On Sat, 27 Mar 2021 at 13:42, Léo Le Bouter <lle-b...@zaclys.net> wrote: > On Sat, 2021-03-27 at 13:29 +0100, zimoun wrote: >> And as I said elsewhere, “to me, security is important. But it's >> no less important than everything *else* that is also important!“, so >> personally I am not convinced that security updates deserve a special >> treatment compared to a regular update. That’s my opinion. :-) > > You can't think this, security updates have prioritized channel of > distribution in every other GNU/Linux distribution, we in GNU Guix > created grafts for it, it's not possible to not ship security updates > promptly, it puts all users at risk.
Oh, I am a big boy and I can think whatever I want! :-) Kidding aside. First, what does it mean «risk»? How do you evaluate it? Is it a relative evaluation or an absolute one? Second, I am not arguing that security is not important. I am saying that security is important, as important as everything else that is also important. What does it mean «important»? How do you evaluate it? Is it a relative evaluation or an absolute one? Third, I am aligned with Leo’s words [1]. And probably with yours too. :-) To me, a better security is not implied by special treatments for security fixes but instead a better treatment for the updates in general. You are proposing a new branch and Chris and I are saying that this branch already exists and is staging. The real question is to know how staging currently behaves: how many time between 2 merges? how many time to rebuild? how many packages are rebuilt between 2 merges? etc. Is it enough? If not, what could be done to improve? etc. 1: <https://yhetil.org/guix/yfedt%2fpud2zec6%...@jasmine.lan/> Cheers, simon
