stevenmHey since 11.04 Firefox has been automatically updated to whatever the latest version is in the 'main' repo.  However you'd expect with something like 12.04 LTS and 14.04 LTS all packages would be frozen for new featues/major versions and it'd be security and bug fixes only12:59
stevenmSo I'm wondering what other packages get this exception to the rule - and where more documentation can be found about these exceptions?12:59
stevenmThunderbird maybe?13:00
stevenmlooks like that has an exception too as version 31 is in precise (12.04)13:01
stevenmso is it just mozilla stuff that gets an exception?13:01
stevenmwell since this is dead don't mind me if I reask this in another channel13:20
mdeslaurstevenm: https://wiki.ubuntu.com/StableReleaseUpdates/MicroReleaseExceptions14:02
stevenmmdeslaur, ah thanks - didn't know what it was called14:06
stevenmit seems LibreOffice is in there - do you know how you interpret this?      LibreOffice (2012-06-25); provisional → full on 2014-05-2714:06
stevenmis it somehow expaining why it wasn't updated in 12.04 - but maybe will be getting microupdates in 14.04?14:07
mdeslaurstevenm: it did go from 3.5.2 to 3.5.7 in 12.0414:09
mdeslaurthat's because of the exception14:09
stevenmmdeslaur, but the current 'Still' (stable) release from the LO team is 4.214:09
mdeslaurthe microrelease exception doesn't typically cover major versions14:10
mdeslauronly minor versions14:10
mdeslaurthe only exception to that is when, for security reasons, it's only possible to update to the latest release14:11
mdeslaurlike with firefox for example14:11
mdeslauror clamav14:11
stevenmwell you can't tell me that between version 10 of firefox and version 35 - that isn't major14:11
stevenmthat's the jump which 12.04 has made14:11
mdeslauryes, it's major, but there is no viable alternative to doing that14:12
stevenmsorry I'm still not understanding why14:12
stevenmare you saying it's because mozilla don't backport their security updates?14:13
mdeslaurevery firefox release fixes a large number of security issues. we used to attempt to backport them into the version that shipped in ubuntu, but as the code was rapidly changing, it was becoming more and more difficult to do so14:13
mdeslauruntil we hit the point where attempting to do that was futile14:14
stevenmsurely the LO team don't do security fixes in anything other than their current 'Still' and 'Fresh' releases - so surely it should be the same for them14:14
stevenmi.e. to get relevant security updates for the 3.5.7 LO - you'd need to go to 4.214:14
mdeslauryes, but LO has one or two security issues each year, and they are trivial to backport, so we handle that just like we do every other piece of software in ubuntu14:14
mdeslaurwe backport security fixes for all packages, except the ones that aren't feasible14:15
mdeslaurlike firefox14:15
stevenmand thunderbird?  surely that doesn't get that much work done on it as firefox14:15
stevenmbut I notice that's bang up to date14:15
mdeslaurthunderbird uses the same engine as firefox, so has the same massive amount of security vulnerabilities each month14:16
stevenmooh it's like their sneaking under the radar because of a technicality14:17
mdeslaurbasically, off the top of my head, firefox, thunderbird, clamav, chromium, mysql get whole new versions14:19
stevenmand for LO to get 'whole new versions' - they'd basically have to have more bugs?14:20
stevenmsee it especially annoys me as there is no PPA for LO 'Still' - there is a PPA for 4.2 (which is 'Still' - currently) but not one that'll have whatever is currently 'Still'14:21
stevenmi've raised it with the maintainer of the LO PPA's and he's reluctant to add another14:21
stevenmand LO themselves - although they themselves create .deb's and offer them as .tar.gz's on their site - refuse to just make the .deb's available in a http debian repo14:21
mdeslaurdoing whole new versions is _a lot_ more work than simply fixing the versions that shipped with the release.14:22
stevenmso in other words no automatic stable updates for LO14:22
mdeslauras typically whole new versions want whole new versions of a bunch of libraries, etc.14:22
stevenmtrue - i haven't found that with LO though - the fresh and stable releases today will still work on 10.04 afaik14:23
stevenmhmm actually 12.04 is the oldest prob14:23
stevenmbut 10.04 is dead of april anyway (5 years isn't it?)14:24
gQuigsstevenm: I pushed for a similaar thing for LO.. https://blueprints.launchpad.net/ubuntu/+spec/client-1308-rolling-libreoffice  .. seems it was squashed14:24
stevenmgQuigs, I pushed too - first for a better PPA ... https://bugs.freedesktop.org/show_bug.cgi?id=8831814:24
stevenmthen to the LO team to run their own repo... https://bugs.freedesktop.org/show_bug.cgi?id=8832214:24
stevenmno luck on either side14:24
stevenmit did get me a few email exchanges with Bjorn though14:25
