path: root/doc/release_policy.rfc.txt
diff options
authorNils Gillmann <>2018-05-02 15:52:43 +0000
committerNils Gillmann <>2018-05-02 15:52:43 +0000
commitb9cec4048a55fde82c1ef48187329e16efb6598d (patch)
tree940990215297e422d289402232a1728121f73413 /doc/release_policy.rfc.txt
parentb91002ea10d9770da6b2d97edf28e896c01e0edf (diff)
Move release_policy.rfc to doc and add txt extension
Signed-off-by: Nils Gillmann <>
Diffstat (limited to 'doc/release_policy.rfc.txt')
1 files changed, 190 insertions, 0 deletions
diff --git a/doc/release_policy.rfc.txt b/doc/release_policy.rfc.txt
new file mode 100644
index 000000000..fd4118742
--- /dev/null
+++ b/doc/release_policy.rfc.txt
@@ -0,0 +1,190 @@
+********************* Release Policy (RFC) ****************************
+We suggest this structure of the proposal document as part of a tiny
+social process in order to find a decision in a cooperativ and common
+I. Driver
+(What is the problem and what solution did we find?)
+The problem for the GNUnet community stated here is how to evolve the
+GNUnet team and code organization, so that developing code gets
+attractive again and using GNUnet for testing purposes or even for some
+little usecases becomes easier. In the current organizational model
+bugs tend to accumulate until they are not managable or overwhelming,
+however, it's clear, that every release candidate should be free from
+known bugs. There is more. Devs and user need to feel progress to have
+"Erfolgserlebnisse" (roughly: "sense of achievement") and recognition,
+like a new release, a "product" they have contributed to, listing new
+features with short description of amazing privacy preserving use cases.
+A possible solution to this problem might be a new and lightweighted
+release model with git.
+Release Models with git:
+Option 1:
+ * code organization and branching
+ * master branch is release branch, tagged with different version
+ numbers development occurs in little side branches
+ * mature code resides in a staging branch for testing and quality
+ management
+ * release process
+ * development in little side branches
+ * if code is mature, merge with staging branch and do testing,
+ * static/dynamic analysis and code audits if checks are okay, merge
+ with release branch and tag with new version number
+Option 2:
+ * code organization and branching
+ * master branch is development branch
+ * further development task can be done in other side branches
+ for every release candidate exists a new branch called after the
+ version number
+ * release process
+ * development in master and side branches
+ * if code of side branches is mature merge with master branch
+ * if code in master branch is mature, create if not existant a new
+ * release branch called after the new version number and merge with
+ master
+ * in the release branch do testing, static/dynamic analysis
+ and code audits
+ * if checks are okay, tag as release candidate
+Option 3: (What we really do right now)
+* changes that are not expected/known to break anything go into master;
+ we may be wrong, better CI may allow us to detect breaking changes
+ before merges in the future (but we shall never fault anybody for
+ breaking stuff in master in non-obvious ways);
+* experimental development happens in branches, created by individuals
+ or groups as they see fit. They are encouraged to merge often (if that
+ would not break anything) to avoid divergence and to detect issues from
+ a merge/rebase early.
+* actual _release policy_:
+ - tests must pass
+ - no compiler warnings for -Wall
+ - acceptance tests (manual feature test) must succeed
+ - no known "release critical" bugs (where RC has no formal definition,
+ mostly we rather explicitly declare certain bugs as "not critical")
+ o buildbots are happy (if running)
+ o static analysis is happy (if available, false-positives => ignore)
+ o documentation is reasonably up-to-date
+ + reasonable test coverage (if too terrible => move subsystem to experimental?)
+ + texinfo (HTML+PDF) and doxygen happy? Ideally without warnings!
+ + nobody screaming bloody murder because of almost-completed features/bugfixes
+ almost ready to be merged?
+ Legend: -: absolutely mandatory; o: important; +: nice to have
+Option 1 and 2 are two flavours describe in
+II. Evaluation Criteria
+(what are criterias to interprete the results as success if we review
+the problem and solution after a year or so)
+III. Concerns (of team members)
+(if there are concerns of team members, write them down here to later
+I disagree that "bugs tend to accumulate until they are not managable".
