On Mon, Jul 9, 2012 at 12:19 PM, Simon Riggs <simon@2ndquadrant.com> wrote:
> On 9 July 2012 10:44, Dave Page <dpage@pgadmin.org> wrote:
>
>> It gets pushed periodically when I remember to do it (or someone
>> reminds me), which I guess you've forgotten given that we've had this
>> exact same discussion before.
>
> That highlights a key flaw.
>
> If we distribute RPMs then the SRPMs should exactly match. If they
> don't, that's a pretty serious set of bugs we're introducing.
>
> Can I suggest that the process be changed? Push the SRPM code, then
> generate RPMs from the released SRPM code. That way there is no
> opportunity to forget anything. This is a substantial security
> concern, not just a forgotten task.
>
> Perhaps it would be useful to have a "build farm" that builds the RPMs
> from SRPMs automatically, then we will have no need for manually
> updating the RPMs at all. (And I mean build all binaries from publicly
> available build scripts).
We're not talking about RPMs here.
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company