updates policy for patch 'tuesdays':
Principle:
Updates should occur at regular intervals by and large. Not everyday and not haphazardly. Security and critical bugfixes should be issued asynchronously, but feature updates, new pkgs and non-critical bugfixes should be issued once a month for the duration of the distros supported lifetime.
specific rules:
- security, critical and high-impact bug fixes can be issued asychronously. FULL STOP.
- if the above require changes/rebuilds to other pkgs then those others pkgs will be included in the async update provided that, if they are an update beyond a rebuild then they have passed a qa check
- all other updates can be included in the monthly update push provided:
- they have passed testing karma checks
- they have passed autoqa checks
- it is not a bugfix(not including rfes) and update falls within the critical path or critical path dependencies, then it cannot be included.
- any other requirement or exception that fesco decides on.
All of the above rules apply only within the rules of Stable Updates Policy.
definitions:
critical-bug: loses/corrupts data, makes system inaccessible, makes system unable to receive updates,
high-user-impact-bug: bug which fundamentally impacts the use of a package/application in a critical-path or critical-path-dependencies
security: has a cve or security notice defined with it
bug: a bug in the software not covered by critical-bug definition NOT INCLUDING Requests For Enhancements (RFEs)