Comment 19 for bug 607895
Revision history for this message
| Aaron Bentley (abentley) wrote Re: [Bug 607895] Re: SourcePackageRecipes fail with private branches | #19 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/30/2010 01:20 PM, Rodney Dawes wrote:
> On Wed, 2010-07-28 at 22:29 +0000, Aaron Bentley wrote:
>> Rodney, your branch isn't necessarily private because it's for a
>> commercial project. It may be private because it is contains (or may
>> contain) fixes for security vulnerabilities. For example,
>> https:/
>> devel is private for this reason.
>>
>> You don't want to make this code available until you have publicly-
>> available packages that provide it. One way of getting publicly-
>> available packages is by building the recipe into a public PPA.
>> (Another is by building to a private PPA and then copying to a public
>> one.)
>
> OK. But it looks like Julian's reply from a few hours ago, seems to
> suggest this irrelevant to how the security fix builds are done.
Julian described how fixes are done by Ubuntu, but this feature is meant
for upstreams. It's not impossible that they would have a different
workflow. It's much the same as what Michael Lustfield wrote, or indeed
"(Another is by building to a private PPA and then copying to a public
one.)", as I wrote.
> And I
> think even in that case, you probably don't want to build to a public
> branch, if you're trying to keep it private.
I don't understand what that means. Do you mean "public PPA" not
"public branch"? If "that case" means Julian's description, he's not
describing building to a public PPA, so I don't understand what you mean.
Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://
iEYEARECAAYFAkx
UcQAni5xkd2/
=M8ql
-----END PGP SIGNATURE-----