Daniele Nicolodi: > On 10/03/2019 15:07, Wietse Venema wrote: > > You are looking from the "we made improvements" angle. I am looking > > from the "with hard work, we introduce 1 bug in 1000 lines of new > > code" angle. > > > > In the TLS library there were 1039 additions and 559 deletions from > > Postfix 3.3.3 to 3.4.1 (diff -bur --new-file for 'c' and 'h' files > > only, excluding proxy-related code). That count does not distinguish > > between low-impact changes that affect only nearby code, and > > high-impact changes that affect multiple lines, such as global ifdefs. > > > > The changes among those 1600 lines that 'broke' intended functionality > > are 'easy' to weed out - just wait for people to to report breakages. > > Such a reactive approach might be acceptable in some projects. > > > > I am concerned about the changes among those 1600 lines that did > > NOT break intended behavior, but that introduced some other problem. > > > > What is the basis for confidence that no such problems have been > > introduced, if we obviously missed multiple things that could have > > been found with simple tests? > > I have no say in the development of Postfix, however I believe another > interesting question that should be asked is: what is going to make you > more confident in the releasing those changes later this year with > Postfix 3.5? Are there circumstances for which more testing and code > auditing will happen if the code is not released?
Because we won't be changing 1600 lines in a critical library two months before the release. Wietse