Hi Otto!
On Wed, Sep 04, 2024 at 11:20:48PM -0700, Otto Kekäläinen wrote:
> > You can find the new documentation here[3]:
> > https://canonical-sru-docs.readthedocs-hosted.com/en/latest/
>
> I read all of this and as a person with plenty of Ubuntu stale
> security update experience, reading the SRU process was easy and
> enlightening. Thanks for writing this!
Thank you for the praise!
> There are a bunch of incomplete sections and todo type of items and
> comments in brackets ([]), but for a draft, everything looked good.
> One thing I'd like to see more is links to past exemplary SRU uploads.
> As a person doing packaging, it is always nice to be able to read the
> exact changelog entries and bug report contents and track the package
> statuses to learn how and when things happened in detail and to learn
> from curated examples.
Thanks! I think this is a great suggestion and filed
https://bugs.launchpad.net/sru-docs/+bug/2080644 to track it.
I'm trying to make at least one improvement to the SRU docs a week. As
you noted, there are very obvious gaps currently, so I'm trying to
tackle those first without worrying about specific bugs for them.
> As a side note, the page about Package-specific notes links to
> https://wiki.ubuntu.com/StableReleaseUpdates#Documentation_for_Special_Cases,
> but I don't see anything about MySQL or MariaDB there. In reality we
> have been doing MySQL and MariaDB stable updates and security updates
> for years. I tried to search for the microrelease approvals from old
> mailing list archives, but I didn't find them - I am however pretty
> confident that they exist. MariaDB also a special mention in the
> security release process docs:
> https://wiki.ubuntu.com/SecurityTeam/PublicationNotes#Sponsoring_MariaDB_Security_Updates.
You're right - there was a MySQL approval that's been lost. It
technically still exists but predates the current index. The original
thread is here:
https://lists.ubuntu.com/archives/technical-board/2014-February/001812.html
In practice it doesn't get used much because nearly every MySQL update
comes through the security process instead. If someone would like to add
this historical approval to the wiki though, please feel free!
I'm not aware of a specific equivalent for MariaDB, but if one is needed
for SRU purposes, we can certainly consider it. For security updates, it
looks like you have a workflow agreed with the security team, which is
great.
> Nice to see documentation being worked on! For the "inner circle" the
> process is probably pretty clear, but to attract new contributors,
> having clear documentation is foundational.
Thanks!
> I also have some suggestions on how to ensure there are no surprising
> changes in the uploads, but I will write a technical suggestion about
> that later. I also assume this doc is now being written to document
> current status, and perhaps not the forum for discussing process
> changes.
We'd love to hear your suggestions! I think it's fine to discuss SRU
process changes on this list. But perhaps in another thread? :)
Robie