Fedora 22 is out and it’s again the most quality release we’ve ever released. Our quality assurance is improving and on the developer side, we’re also trying to do our best heavily using ABRT retrace server to prioritize bugs that affect many users. Unfortunately while the quality of releases itself is improving, the quality of updates that follow the release is not.
There are still too many regressions. I’ve installed Fedora on computers of my relatives and they’re happy with it, but sadly I can’t let them do updates themselves because there is still a high risk that they might end up with a broken system. I update their systems myself and always check whether everything is working when I pay them a visit. If we want to attract a larger user base, average users can’t be afraid to update their systems.
IMHO our current updates setup doesn’t ensure the required quality. It’s pretty much a “one-size-fits-all” approach. The kernel, the most critical part of the system, needs the same number of + karmas as some small unimportant, self-contained utility. Updates of critical components get to users too quickly without much of testing. I’ve got updates-testing repo enabled, but whenever I find a (critical) regression it’s very often too late because the update already got +3 karma and made it to the stable updates. Yeah, I already have the “Missed the train” badge 🙂
While Bodhi is too fast for standard updates, it’s too slow for critical security fixes. Especially in older supported releases (F20 now). There are not many testers willing to test updates there. The active community are usually early adopters who jump on new releases early and a several-month-old release is history to them. Then security updates just get stuck in Bodhi waiting for stable karmas.
What to do with it? I truly believe we need batch updates. One pack of updates, say, once a month. We would collect updates in updates-testing for 3-4 weeks, then freeze it for a week, so that even the latest updates have some time to be properly tested (I can imagine the pack of updates gets some more structured testing like our releases do for example). This way, individual updates would get much more time to be tested and the monthly update could be tested as a whole. I believe it would improve the quality of updates and users would not be under the fire of updates (it’s actually one of frequent complaints that there are too many updates in Fedora).
I don’t see a lot of downsides there. Who’d like to get updates as soon as possible could still enable updates-testing. This actually could build an even bigger community of update testers which would again help improve the quality of updates.
Any security updates? It’s clear that they can’t wait for a month to reach the users. They will need their own process. But I think it’s clearer and clearer that they will need their own process in the current setup as well. Maybe pulling in the security team which would evaluate proposed security updates and if they approve them as critical they will get into some fast track?