update will be **pushed automatically** by Bodhi after reaching the _configured_ "Stable by Karma" threshold,
|
| |
- OR the _configured_ "Stable by Time" threshold,
|
| |
- if enabled ("Auto-request stable based on karma?" and "Auto-request stable based on time?").
|
| |
+ * The update will be **pushed automatically** by Bodhi
|
| |
+ after reaching the _configured_ "Stable by Karma" threshold,
|
| |
+ OR the _configured_ "Stable by Time" threshold, if enabled
|
| |
+ ("Auto-request stable based on karma?" and "Auto-request stable based on time?").
|
| |
* If the update has _any_ negative karma, the automatic push is disabled.
|
| |
* If the update reaches the "Unstable by Karma" threshold, it will be unpushed,
|
| |
i.e. removed from the _updates-testing_ repository.
|
| |
|
| |
- The maintainer is free to set the thresholds, but they cannot be lower than the minimum values described below,
|
| |
+ The maintainer is free to set the thresholds,
|
| |
+ but they cannot be lower than the minimum values described below,
|
| |
enforced by Bodhi.
|
| |
- The defaults are adequate for most packages, so usually there is no need to modify the thresholds.
|
| |
+ The defaults are adequate for most packages,
|
| |
+ so usually there is no need to modify the thresholds.
|
| |
|
| |
*Security updates* are subject to the same thresholds as other updates.
|
| |
|
| |
[[non-critpath-updates]]
|
| |
=== Non-critical path update thresholds
|
| |
|
| |
- Stable by Karma: minimum +1, default +3, between <<updates-testing-activation>> and <<beta-freeze>> +
|
| |
- minimum +2, default +3, after <<beta-freeze>> +
|
| |
- Unstable by Karma: maximum -1, default -3 +
|
| |
- Stable by Time (days): minimum 3, default 3, between <<updates-testing-activation>> and <<beta-freeze>> +
|
| |
- minimum 7, default 7, after <<beta-freeze>>
|
| |
+ * Stable by Karma:
|
| |
+ ** between <<updates-testing-activation>> and <<beta-freeze>>: minimum +1, default +3
|
| |
+ ** after <<beta-freeze>>: minimum +2, default +3
|
| |
+ * Unstable by Karma: maximum -1, default -3
|
| |
+ * Stable by Time (days):
|
| |
+ ** between <<updates-testing-activation>> and <<beta-freeze>>: minimum 3, default 3
|
| |
+ ** after <<beta-freeze>>: minimum 7, default 7
|
| |
|
| |
[[critpath-updates]]
|
| |
=== Critical path and EPEL update thresholds
|
| |
|
| |
"Critical path" updates contain at least one
|
| |
- link:https://fedoraproject.org/wiki/Critical_path_package[critical path package]. +
|
| |
+ https://fedoraproject.org/wiki/Critical_path_package[critical path package].
|
| |
Changes to this definition may only be made by xref:index.adoc[FESCo] or their delegate.
|
| |
|
| |
- Stable by Karma: minimum +1, default +3, between <<updates-testing-activation>> and <<beta-freeze>> +
|
| |
- minimum +2, default +3, after <<beta-freeze>> +
|
| |
- Unstable by Karma: maximum -1, default -3 +
|
| |
- Stable by Time (days): minimum 3, default 3, between <<updates-testing-activation>> and <<beta-freeze>> +
|
| |
- minimum 14, default 14, after <<beta-freeze>>
|
| |
+ * Stable by Karma:
|
| |
+ ** between <<updates-testing-activation>> and <<beta-freeze>>: minimum +1, default +3
|
| |
+ ** after <<beta-freeze>>: minimum +2, default +3
|
| |
+ * Unstable by Karma: maximum -1, default -3
|
| |
+ * Stable by Time (days):
|
| |
+ ** between <<updates-testing-activation>> and <<beta-freeze>>: minimum 3, default 3
|
| |
+ ** after <<beta-freeze>>: minimum 14, default 14
|
| |
|
| |
[[problems-or-issues-with-updates]]
|
| |
== Problems or issues with Updates
|
| |
|
| |
- In an effort to learn from any mistakes made, in the event of a update causing a widespread or
|
| |
- serious problem for Fedora users, please file a link:https://pagure.io/fesco/new_issue[FESCo ticket]. FESCo will discuss and try and
|
| |
- work to prevent the issue from happening again. A past record of such issues can be found at
|
| |
- link:https://fedoraproject.org/wiki/Updates_Lessons[Updates Lessons].
|
| |
+ In an effort to learn from any mistakes made,
|
| |
+ in the event of a update causing a widespread or serious problem for Fedora users,
|
| |
+ please file a https://pagure.io/fesco/new_issue[FESCo ticket].
|
| |
+ FESCo will discuss and try and work to prevent the issue from happening again.
|
| |
+ A past record of such issues can be found at
|
| |
+ https://fedoraproject.org/wiki/Updates_Lessons[Updates Lessons].
|
| |
|
| |
[[openqa]]
|
| |
- link:https://openqa.fedoraproject.org[OpenQA] tests critpath updates in stable releases and compose artifacts
|
| |
+ https://openqa.fedoraproject.org[OpenQA] tests critpath updates in stable releases and compose artifacts
|
| |
for Rawhide/branched composes/release candidates.
|
| |
|
| |
[[fedora-ci]]
|
| |
- link:https://docs.fedoraproject.org/en-US/ci/[Fedora CI] runs tests on all Bodhi updates. If package
|
| |
- maintainers have marked the tests as blocking, the Bodhi update will be blocked
|
| |
- from going stable.
|
| |
+ https://docs.fedoraproject.org/en-US/ci/[Fedora CI] runs tests on all Bodhi updates.
|
| |
+ If package maintainers have marked the tests as blocking,
|
| |
+ the Bodhi update will be blocked from going stable.
|
| |
oturpe
commented a month ago
See individual commits for more details.
Updates Policy still has many Wiki links, too many that I could check them now. Maybe later.