Thursday, 12 March 2015

Re: Ease of enabling -proposed

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brian Murray wrote on 11/03/15 17:32:
>
> Reviewing crash reports in the Ubuntu Error Tracker and bug
> reports in Launchpad, I've noticed quite a few tagged
> "package-from-proposed". This tag is added by apport when the
> installed package version is available from -proposed and not from
> -security or -updates. I'm even seeing these from users of Vivid.

This is a symptom of "Too easy to activate the proposed repository"
<http://launchpad.net/bugs/254584>.

However, those error reports should not be disregarded in error
tracker statistics. If some proportion of Ubuntu users turn on
- -proposed when they shouldn't, that is a real influence on the average
reliability of Ubuntu as people actually experience it.

> Evan suggested removing the "Pre-released updates
> ($release-proposed)" checkbox from software-properties-gtk,
> thereby preventing accidental enabling of it.

In the design linked from that bug report, I replaced the checkboxes
with a menu containing three or four options:
* "All updates" (the default, -security + -updates + -backports)
* "Security and recommended updates" (-security + -updates)
* "Security updates only" (-security)
* "Custom" if current config is anything else, e.g. with -proposed.

This would also make it much harder for people to make mistakes like
having -backports turned on but -security turned off.

You could implement this change independently from the rest of the design.

> I think this should definitely be done for the development release
> of Ubuntu. I also think it would be a good idea for Stable
> Releases given that there is no indication in software-properties
> what any of the pockets are for and given that packages in
> -proposed are not regularly cleaned up so may contain packages
> which have either failed verification or not had the bug fix
> verified.
>
> One argument I might have made for leaving the checkbox would be
> to make it easier for people to participate in the SRU
> verification process, but I don't having people unintentionally
> enable it is worth that.

I have a design for making that easier, too. :-)
<https://wiki.ubuntu.com/ContributorConsole#updates>

- --
mpt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlUBeg4ACgkQ6PUxNfU6ecrG0gCgzT3GkU+58V3/lK4TriHi/+aN
4ycAnR0x1q81QldIoMBGyyyNPCyjFywi
=0/xx
-----END PGP SIGNATURE-----

--
ubuntu-devel mailing list
[email protected]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel