zimoun writes: > On Fri, 11 Sep 2020 at 08:56, Ludovic Courtès wrote: >> To me the proposal is more about introducing scheduling priorities. For >> these packages, it’s indeed safe to assume that every new release brings >> security fixes. > > Why would some packages be prioritized on the build farm than others? > Based on what? Which criteria? There are two aspects that make ungoogled-chromium, icecat and linux-libre special: - long build time - security critical If a user cannot run the newest ungoogled-chromium, icecat, or linux-libre due to too high build times (so it can for example only be built on a weekend, but not on a weekday when the computer is only active for a few hours), then this user is prone to be hit by zero-day vulnerabilities. So the minimal criterion would be: Protect users from zero-days. For ungoogled-chromium, icecat, and linux-libre, two factors match: - the chance is very high that an update fixes a vulnerability, and - they take so long to build that many users won’t be able to do it right away. I certainly can’t: I cannot update ungoogled-chromium during work-time because the compile is so heavy on resources, that it considerably slows down my work. Best wishes, Arne -- Unpolitisch sein heißt politisch sein ohne es zu merken