= phenomenon =
Release engineering retires packages once a release as documented in this SOP: https://fedoraproject.org/wiki/Retire_Orphaned_Packages
Since this happens only once per release, there are a lot of packages to be retired and lots of packages still depending on retired packages exist. Also since the orphaning of the package might have happened a long time ago, sometimes nobody know why it was orphaned or whether it is a good idea to just retire it.
= background analysis =
The long time frame between orphaning and retiring makes the task more complicated than necessary.
= implementation recommendation =
1) Allow to retire packages more often, e.g. retire once a week all packages that are orphaned for at least four weeks. Report other orphaned packages that are orphaned for less than four weeks when retiring packages.
2) Alterative: Decide that this is not in-scope for FESCo but something that rel-eng can decide on its own.
3) Leave the present status quo alone.
The problem as far as I can tell is that the length of time between a package being orphaned and retired means people don't remember why the package was retired. It's not explained why that in itself is a problem, but anyway.
The solution would be to extend Bodhi with a field so that when you press the Orphan button it asks you to say why the package is being orphaned. Alternately a simpler solution is to mandate that people post the reason on Fedora-devel (which almost everyone does already anyway).
yopu can no longer retire a package in the pkgdb webui it can only be done on the cli using fedpkg retire and it requires a reason. The biggest issue as I understand it is that say a package is orphaned a month after f21 goes stable it will sit in f21 untouched for a year before being removed. possibly also making f22 and sitting there unmaintained. if there is a security bug no one is working on it and it will likely not get fixed. additionally we can not remove packages from stable fedora's as the release content from GA is static for the life of the release, which is why we do not allow packages to be removed. we would need to implement someway to remove removed packages from a system, while allowing a user to keep it if they wanted. there is a lot of things to consider here.
FESCo agreed on today's meeting that there needs to be a broader discussion on this topic.
rjones please bring this up on the devel list for discussion. Thank you.
I'm removing the meeting keyword for now.
There was some discussion on list, but no clear outcome.
Sticking meeting keyword back on to see what FESCo would like to do.
agreed allow retiring of non stable release packages after they are orphaned for 6 weeks. (+7,0,0)
So, we would like the timeframe to be 6 weeks instead of 4, but otherwise automation of this welcome.
to comment on this ticket.