Re: [Phpgroupware-developers] CVS branches tags policy ... risks for end

phpgroupware-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Phpgroupware-developers] CVS branches tags policy ... risks for end

From:	Chris Weiss
Subject:	Re: [Phpgroupware-developers] CVS branches tags policy ... risks for end users applying patches with cvs update ?
Date:	Tue, 16 Mar 2004 14:32:47 +0000

I don't know the policy for the release tag, I think it's only purpose if to
provide a "point in time" checkout for the files in the tarball.  Nothing ever
get commited back to this.

All development, including interim security patches, are done on the branch.
Everything in the tarball has the branch tag and nothing has the release tag
since it's taged afterwards.

HEAD is anyones game, it's not for production use and is often broken except
for when we're really close to make a RC and giving the code a new branch tag.

On a stock tarball, it's always perfectly safe to run a cvs update -dPC on it.

Olivier Berger (address@hidden) wrote:
>
> Hi.
>
> <disclaimer>I'm a user and not a developper, so pardon me if I mess with
> other people's business.</disclaimer>
>
> I'm considering the process suggested for users to apply "security" or
> other fixes patches in phpgroupware (namely using cvs updates in the
> contents of the initial tarball)...
>

>
> I'm wondering if there is a specific policy you apply for CVS tags
> relating to the branches on released versions, and would like to be sure
> that there's no issue with applying the "security" updates suggested by
> the phpGroupware docs.
>
>
> If I get the picture right, the updates concerning the 0.9.16-001
> version are available using the Version-0_9_16-branch checkout tag.
>
> But if I look at the sources, I'm surprised to see that only a few
> elements are tagged with this branch tag...
>
> So I assume that the policy in the project is to tag only when the HEAD
> commits won't apply safely to "patches" on the released version any
> longer, and assume, then, that every commits on the HEAD will be
> properly applied to the user's installed versions when they do a cvs
> update under their untar'd copy.
>
>
> It seems quite optimistic to me, unless every phpgw developper
> understand this very clearly, and I wonder if a more conservative
> approach wouldn't be more secure for the users, that is to tag every
> elements both with the release tag (Version-0_9_16-000) and the
> corresponding branch tag (Version-0_9_16-branch), and potentially move
> the branch tag on the HEAD branch at some time if HEAD modification
> apply safely.
>
>
> I hope I made my point clear enough, and am looking forward to hearing
> from you.
>
> Best regards.
>
>
>
> _______________________________________________
> Phpgroupware-developers mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpgroupware-developers] CVS branches tags policy ... risks for end users applying patches with cvs update ?, Olivier Berger, 2004/03/16
- Re: [Phpgroupware-developers] CVS branches tags policy ... risks for end users applying patches with cvs update ?, Chris Weiss <=
  - Re: [Phpgroupware-developers] CVS branches tags policy ... risks for end users applying patches with cvs update ?, Olivier Berger, 2004/03/16

Prev by Date: Re: [Phpgroupware-developers] no filemanager on debian
Next by Date: Re: [Phpgroupware-developers] no filemanager on debian
Previous by thread: [Phpgroupware-developers] CVS branches tags policy ... risks for end users applying patches with cvs update ?
Next by thread: Re: [Phpgroupware-developers] CVS branches tags policy ... risks for end users applying patches with cvs update ?
Index(es):
- Date
- Thread