On Tue, Sep 28, 2021 at 02:38:33AM +0000, John Kehayias via Bug reports for GNU Guix wrote:
Toggle quote (2 lines)
> Thanks for coordinating this Leo. Is there anything else with huge rebuilds to push together?
which already existed for this purpose. I hadn't really noticed it
properly!
Toggle quote (6 lines)
> I don't want to keep finding and adding things, but two possibilities come to mind that I've just noticed:
>
> 1a. p11-kit #49957 https://issues.guix.gnu.org/49957
>
> I've just hit this bug on core-updates-frozen as well, though was originally reported on master. As I noted there, I tried to test with just grafts but didn't fix it for me (I'm guessing grafting won't work with that configure flag change). The patch matches how nix configures p11-kit as well, due to this bug.
If that bug primarily affects Flatpak, I suggest using the solution you
described, which is to create another p11-kit package and use it for
Flatpak.
Toggle quote (2 lines)
I think that's okay: everything is "out of date" on core-updates-frozen
at this point. We have to eventually settle on a dependency graph and
stick with it, or we'll never finish the cycle. If there are security
vulnerabilities, then we can fix them in the "normal way": with grafts.
It's not possible for us, with the processes and humanpower we have, to
make a working distro that is 100% up to date.
Toggle quote (4 lines)
> 2. (minor) Mesa has had a few more bugfix and major releases since my initial patch for core-updates-frozen. Now at 21.1.8 for the 21.1 branch (we have 21.1.6 currently), but 21.2 has also had stable releases, with 21.2.2. I previously built 21.2.1 and sent a patch for it, and could test 21.2.2 if we want to do that too.
>
> I'm aware this could continue forever, and #2 is likely lower priority. #1, though, should we consider p11-kit a critical update (version, at least) since we're still fixing core-updates-frozen?
Yeah, it could continue forever. Eventually we have to accept the bugs
we have on the branch and finish the work. We can't keep updating core
packages continually or we will never finish the cycle and deploy the
updates for users.
The changes that we make at this late stage of the core-updates cycle
are either 1) bugs that break functionality 2) critical security
problems that can't be fixed with a graft and 3) important fixes that
aren't expected to break other packages. Updating the time zone
database and shortening the Rust boostrap are examples of type 3.
If you still think 1a or 1b are important to include in the current
core-updates cycle, please let us know in #50358!