[DONE] Whonix stable apt repository upgrades policy

Patrick · October 26, 2014, 1:08am

Until now I maintained strict policy for upgrades in Whonix stable apt repository:

only fix grave usability bugs, such as the Tor Browser 4.x compatibility fix
and of course also planned to also ship security fixes should issues be reported

This is similar to Debian stable.

The reason is, should I also add other upgrades before a major version and through testing, an upgrade could create a mess for everyone. Not as in security, but as in broken dependencies, upgrader and such stuff. The prevent such a worst case, this policy is in place.

I am considering to make an exception for packages that are not installed by default where the gain would be huge. The Whonix AppArmor profiles. (Whonix · GitHub)

Patrick · October 26, 2014, 1:13am

Patrick · November 1, 2014, 5:25pm

Assuming lazy consensus (News - Whonix Forum) here in 3 days.

HulaHoop · November 1, 2014, 7:08pm

I am considering to make an exception for packages that are not installed by default where the gain would be huge. The Whonix AppArmor profiles. (https://github.com/Whonix?query=apparmor-profile-)

I agree. They seem to be going substantial improvement all the time that I want to take advantage of much sooner than the next major release. Also the TBB changes and breakage it causes to apparmor profiles warrants a more dynamic release cycle for apparmor packages IMO.

troubadour · November 1, 2014, 7:33pm

Of course, I’m strongly in favor of making that exception. By the way, could you reply to igotwhonixd in Whonix Forum?

troubadour · November 1, 2014, 9:00pm

The reply should be to Whonix Forum.

Patrick · November 12, 2014, 11:56am

In the specific case of AppArmor it’s a bit more problematic. I’ll discuss the details here: