On 08/09/2016 09:25 AM, Ian Cordasco wrote: > > > -----Original Message----- > From: Sean Dague <s...@dague.net> > Reply: OpenStack Development Mailing List (not for usage questions) > <openstack-dev@lists.openstack.org> > Date: August 9, 2016 at 05:44:55 > To: openstack-dev@lists.openstack.org <openstack-dev@lists.openstack.org> > Subject: Re: [openstack-dev] [requirements] History lesson please > >> On 08/09/2016 02:38 AM, Tony Breeds wrote: >>> Hi all, >>> I guess this is aimed at the long term requirements team members. >>> >>> The current policy for approving requirements[1] bumps contains the >>> following text: >>> >>> Changes to update the minimum version of a library developed by the >>> OpenStack community can be approved by one reviewer, as long as the >>> constraints are correct and the tests pass. >>> >>> Perhaps I'm a little risk adverse but this seems a little strange to me. Can >>> folks that know more about how this came about help me understand why that >>> is? >>> >>> Yours Tony. >>> >>> [1] >>> https://github.com/openstack/requirements/blob/master/README.rst#for-upgrading-requirements-versions >>> >> >> With constraints, the requirements minimum bump is pretty low risk. Very >> little of our jobs are impacted by it. >> >> It's in many ways more risking to leave minimums where they are and bump >> constraints, because the minimums could be lying that they still work at >> the lower level. >> >> -Sean > > I maintain a few libraries outside of OpenStack that have generous lower > limits and testing them is resource intensive both as a developer and in > continuous integration. I'd love to see OpenStack be *more* aggressive about > the oldest version it supports because in most cases I severely distrust the > version ranges we use. I do recognize, however, that we have to coordinate > with some distributions that will not update their packaged versions (which > are often an old version number with security patches poorly cherry-picked). > So you may need to coordinate with them before bumping version minimums as > well. > > -- > Ian Cordasco > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >
One of the things on our todo list is to test the 'lower-constraints' to make sure they still work with the head of branch. -- -- Matthew Thode (prometheanfire)
signature.asc
Description: OpenPGP digital signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