mdeslaurI do agree LO is one of those packages you really do want a more recent version14:25
mdeslaurhopefully we'll be moving to a model that will make it easier to separate the applications from the base os14:26
stevenmmdeslaur, like official official ppa's? :D14:26
mdeslaurno like, os for the base and an app store for the applications14:26
mdeslaursee ubuntu touch14:26
stevenmi.e. canonical maintained seperate repos for apps - (kinda like partner?)14:26
mdeslaurand ubuntu snappy14:26
* gQuigs has been wondering if libreoffice would be considered an app or a framework in that model... or have to be split up14:27
mdeslaurand upstreams like libreoffice will be empowered to deliver their application directly to their users14:27
stevenmgQuigs, well technically you can install only the apps you want from LO14:27
gQuigsstevenm: it has a AFAICT very simplified dependency system... basically every app has to include the dependencies it needs14:28
stevenmdo either of you know anything about PPA's - an idea I put to Bjorn was basically a 'PPA Alias' - i.e.  ppa:libreoffice/libreoffice-still was a pointer to ppa:libreoffice/libreoffice-4-214:29
stevenmhow possible is that do you know?14:29
stevenmsee I'm all in favour of firefox having an exception (but tbh mainly because I see Ubuntu as a desktop OS as I only use debian for servers)... but it's not because of the security backporting headache - it's because I want an up to date browser (and frankly if it was installed on windows it'd self update anyway)14:30
stevenmLO needs that exception - but obviously not for security backporting reasons14:31
mdeslaurwell, the problem is that half the users want stuff to update, and the other half don't14:31
mdeslaurhalf of server users want the latest and greatest php, and the other half want php to stay at the same version so their apps don't keep breaking14:31
stevenmI'd submit - the first half use it only for desktops, the second half are also using it (or solely for) servers14:31
gQuigsmdeslaur: I surveyed enterprise customers as part of that proposal, not one of them objected to an exception for LibO14:32
stevenmwell those wanting an up to date php in 'main' are just plain silly14:32
gQuigsmost enterprise customers end up having to run a LibreOffice PPA for compatibility or other reasons14:32
mdeslaurgQuigs: yeah, LO sounds like one of those that make sense, I agree with that14:32
stevenmgQuigs, yeah well I'm using it at work too - 3.5 couldn't open some things14:33
mdeslaurstevenm: you'd be surprised how often server users request the latest and greatest php14:33
stevenmwell it's lovely to feel like I'm not alone in feeling this - but I've no idea how to communicate our joint feelings successfully  - is there a road from here we can all take together in getting the point over?14:33
stevenmmdeslaur, as someone who builds servers regularly I stick to what is stable and in the main repo... I only stay when *absolutely* required and don't mind using a 3rd party (or host my own) repo to do so14:34
stevenmif php was updated all the time in main - its keep 5% happy and cause a headache for another 95%14:34
mdeslaurwell, debian has now moved to updating to php minor releases14:35
stevenmminor isn't so bad - nothing gets deprecated function wise between minor does it?14:35
gQuigsI'd guess for majority of major open source PHP apps, there would be little effect..  even if it started rolling to major releases (after testing of course...)14:35
gQuigscustom apps would be the issue14:36
mdeslaurstevenm: no, you just get a whole slew of new regressions14:36
mdeslaurbut, anyway14:36
stevenmso gQuigs / mdeslaur in terms of LO - what can be done by us?14:36
mdeslaurpay someone to maintain a PPA?14:37
* mdeslaur shrugs14:37
stevenmPPA kinda already exists like I said - it's just people need to keep changing it for the next thing labelled as 'Still'14:37
stevenmif a PPA alias was possible it'd help14:37
gQuigstry to get an exception revisted... I don't know what happened the first time14:37
stevenmor PPA redirect - whatever14:37
mdeslaurstevenm: I'm not sure what you mean by that...there should be a "still" ppa that gets whatever the latest version is14:38
stevenmmdeslaur, nope14:38
stevenmmdeslaur, but there is one for fresh14:38
mdeslaurstevenm: by that I mean "someone should..."14:39
stevenmoh I see :)14:39
gQuigsactually it is pretty easy to copy packages from one PPA to the other.. I'm guessing the issue is when do you cut over to still14:41
gQuigsif you're on 4.5.7, do you want to move 4.6.0 the second it come sout?14:41
gQuigsor just when 4.6.3 is released14:41
stevenmwell 4.2 is still - 4.3 will become still when the LO project says so14:43
stevenmi'd content to go on the author of the softwares recommendation14:43
stevenm*i'm content14:43

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!