Originally posted by Weasel
View Post
People work or send patches are partly effected by release cycle. Stackleak patches for Linux mainline shows this. Developer modified their patch they now have to wait for a release cycle to get it approved or rejected for include in next release. Why release is when a lot of projects run their final quality control checks. So something that has taken less than 30 mins of work can take 5 years to get included in the Linux kernel all due to the 90 day release effect and minor revisions required to get code to acceptable quality.
So how quick you patch will be reviewed is linked to the release cycle.
You don't want year long release cycles in most cases. 90 days is how long a CVE fault will be kept secret for. So to produce releases to deal with reported CVE faults you have to release roughly every 90 days. This is also to hide defective releases a bit.
90 days is a slow release cycle.
1-90 days is what you release cycle has to be inside. CVE rules set your upper limit. You min is set by how fast you can do quality control and packaging.
Wine development is fairly fast release cycle. Wine cannot go faster than 2 weeks without starting to effect those packaging with burn out. Wine is also at 2 weeks to at least give a tolerable turn around on driver caused breakages in wine.
Leave a comment: