1. Forum
  2. Usenet
  3. LINUX.DEBIAN.PROJECT

  • Re: Debian Update Cycle

    From tomas@tuxteam.de@21:1/5 to All on Fri Mar 25 07:30:01 2022
    On Thu, Mar 24, 2022 at 10:27:42PM +0100, phil995511 - wrote:
    Hello,

    Don't you think it would be smart to integrate all the updates contained in the Backports directory with each new minor update of our favorite OS ? For example for the versions 11.3, 11.4, etc ?

    That's not the point of "stable". Stable means roughly "major versions of installed software don't change" [1]. There may be rare exceptions to it,
    for security issues which can't be fixed otherwise.

    The idea is that the rest of the system can rely on its dependencies not changing under it. With binary packages you do have lots of interdependencies, so changing the version of e.g. one library may force you to change lots
    of other packages.

    Backports is for those who need a newer version of some package in an
    otherwise stable installation. They know the risk, they take it explicitly.

    Cheers

    [1] that's actually what the term "stable" means: the package
    versions are stable. It's not just a fancy marketing term
    as in "Rock Solid [TM]" or "Unbreakable [TM]"
    --
    t

    -----BEGIN PGP SIGNATURE-----

    iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCYj1fNQAKCRAFyCz1etHa RiagAJ98amsP9KvYbGGAZo/9sFWVbdRZ5wCfR+bpAVSOOQcIO/An+PbgepHv12g=
    =MArw
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Elena ``of Valhalla'' Grandi@21:1/5 to All on Fri Mar 25 09:20:01 2022
    On 2022-03-24 at 22:27:42 +0100, phil995511 - wrote:
    Don't you think it would be smart to integrate all the updates contained in the Backports directory with each new minor update of our favorite OS ? For example for the versions 11.3, 11.4, etc ?
    [...]
    It would seem to me to strengthen the overall security of Debian, with less effort/labor.

    With my user hat on, this would completely break Debian for my usecase.

    I trust Debian stable to provide me with a stable api that I can trust
    not to change during the distro lifetime, while getting way more security
    fixes than I would have by using a language-native package manager and
    fixed dependency versions.

    Adding the changes from backport to each point release would force me to
    stop updating the whole distribution, leading to a much *worse* security
    state.

    This would make Debian easily compatible with all the new devices
    available, without having to use the line of code too much... it would therefore make Debian more accessible to all non-experienced Linux users. [...]

    For device support usually it is enough to install just the kernel from backports, but that is also only needed on very recent hardware, so a
    small fraction of all debian uses. And then non-experienced users would
    still get unusable hardware because it requires non-free components, so
    it wouldn't really change their experience.

    If the relevant team wasn't already overworked, I could see how adding
    the kernel from backports to the unofficial non-free image could maybe
    be useful, while having a much lower impact on the overall distribution,
    but that's not something I'm interested in, so I'm not volunteering to
    do any work on that :)

    --
    Elena ``of Valhalla''

    -----BEGIN PGP SIGNATURE-----

    iQEzBAABCAAdFiEEY8n6rGg5PpTPkl4ZcL0i0xEjtDEFAmI9eSkACgkQcL0i0xEj tDHEBgf9HkHwwg+FEJ2tR1xle2hfPJ1H83BZSOepoVHBW9Z9NyYjYnP+RPJmliHm x6HxMPL4UHPd50NwvYXWJ0eHB/yno1Nkpu+i+fRzvdpcGmYG0llFf3qGm+Y1FeBf 6DRYI5BAI8m0F34OKv74S5iePK6bLHAyN+BH49swfCKq91EyW/H2nFYqGpuzqqpQ 0Rw7UMIpt9NlPw979jWO514HsBywTXu5bCv3j/coTq73+CO9EPUWyGRBuhjvf53V T8/V+xfCzoUY72lLEmx2edsq2BUTFmY+1D/wi+2Na3o6QKW06hhtjtbmE/u9r7IA bXo16BOHCMV5ov+CmS5tUt1ltSLVvQ==
    =pFF8
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)