its time to start thinking about how we want to manage updates to openSUSE 11.2 when it is released. I think it is a good idea to incrementally open up the process of releasing updates to the community so that everybody can submit updates.
While talking to various people we came up with the following proposal:
- the openSUSE community proposes an update policy
- the openSUSE community comes up with a devel project layout for all packages in 11.2 (probably similar to the layout in factory)
- maintenance updates are triggered by asking for a SWAMPID in bugzilla like usual
- there will be an externally accessible "simple" interface to SWAMP where anyone can submit a patchinfo (this has to be developed). Due to time constraints we can not open up the internal workflow tracking to the outside as no proper ACL support can be implemented in time for 11.2.
- package updates can be submitted against openSUSE:11.2:Update
- A group of openSUSE people (both community and Novell internal, I suggest 5 people) reviews update submissions if they're in line with the opensuse update policy and coordinates their releases. Unclear how to bootstrap this group. This group is also responsible for handling security updates with coordinated release with care.
- To ensure timely release of security updates, each devel group for 11.2 must contain at least one Novell employee. We can think about relaxing this for future openSUSE releases.