+The real issue is that neither writing testcases nor fixing bugs are
+fun tasks volunteers like to do. As you write yourself: you want a
+sense of achievement, recognition, "new features". So as long as that
+is what you are motivated to do, you will not get stable, well-tested
+code. I don't have a magic bullet to motivate you to write more tests,
+or to improve existing tests. -CG
+I also disagree that releases have to be 'known bug free'. That bar is
+way too high. However, there are obviously 'critical' bugs, but what
+they are is another debate. But not all bugs are critical. Also,
+I would distinguish between 'standard' and 'experimental' subsystems.
+Experimental subsystems should build. They don't have to run, or do
+anything useful. Not even tests have to pass for a release IMO. -CG
+Git is also not a "release model". Git is a software development
+tool. But introducing branches in Git won't fix bugs. It also won't
+improve test coverage. It won't test the code on a broad range of
+platforms. It also doubt it will give you the recognition you crave.
+More importantly, what you describe is already happening, and
+partially has contributed to the problems. Bart kept his own CADET
+hacks in his personal branch for years, hence without much feedback or
+review. The SecuShare team kept their patches in their own branch,
+hence revealing interesting failure modes when it was finally merged.
+Martin kept some of his ABE-logic in his own branch (that one was
+merged without me noticing major problems). Anyway, what you propose
+as Option 1 is already largely done, except that certain CI tasks
+simply cannot be productively done pre-merge right now (and I'm all
+for improving that situation). -CG
+Finally, there is one last elephant with respect to branches and
+merging that I would like you to consider. Given that GNUnet is highly
+modular, you have largely benefited from the modular architecture and
+been able to hack in your respective corners, unaffected by other
+modules (modulo bugs in dependencies). That is great, and the desired
+development mode. It has the critical advantage that bugs in modules
+that nobody depends upon (auction, rps, social) can be in 'master' and
+won't disturb anything. As most new development usually happens on the
+leaves of the dependency graph, that is great. However, occasionally
+there are architectural changes. Not of the type where the graph
+changes, but where key API assumptions change. We recently had one for
+the GNU Name System with the dropping of ".gnu". Before, CADET
+changed the semantics and paramter for 'port'. In the future, CORE
+will introduce protocol versioning. Whenever such a change happens,
+it usually falls upon the person making that change to update
+dependencies as well (or at least to work with people who hack on the
+dependencies to coordinate the adjustments). That way, changing an
+API for in-tree dependencies is a minor nuisance. However, if
+branches exist, making sure that API changes do not break _any_ branch
+somewhere is impractical. So at least at times where "major" API
+rewrites are happening, it is important to minimize the number of
+branches. -CG
+IV. Doing
+(who does what within which time frame?)
+Let me list what I think needs doing:
+1) Better CI setup: build on multiple platforms, build of
+ "arbitrary" branches, reporting of regressions with
+ decent diagnostics (!) to developers (not the crap
+ Gitlab gives where I don't even easily get a stack
+ trace on a core dump).
+2) A culture of fixing "other people"'s bugs: test case failures,
+ portability issues, Mantis reports, all the non-sexy
+ stuff. Not the 'psycstore' was written by tg, so no
+ need for !tg to try to fix it, or the "I use sqlite,
+ why should I bother with postgres?"-crap I have heard
+ too often.
+3) Improving test cases: better code coverage, more corner
+ cases, complex deployment scenarios (NAT!), etc.;
+ less manual testing by hand, more writing automated
+ tests.
+4) There are also some bigger architectural changes ahead
+ that I have mentioned in other places. Without those,
+ we won't be able to serve non-expert users. So help
+ with those would be welcome, but in terms of _process_
+ I think 1-3 is what matters.
+Note that none of this really adds up to a "release policy".
+V. Previous Versions
+(if we found some flaws in the solution, and we want to change the
+release policy, we document the old ones here als previous versions.
+the goal is establish a learn process.)
+IV. References
+(if there are references to paper, web pages and other sources.)