bug#43075: Prioritize providing substitutes for security-critical packag

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#43075: Prioritize providing substitutes for security-critical packag

From:	Ludovic Courtès
Subject:	bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times
Date:	Fri, 11 Sep 2020 08:56:20 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

Hi,

zimoun <zimon.toutoune@gmail.com> skribis:

> On Thu, 10 Sep 2020 at 10:01, Ludovic Courtès <ludo@gnu.org> wrote:
>> chaosmonk <chaosmonk@riseup.net> skribis:
>
>> > I don't know what Guix's CI system looks like or how packages are
>> > queued for building, but if there is a way to prioritize builds for
>> > certain packages, I propose that substitutes for packages like
>> > ungoogled-chromium should be built as soon as possible once there is a
>> > new version.  Other security-critical packages with potentially long
>> > build times that come to mind are icecat and linux-libre.
>
>> Right now we’re trying to improve build throughput in general but your
>> proposal makes sense, of course.
>
> The recent updates of ungoogled-chromium do not mention [security
> updates].  Well, I do not know if they are.  So the question would be:
> what triggers the special security build?

To me the proposal is more about introducing scheduling priorities.  For
these packages, it’s indeed safe to assume that every new release brings
security fixes.

Thanks,
Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Ludovic Courtès, 2020/09/10
- bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, zimoun, 2020/09/10
  - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Bengt Richter, 2020/09/10
  - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Mason Hock, 2020/09/10
  - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Ludovic Courtès <=
    - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, zimoun, 2020/09/11
    - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Ricardo Wurmus, 2020/09/11
    - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Leo Famulari, 2020/09/11
    - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Dr. Arne Babenhauserheide, 2020/09/11
    - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Ludovic Courtès, 2020/09/11
- bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Mason Hock, 2020/09/10
  - bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times, Ludovic Courtès, 2020/09/11

Prev by Date: bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times
Next by Date: bug#41668: Failing test: gui-installed-desktop-os-encrypted
Previous by thread: bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times
Next by thread: bug#43075: Prioritize providing substitutes for security-critical packages with potentially long build times
Index(es):
- Date
- Thread