Open Stack

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 05/29/2015 11:46 PM, Haïkel wrote:
> A release version makes it easy to know what fixes are shipped in a
> package. If you rebase on stable branches, then you can just put
> the git sha1sum (though, it's not very friendly) in the version,
> and leverage git branch --contains to find out if you fix is
> included. Some distributors may choose to use their own release
> scheme, adding complexity to this simple but common problem. Other
> may choose to cherry-pick which adds more complexity than the 
> previous scenario.
> 
> Let's say you're an operator and you want to check if a CVE is
> shipped in all your nodes, if you can't check with just the release
> version, it will be complicated. It could be a barrier for
> heterogeneous systems

Is it possible to give tagging permissions to projects themselves? No
time synchronization between projects, no freeze dates, nothing, just
SemVer compatible version bumps e.g. once per two weeks or month.
Would it fix your problem?

Ihar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJVbBp7AAoJEC5aWaUY1u57GugH/3JL9Izi7zULUHMCkPwsjE+w
qmkd25f3tMj9GxHpv8CbmLyz3H+5MtZfJHgX+AJYhkX/nF0SRkVvURdbYEDD4mrB
8w8W8nieD02KgWtglmIvulJs3atYmrXpLf38s7aWkciIp3MuUI0qEQ2LzZSV8JJq
50igFTle6IRR6NVbf391+nxYO33Eqv8Ckw7wVknJX22V2HueJuDzIgqGZeIOzfu4
drqzqSua2ZBhAJVR3bscdV+hSVieW2c2C9BLPaL3gG8/SD/7Qt/Ilj2lWgcTyAiy
LIHZt4sq7KPbm2AULItO+HooGHlNJLVL1yoBK4yFO+KvPNIZvtaF91YJ2+hn1UQ=
=Apa3
-----END PGP SIGNATURE-----