2015-05-29 18:30 GMT+02:00 Jeremy Stanley <fu...@yuggoth.org>: > On 2015-05-29 16:30:12 +0100 (+0100), Dave Walker wrote: >> This is generally my opinion as-well, I always hoped that *every* >> commit would be considered a release rather than an arbitrary >> tagged date. > [...] > > If we switch away from lockstep major/minor release versioning > anyway (again separate discussion underway but seems a distinct > possibility) then I think the confusion over why stable point > releases are mismatched becomes less of an issue. At that point we > may want to reconsider and actually tag each of them with a > sequential micro (patch in semver terminology) version bump. Could > help in communication around security fixes in particular.
Yes, if dropping stable point releases, sub-version schema is still needed for clear communication in OSSAs and proposed continuous releases notes. One issue is how would we provide source tarballs, statically hosting tarballs for each and every micro version is not realistic, also those wouldn't be signed. RPM packages traditionally expect pristine upstream tarballs which can be verified and generating them from git is not reproducible e.g. right now in nova stable/kilo branch: python ./setup.py sdist mv dist/nova-2015.1.1.dev20.tar.gz dist/nova-2015.1.1.dev20.tar.gz-TAKE1 python ./setup.py sdist diff dist/nova-2015.1.1.dev20.tar.gz-TAKE1 dist/nova-2015.1.1.dev20.tar.gz Binary files dist/nova-2015.1.1.dev20.tar.gz-TAKE1 and dist/nova-2015.1.1.dev20.tar.gz differ Before dropping point releases, I would like to have: * idempotent sdist on the same SHA * dynamic tarball generation service like github archive * switch to micro-version i.e. current nova stable/kilo would be 2015.1.20 Cheers, Alan __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
