1 [An updated version of the proposal sent to debian-devel-announce@l.d.o.
2 Debian-specific, but useful as a general overview of New Incoming.]
7 This document outlines the new system for handling Incoming
8 directories on ftp-master and non-US.
13 o incoming was a world writable directory
15 o incoming was available to everyone through http://incoming.debian.org/
17 o incoming was processed once a day by dinstall
19 o uploads in incoming had to have been there > 24 hours before they
20 were REJECTed. If they were processed before that and had
21 problems they were SKIPped (with no notification to the maintainer
27 o There's 4 incoming directories:
29 @ "unchecked" - where uploads from Queue Daemons and maintainers
32 @ "accepted" - where accepted packages stay until the daily
35 @ "new" - where NEW packages (and their dependents[1]) requiring
36 human processing go after being automatically
39 @ "byhand" - where BYHAND packages (and their dependents[1])
40 requiring human intervention go after being
41 automatically checked by dinstall.
43 In addition there's 3 support directories:
45 @ "reject" - where rejected uploads go
47 @ "done" - where the .changes files for packages that have been
50 @ "holding" - a temporary working area for dinstall to hold
51 packages while checking them.
53 o Packages in 'unchecked' are automatically checked every 15 minutes
54 and are either: REJECT, ACCEPT, NEW or BYHAND.
56 o Only 'unchecked' is locally world-writeable. The others are all,
57 of course, locally world-readable but only 'accepted' and 'byhand'
58 are publicly visible on http://incoming.debian.org/
60 o 'accepted' and 'byhand' are made available to the auto-builders so
61 they can build out of them.
63 o 'accepted' is processed once a day as before.
65 o Maintainer/uploader & list notification and bug closures are
66 changed to be done for ACCEPTs, not INSTALLs.
67 [Rationale: this reduces the load both on our list server and our
68 BTS server; it also gives people better notice of uploads to
69 avoid duplication of work especially, for example, in the case of
71 [NB: see [3] for clarifications of when mails are sent.]
76 o Security (no more replaceable file races)
77 o Integrity (new http://i.d.o contains only signed (+installable) uploads[2])
78 o Needed for crypto-in-main integration
79 o Allows safe auto-building out of accepted
80 o Allows previously-prohibitively-expensive checks to be added to dinstall
81 o Much faster feedback on packages; no more 48 hour waits before
82 finding out your package has been REJECTed.
87 o people who upload packages but then want to retract or replace the
90 * solution: mostly "Don't do that then"; i.e. test your uploads
91 properly. Uploads can still be replaced, simply by uploading a
92 higher versioned replacement. Total retraction is harder but
93 usually only relevant for NEW packages.
95 ================================================================================
97 [1] For versions of dependents meaning: binaries compiled from the
98 source of BYHAND or NEW uploads. Due to dak's fascist
99 source-must-exist checking, these binaries must be held back until
100 the BYHAND/NEW uploads are processed.
102 [2] When this mail was initially written there was still at least one
103 upload queue which will accept unsigned uploads from any
104 source. [I've since discovered it's been deactivated, but not,
105 AFAIK because it allowed unsigned uploads.]
111 unchecked -----------------------------[*]------> accepted ---------------> pool
119 [4] This is a corner case, included for completeness, ignore
120 it. [Boring details: NEW trumps BYHAND, so it's possible for a
121 upload with both BYHAND and NEW components to go from 'unchecked'
122 -> 'new' -> 'byhand' -> 'accepted']
projects / dak.git / blob