|author||intrigeri <firstname.lastname@example.org>||2016-05-21 12:42:38 +0000|
|committer||intrigeri <email@example.com>||2016-05-21 12:42:38 +0000|
Import from the blueprint the explanation why we need to tackle the freeze exceptions problem.
3 files changed, 33 insertions, 2 deletions
diff --git a/wiki/src/contribute/APT_repository.mdwn b/wiki/src/contribute/APT_repository.mdwn
index 4f9e2e0..3aa4539 100644
@@ -78,7 +78,7 @@ except:
A given APT repository snapshot is immutable after it's been taken.
-[[deal with freeze exception separately|contribute/APT_repository/freeze exception]].
+[[deal with freeze exceptions separately|contribute/APT_repository/time-based_snapshots#design-freeze-exceptions]].
We want to have reproducible builds some day. Therefore, the APT
`sources.list` shipped in the ISO must be stable across rebuilds from
diff --git a/wiki/src/contribute/APT_repository/freeze_exception.mdwn b/wiki/src/contribute/APT_repository/freeze_exception.mdwn
deleted file mode 100644
@@ -1 +0,0 @@
-XXX: document <https://tails.boum.org/blueprint/freezable_APT_repository/#freeze-exceptions>
diff --git a/wiki/src/contribute/APT_repository/time-based_snapshots.mdwn b/wiki/src/contribute/APT_repository/time-based_snapshots.mdwn
index db58044..dea2e01 100644
@@ -280,3 +280,35 @@ becomes fatal some day, it will be possible to turn it back into
a warning via configuration. This affects only development builds
since we're not going to configure APT _in the Tails ISO_ to point to
our own snapshots of the Debian archive anyway.
+## Freeze exceptions
+This is a new problem brought by using "frozen" snapshot of APT
+repositories during a Tails code freeze: some bug, that we want to see
+fixed in the release we are preparing, would be resolved if we pulled
+an upgraded package as-is from a freshest Debian APT repository.
+Before we could freeze APT repositories, we would have got this bugfix
+for free. Now we need to grant freeze exceptions.
+This is similar to "Upgrading to a new snapshot", except that we want
+to upgrade one package only. By definition, this only affects *frozen*
+release branches (`stable`, `testing`), and topic branches based on
+them: all other branches use the freshest set of APT repository
+Most of the time, a bugfix branch we want to merge into a frozen
+release branch doesn't need to upgrade packages from Debian, so this
+is a corner case for the time being. Moreover, so far we have always
+dealt with this problem entirely by hand, so it's not critical to
+provide much improved tools. What makes it tempting to improve the
+situation here is mostly:
+ * even though freeze exceptions will remain exceptions, frozen will
+ add one use case:
+ * this will become a relatively common operation if we are based on
+ Debian testing some day, so let's check that it's not only
+ possible, but also reasonably easy to handle with this design
+ (otherwise we may have to switch to more powerful tools, such as
+ dak + britney).